This ACH Origination Agreement (“ACH Agreement”) between you (“Merchant” “you” “your”) and GrailPay Holdings, Inc. (“GrailPay” “we” “us”) sets forth the terms and conditions of the ACH services provided to the Merchant by GrailPay (“ACH Services”) which allow the Merchant to initiate credit and debit Entries by means of the Automated Clearing House (“ACH”) network, pursuant to the Operating Rules and Operating Guidelines of the National Automated Clearing House Association (“NACHA”), as updated by NACHA from time to time (“NACHA Rules”). Capitalized terms shall have the definitions ascribed to them in the NACHA Rules. References to the Uniform Commercial Code or “UCC” shall refer to the UCC as adopted by the State of New York.

This ACH Agreement supplements the terms and conditions set forth in the Master Subscription Agreement (“MSA”) and is incorporated into the MSA by reference. Entries submitted to GrailPay under this ACH Agreement shall be processed through Grasshopper Bank, N.A. (“Bank”), which shall serve as the ODFI in respect of such Entries. Bank is a third party beneficiary of, but not a party to, this ACH Agreement.

1. COMPLIANCE WITH RULES AND LAWS. Merchant agrees to be bound by the NACHA Rules. Furthermore, Merchant represents and warrants that the origination of ACH transactions and all such actions of Merchant contemplated in this ACH Agreement, including the preparation and transmittal of Entries and payment orders, shall comply with Applicable Laws (specifically including, without limitation, the laws of the United States, including federal and state laws or regulations), and Merchant agrees not to originate Entries that violate such Applicable Laws. Merchant acknowledges that GrailPay will charge the Merchant with any fines or penalties imposed by NACHA, Bank, Regulatory Authority or other third party which are incurred as a result of an act or omission of the Merchant or any of its service providers, customers or end users, and the Merchant agrees to fully reimburse and/or indemnify GrailPay and the Bank for such charges or fines. GrailPay and/or Bank may terminate or suspend the Merchant’s use of the ACH Services due to Merchant’s breach of the NACHA Rules, Applicable Laws, the MSA, or this ACH Agreement. Unless approved by GrailPay in writing, Merchant shall only submit Entries for its own account and shall not submit any Entries on behalf of another person who would be deemed an “Originator” under the NACHA Rules. Merchant acknowledges receipt of a copy or has access to a copy of the NACHA Rules. The NACHA Rules are available at www.achrulesonline.org. GrailPay will work with the Bank to provide reporting information to NACHA regarding Merchant, including if the return rate for unauthorized Entries exceeds the Unauthorized Entry Return Rate Threshold, the Administrative Return Rate Level or Overall Return Rate Level, and all other reporting as required by the NACHA Rules. NACHA, in its role of overseeing the safety, security, and viability of the ACH network has determined that certain single-use or limited-use consumer authorizations have the potential to increase risk in the ACH system and compromise system effectiveness by increasing the incidence of returned Entries. Therefore, Merchant hereby warrants to GrailPay and Bank that for each such ACH Entry submitted for processing, Merchant has obtained all authorizations from the Receiver as required by the NACHA Rules, by Regulation E or other Applicable Law, and all other conditions or prerequisites to the submission of such Entry has been satisfied prior to Merchant’s initiation of such Entry. In respect of each Entry, Merchant also makes all warranties to GrailPay and Bank that an Originator is required to make under the NACHA Rules, all representations and warranties set forth in Section 4(b) of this ACH Agreement, and the additional warranties that Bank makes to each RDFI and ACH Operator under the NACHA Rules for the respective SEC codes for Entries originated by Merchant. MERCHANT INDEMNIFIES AND HOLDS GRAILPAY AND BANK HARMLESS FROM ANY LIABILITY ARISING OUT OF MERCHANT’S BREACH OF THESE WARRANTIES.
   ‍
   For purpose of this ACH Agreement, “Applicable Law” means any federal, foreign, provincial, state and local laws, statutes, rules, regulations, executive orders, supervisory requirements, directives and other official releases of any Regulatory Authority, supervisory objection, judicial or administrative interpretations, NACHA Rules, and any rules or requirements established by a Regulatory Authority, in each case as amended, consolidated, supplemented or replaced from time to time, that are related to, or otherwise applicable, to this ACH Agreement, the ACH Services, and/or the services to be provided by a party under this Agreement. “Regulatory Authority” means NACHA, any other payment network, and any federal, state or local regulatory agency, tax authority, other governmental agency or authority having jurisdiction or authority over this ACH Agreement, the ACH Services, either party or their affiliates, or any of their respective subcontractors, including but not limited to the Board of Governors of Federal Reserve System, the Consumer Financial Protection Bureau, the Federal Deposit Insurance Corporation, the Federal Trade Commission, the Financial Crimes Enforcement Network, or any state banking regulator.
   ‍
2. APPROVAL. Merchant shall not submit any Entries prior to receiving approval from GrailPay to use the ACH Services for the purpose for which any such Entry is submitted.
   ‍
3. DESIGNATION OF ADMINISTRATOR. In order to originate ACH Entries, Merchant must designate at least one administrator (“Administrator”) who shall be responsible for designating users (“Users”). Merchant authorizes Users to issue Entries on its behalf.  For the purposes of this ACH Agreement, the term User shall also include the Administrator. GrailPay shall be entitled to rely on the designations made by the Merchant’s Administrator(s). GrailPay shall be entitled to deem any person having knowledge of any Security Procedure, defined below and permitted to initiate Entries under this ACH Agreement, to be a User and Merchant grants permission to GrailPay to generate a NACHA File to process such User initiated Entries, and to process and execute any NACHA Entry or File generated or initiated by a User. Merchant agrees that any such online Entries shall comply with GrailPay and the Bank’s Security Procedures, which are subject to change upon notice to Merchant. Merchant agrees to promptly notify GrailPay, according to notification procedures prescribed by GrailPay, if the authority of any Administrator or User shall change or be revoked. Such revocation shall be deemed effective after Merchant has terminated the User or Administrator’s credentials and access to systems through which the User or Administrator accessed the services subject to this ACH Agreement, and GrailPay has had a reasonable opportunity to act on the notice provided by Merchant of the revocation of authority. In addition to following the Security Procedures, Merchant agrees to adopt and implement its own security procedures to safeguard the security and integrity of all software, devices, platforms, and credentials that may be used by any User or any other person to submit Entries or use any other feature of the ACH Services, and ensure they are not used by anyone who is not authorized to use the ACH Services or submit Entries on behalf of the Merchant. Any actions taken using an Administrator or User’s credentials that provide access to the services subject to this ACH Agreement shall be presumed to be authorized by Merchant and GrailPay and Bank may rely on such actual or apparent authority.
   ‍
4. TRANSMISSION OF ENTRIES BY MERCHANT.
   a. Origination. Merchant authorizes GrailPay (through Bank its capacity as ODFI) to originate ACH Entries on its own behalf to the Receivers’ accounts. Merchant shall initiate Entries and transmit to GrailPay a corresponding File and all information necessary for GrailPay to effectuate ACH transactions in accordance with the NACHA Rules and with GrailPay’s and Bank’s written requirements for ACH transactions, as may be amended by GrailPay and Bank in their sole discretion from time to time, and which includes the information set forth in Schedule A to this ACH Agreement.
   ‍
   b. Representations and Warranties. In connection with each Entry transmitted based on such information, Merchant represents and warrants: (i) each Entry is made in accordance with each of the general ODFI warranties set forth in Sections 2.4.1, 2.15.2 and 5.2 of the NACHA Rules; (ii) each individual and entity shown as Receiver of an Entry has (1) authorized initiation of such Entry, and (2) authorized Merchant, GrailPay, Bank and their respective service providers to credit or debit its account in the amount and on the ACH Settlement Date, as shown on such Entry; (iii) the form and substance of such Receiver authorization complies with the NACHA Rules; (iv) such Receiver authorization remains effective as of the time of transmittal, crediting or debiting by GrailPay or Bank; (v) such Entry is initiated by Merchant in connection with the ACH Services; and (vi) such Entry does not violate Applicable Law or NACHA Rules.
   ‍
   c. Format of Entries. Merchant shall transmit or deliver Entries to GrailPay in computer readable form to the locations(s) specified by GrailPay and in compliance with the formatting and other requirements set forth in the NACHA File specifications or as otherwise specified by GrailPay.
   ‍
   d. Timing of Entry Submission. Entries shall be transmitted to GrailPay’s designated location not later than the time and the number of days prior to the effective date specified in the Processing Schedule attached as Schedule B to this ACH Agreement. For the purposes of this ACH Agreement, “Business Day” means Monday through Friday, excluding certain federal holidays on which Bank is closed. Entries received after 12:00 pm EST for Same Day ACH and 3:00 pm EST for Next Day Settlement (“Cutoff Time”) shall be deemed to have been received on the next Business Day. The dollar amount of each Entry and total dollar amount of Entries transmitted by Merchant to GrailPay on any one Business Day or other frequency shall not exceed the limits set forth in Schedule D or as subsequently set forth by Bank, or requested by Merchant and approved by GrailPay and Bank. Merchant may not reinitiate Entries except as prescribed by the NACHA Rules.
   
   e. Without limiting the foregoing, Merchant agrees to comply with the notice requirements set forth in the NACHA Rules, the Electronic Fund Transfer Act, and Regulation E, as applicable, in connection with preauthorized debit Entries from a consumer’s account. Before the initiation by Merchant of the Entry to a Receiver’s account, Merchant shall obtain from the Receiver an authorization to initiate one or more Entries to the Receiver’s account, which authorization shall comply with Regulation E and the NACHA Rules. Preauthorized debit Entries to a consumer account must be authorized in a writing signed or similarly authenticated by the Receiver. Electronic writings must meet the requirements of Applicable Laws, and must comply with the NACHA Rules and Electronic Signatures in Global and National Commerce Act. Merchant shall provide the Receiver with a copy of such authorization whenever required to do so.  If the amount of a debit Entry to a Receiver’s account varies in amount from the previous debit Entry relating to the same authorization or preauthorized amount, Merchant shall, at least ten (10) days before the Effective Entry Date of such debit Entry, send the Receiver written notice of the amount of such debit Entry and its Effective Entry Date, unless the Receiver has previously been notified of Receiver’s right to receive such notice and Receiver has elected to receive such notice only when the debit Entry does not fall within a specified range of amounts or varies from the most recent debit Entry by an agreed amount. If any change is made by Merchant in the scheduled Effective Entry Date of one or more debit Entries, Merchant shall, at least seven (7) days before the Effective Entry Date of the first such debit Entry to be affected by such change, send the Receiver a written notice of the new Effective Entry Date(s) of such Entry or Entries.
   
   f. Authorization Retention. Merchant shall obtain an authorization (“Authorization”), as required by the NACHA Rules from the Receiver whose account will be debited or credited as the result of an Entry initiated by Merchant.  Merchant must retain the original or a copy of each written authorization of a Receiver, or a readily and accurately reproducible record evidencing any other form of authorization, for two (2) years from the termination or revocation of the authorization, or such longer period required by GrailPay or Bank.  Upon request, Merchant must provide the original, copy, or other accurate record of the Receiver’s authorization to GrailPay in such time and manner as to enable GrailPay and Bank to deliver the authorization to a requesting RDFI within ten (10) Business Days of the RDFI’s request. Credit Entries subject to UCC Article 4A require additional notice to the Originator under NACHA Rule 2.3.3.2. For non-consumer credit Entries, UCC 4A, as adopted by New York, applies. Merchant acknowledges credit given to or by the RDFI to the Receiver is provisional until the RDFI has received final settlement through a Federal Reserve Bank or otherwise received payment as provided under Article 4A of UCC. If the RDFI does not receive payment for the Entry, the RDFI is entitled to a refund from the Receiver in the amount to the Receiver’s account, and the Originator will not be considered to have paid the amount of the credit Entry to the Receiver.
   
   g. Record Format. Merchant shall follow all guidelines and policies communicated by GrailPay to Merchant regarding the procedures for obtaining Receiver authorization, should it be requested by an RDFI, and the format of any such requested authorization. An authorization retained as an electronic record shall accurately reflect the information in the record, and shall be capable of being accurately reproduced for later reference, whether by transmission, printing, or otherwise. In the event that Merchant must demonstrate proof of a Receiver’s authorization for a debit WEB Entry, Merchant should provide documentation that provides transaction details including Receiver information and sales documentation to show what goods and/or services were exchanged.
   ‍
5. SECURITY PROCEDURES.
   a. Merchant shall comply with the “Security Procedures” described in Schedule C attached to this ACH Agreement and made a part hereof, along with any additional security procedures described in the MSA or otherwise provided to Merchant. Merchant acknowledges and agrees that the Security Procedures, including (without limitation) any code, password, personal identification number, user identification technology, token, certificate, or other element, means, or method of authentication or identification used in connection with a Security Procedure (“Security Devices”) used in connection therewith, constitute commercially reasonable security procedures under Applicable Law for the initiation of ACH Entries. Merchant authorizes GrailPay to follow any and all instructions entered and transactions initiated using applicable Security Procedures. Merchant acknowledges and agrees that Merchant shall be bound by any and all Entries initiated through the use of such Security Procedures, whether authorized or unauthorized, and by any and all transactions and activity otherwise initiated by Merchant or Users, to the fullest extent allowed by law. Merchant further acknowledges and agrees that the purpose of such Security Procedures is verification of authenticity, and that the Security Procedures are not designed to detect error in the transmission or content of communications or Entries initiated by Merchant and that Merchant bears the sole responsibility for detecting and preventing such error. Merchant’s adoption and compliance with the Security Procedures does not relieve the Merchant of any liability under this Agreement, including, without limitation, liability for unauthorized use or misuse of the ACH Services by any person.
   
   b. GrailPay and Bank reserve the right to modify, amend, supplement, or cancel any or all Security Procedures, and/or to cancel or replace any Security Device, at any time and from time to time in their discretion. GrailPay will endeavor to give Merchant reasonable prior notice of any change in Security Procedures; provided that GrailPay and Bank may make any change in Security Procedures without advance notice to Merchant if GrailPay and Bank, in their reasonable judgment and discretion, believes such change to be necessary or desirable to protect the security of GrailPay’s or Bank’s systems and assets and in such case, GrailPay will provide Merchant with written notice promptly after the change. Merchant’s implementation and use of any changed Security Procedures after any notice of and change in Security Procedures shall constitute Merchant’s agreement to the change and Merchant’s agreement that the applicable Security Procedures, as changed, are commercially reasonable and adequate for the purposes intended.
   ‍
6. PHYSICAL AND ELECTRONIC SECURITY.
   a. Merchant is responsible for providing for and maintaining the physical, electronic, procedural, administrative, and technical security of data and systems in Merchant’s possession or under Merchant’s control. Without limiting the generality of the foregoing, Merchant specifically acknowledges and agrees that as part of the foregoing obligation Merchant shall comply with the provisions of Section 1.6 and Section 1.7 of the NACHA Rules, entitled “Security Requirements” and “Secure Transmission of ACH Information via Unsecured Electronic Networks” for the safeguarding of Protected Information, as that term is defined in the NACHA Rules. GrailPay is not responsible for any computer viruses (including, without limitation, programs commonly referred to as “malware,” “keystroke loggers,” and/or “spyware”), problems or malfunctions resulting from any computer viruses, or any related problems that may be associated with the use of an online system or any ACH services unless directly and solely caused by GrailPay. Any material downloaded or otherwise obtained is obtained at Merchant’s own discretion and risk, and GrailPay is not responsible for any damage to Merchant’s computer or operating systems or for loss of data that results from the download of any such material, whether due to any computer virus or otherwise.
   ‍
7. INTERNATIONAL ACH TRANSACTIONS (“IAT”). Merchant shall not initiate any IAT Entries without Bank’s prior written consent, which consent may be withheld or conditioned upon Merchant adhering to additional terms.
   ‍
8. PROCESSING, TRANSMITTAL AND SETTLEMENT BY BANK. Properly authorized Entries which are initiated and submitted to GrailPay by Merchant will be processed and settled by Bank in accordance with the provisions of the agreement between GrailPay and Bank, and in accordance with the NACHA Rules.  Merchant may only submit Entries that are within the Standard Entry Class Codes that are approved in writing by Bank. Except as otherwise provided for in this ACH Agreement, for each Entry received by GrailPay prior to a transmittal deadline established by GrailPay, GrailPay shall:
   a. use commercially reasonable efforts to comply with the instructions of Merchant, (ii) process Entries received from Merchant that conform with the File specifications set forth in the NACHA Rules, (iii) transmit such Entries to Bank no later than the next transmittal deadline, and (iv) direct Bank to settle such Entries as provided in the NACHA Rules and Applicable Law; and
   ‍
   b. transmit such Entries to Bank by the deposit deadline of Bank, provided: (i) such Entries are completely received by the Cutoff Time at the location specified by GrailPay to Merchant from time to time; (ii) the Effective Entry Date satisfies the criteria provided by GrailPay to Merchant; and (iii) Bank is open for business on such Business Day. Merchant agrees that Bank and ACH Operator selected by GrailPay shall be considered to have been designated and authorized by Merchant.
   ‍
9. RESERVE ACCOUNT AND FBO ACCOUNT. In Bank’s sole discretion, GrailPay and Bank may require Merchant to fund a non-interest bearing deposit account with the Bank under Bank’s custody (the “Reserve Account”). The Reserve Account will be in an amount determined by Bank. All right, title and interest in the Reserve Account will be owned by the Bank. Merchant grants Bank a first priority security interest in the Reserve Account and the funds therein and proceeds thereof, and also grants Bank the rights and remedies of a secured party under Applicable Law with respect to the Reserve Account and the funds therein or proceeds thereof. Merchant authorizes Bank to exercise any rights and remedies of a secured party under Applicable Law in its discretion and to set off against the funds in the Reserve Account an amount equal to Transaction Losses incurred by Bank that Merchant is responsible and liable for under this ACH Agreement and the MSA. Merchant authorizes Bank to debit the Reserve Account daily in the amount of all such Transaction Losses owed to Bank. Within sixty (60) days after the termination of this ACH Agreement, Bank will transfer to Merchant any amounts remaining in the Reserve Account. Merchant shall fund,
   ‍
   In addition, Bank will establish and maintain a non-interest-bearing deposit account for the ACH Services exclusively for the purpose of settling the ACH transactions processed under this Agreement (“Settlement Account”).  The Settlement Account will be used solely for purposes of implementing payment instructions in connection with the ACH Services, and may not otherwise be used by Merchant or GrailPay to deposit, load, or store funds. The Settlement Account will be comprised of gross settlements associated with Merchants’ ACH transactions, in transit to the Merchants’ Operating Account. Merchant hereby appoints Bank as its agent to receive settlement of Entries it initiates or originates using the ACH Service, and to disburse any such settlement received to the Operating Account or any other destination authorized by the Merchant or GrailPay, or otherwise deemed reasonable and appropriate, in the course of providing services in connection with this ACH Agreement.
   ‍
   To use the ACH Services, Merchant must identify and link an eligible commercial operating account which is owned by Merchant and held at a U.S. depository institution (“Operating Account”), and link the Operating Account to the ACH Services, following instructions provided by GrailPay and the Bank.  Failure to link a valid Operating Account may result in Bank’s or GrailPay’s refusal to process Entries submitted by Merchant, or to remit settlement received in respect of any Entry to Merchant.
   ‍
   At GrailPay’s discretion, GrailPay may request balance sheets or relevant financial documents to assess Merchant’s financial state. On a quarterly basis, Monthly Total Aggregate Exposure Limits will be determined at GrailPay and Bank’s discretion based on your balance sheet. You waive all claims against the Bank and GrailPay for failure of service due to insufficient funds. If Merchant fails to maintain the minimum amount required on the balance sheet, Bank and GrailPay is authorized to lower Monthly Total Aggregate Exposure Limits.
   ‍
10. PAYMENT FOR CREDIT ENTRIES AND RETURNED DEBIT ENTRIES. On each Business Day, Merchant shall place funds into the Settlement Account by the Cutoff Time an amount equal to all credit Entries to be issued by Merchant (“Daily Entry Amount”), subject to Merchant’s Total Aggregate Exposure Limits set forth on the attached Schedule D to this ACH Agreement. In addition, Merchant shall pay GrailPay for the fees associated with each debit Entry returned by a RDFI or debit Entry dishonored by GrailPay or Bank, or to cover fraud and error losses. All such losses shall be considered “Transaction Losses” under this ACH Agreement. Merchant shall be liable to Bank for all Transaction Losses under this Agreement. “Transaction Losses” means (i) losses from all returned, unpaid, dishonored or disputed transactions; chargebacks, transaction reversals, failed, unpaid, or returned transactions, insufficient funds, negative balances in any Settlement Account or Reserve Account, dispute resolutions and associated services including fees or fines in accordance with Applicable Law; (ii) losses from all fraud, compromised accounts,  unauthorized transactions, “errors” (as defined by Regulation E), and all fraudulent or unauthorized transactions related to the Merchant’s use of the ACH Services; (iii) Losses associated with the failure, return, or reversal of any Entry submitted to the Bank under this ACH Agreement; and (iv) Losses or assessments by a Regulatory Authority that may be incurred by Bank in connection with Merchant’s use of the ACH Services; provided, that in each of (i)-(iv), not resulting from the gross negligence or willful misconduct of Bank.  GrailPay and Bank may collect payment owed by Merchant under this Section 10, including Transaction Losses, immediately in the following manner: (i) by drawing from the Minimum Balance or other balance in the Reserve Account, or Settlement Account owing to the Merchant; (ii) submitting an ACH debit to any Merchant external bank account we have on file, including, but not limited to, the designated Operating Account; or (iii) in accordance with any of the other payment methods authorized by Merchant. To the extent Merchant initiates Entries in excess of the Daily Entry Amount on a given Entry Day, GrailPay or Bank may refuse to process any and all Entries in excess of the Entry Amount on such Entry Day, whereupon GrailPay and Bank shall have no liability to Merchant or to any third party as a result thereof. If GrailPay elects to accept an Entry in excess of the Entry Amount on any one or more occasions, it shall not be considered a waiver of GrailPay or Bank’s rights to refuse to do so at any other time.
    ‍
11. REJECTION OF ENTRIES. Merchant agrees that GrailPay and Bank are under no obligation to accept Entries, including but not limited to those that do not comply with this ACH Agreement. Therefore, Bank or GrailPay may reject any Entry issued by Merchant, including, but not limited to (i) an Entry that does not comply with this ACH Agreement, (ii) Entries with inconsistent name and account number or missing and/or incorrect information, (iii) any Entry not compliant with Applicable Law, the NACHA Rules, this ACH Agreement, or the MSA, or (iv) any Entry that GrailPay or Bank deems to be not safe and sound banking practice to process. GrailPay shall provide notification to Merchant of the rejection of an Entry. GrailPay and Bank shall have no liability to Merchant for rejecting an Entry.
    ‍
12. CANCELLATION OR AMENDMENT OF ENTRY BY MERCHANT. Merchant shall have no right to cancel or amend any Entry after its receipt by GrailPay, however GrailPay shall use commercially reasonable efforts to act on Merchant’s request for cancellation or amendment prior to transmitting it to the ACH Operator. If any Receiver requests a stop-payment cancellation of any recurring, pre-authorized, pre-scheduled or standing transaction scheduled to occur in the future, Merchant will promptly provide GrailPay with sufficient notice to reasonably enable Bank to comply with its obligations to cancel or stop payment on such Entry as required by Applicable Law. To the extent GrailPay accepts, in its sole discretion, a cancellation or amendment of an Entry, Merchant must issue the cancellation or amendment in accordance with GrailPay and Bank’s Security Procedure, provided that GrailPay and Bank shall have no liability if such cancellation is not effected. Merchant shall notify the Receiver of any reversing Entry initiated to correct any Entry it has initiated in error. The notification to the Receiver must include the reason for the reversal and be made no later than the Settlement Date of the reversing Entry. If GrailPay accepts a cancellation or amendment of an Entry, Merchant hereby agrees to indemnify, defend all claims and hold GrailPay and Bank harmless from any losses, damages, or expenses, including but not limited to reasonable, actual attorney’s fees, incurred by GrailPay or Bank as the result of its acceptance of the cancellation or amendment.
    ‍
13. REVERSALS OF ENTRIES. GrailPay may in its sole discretion, upon proper and timely request by the Merchant, effect a reversal of an Entry or File. To be “proper and timely,” the request must (i) be made within five (5) Business Days of the Effective Entry Date for the Entry or File to be reversed; (ii) be made within twenty-four (24) hours of the discovery of the erroneous duplicate File; and (iii) be accompanied by a Reversal/Cancellation Request form, and comply with all of the NACHA Rules. In addition, if Merchant requests reversal of a Debit Entry or Debit File, it shall concurrently deposit into the Settlement Account an amount equal to that Entry or File. Merchant shall notify the Receiver of any reversing Entry initiated to correct any Entry it has initiated in error. The notification to the Receiver must include the reason for the reversal and be made no later than the Settlement Date of the reversing Entry. Under no circumstances shall GrailPay or Bank be liable for interest or related losses if the requested reversal of an Entry is not affected. The Merchant shall reimburse GrailPay and Bank for any expenses, losses or damages it incurs in effecting or attempting to effect the Merchant’s request for reversal of an Entry. All such expenses, losses, and damages shall be considered “Transaction Losses” under this ACH Agreement, and GrailPay and Bank may seek reimbursement for any Transaction Losses by debiting Merchant’s Reserve Account at Bank, or by exercising any other rights and remedies available to GrailPay and Bank.
    ‍
14. OBLIGATIONS OF MERCHANT AS AN ORIGINATOR UNDER THE RULES. In addition to any other duties, responsibilities, warranties, representations and liabilities under this ACH Agreement, for each and every Entry transmitted by Merchant to GrailPay, Merchant represents and warrants to GrailPay and agrees that Merchant shall: (i) assume applicable responsibilities under the NACHA Rules, including, but not limited to, the responsibilities of Originators; (ii) make all of the warranties, including, but not limited to, the warranties of ODFIs and the warranty that Originators have agreed to assume the responsibilities of Originators under the NACHA Rules; (iii) make all of the representations under the NACHA Rules; (iv) assume all of the liabilities in connection with the ACH Services, including, but not limited to, liability for indemnification for failure of Merchant to perform its obligations as an Originator; (v) not by any act or omission, place GrailPay or Bank in breach of or in non-compliance with the NACHA Rules or Applicable Law; and (vi) conduct, or have conducted, any audit of its compliance with the NACHA Rules in accordance with the NACHA Guidelines (“NACHA Audit”). Without limiting the foregoing, if Merchant transmits Entries on behalf of its customers (subject to approval by GrailPay), who are treated as Originators under the NACHA Rules, Merchant shall enter into an origination agreement with such customers meeting the requirements of the NACHA Rules, which shall contain terms substantially similar to the ACH Agreement.
    ‍
15. ERROR DETECTION. GrailPay has no obligation to discover and shall not be liable to Merchant for errors made by Merchant, including but not limited to errors made in identifying the Receiver, or an Intermediary or RDFI or for errors in the amount of an Entry or for errors in Settlement Dates. GrailPay shall likewise have no duty to discover and shall not be liable for duplicate Entries issued by Merchant. Notwithstanding the foregoing, if the Merchant discovers that any Entry it has initiated was in error, it shall notify GrailPay of such error. If such notice is received no later than four (4) hours prior to the ACH receiving deadline, GrailPay will utilize reasonable efforts to initiate an adjusting Entry within the time limits provided by the NACHA Rules. In the event that Merchant makes an error or issues a duplicate Entry, Merchant shall indemnify, defend all claims, and hold GrailPay and Bank harmless from any losses, damages, or expenses, including but not limited to reasonable, actual attorney’s fees, incurred by GrailPay or Bank as result of the error or issuance of duplicate Entries.
    ‍
16. PROHIBITED TRANSACTIONS. Merchant agrees not to use or attempt to use the ACH Services (i) to engage in any illegal purpose or activity or to violate any Applicable Law, (ii) to breach any contract or agreement by which Merchant is bound, (iii) unless pre-approved by GrailPay, to engage in any internet or online gambling transaction, whether or not gambling is legal in any applicable jurisdiction, (iv) unless pre-approved by GrailPay, to engage in any activity or business that would result in Merchant being or becoming a “money service business” as defined in the Bank Secrecy Act and its implementing regulations, (v) to transmit or initiate any Entry on behalf of politically exposed persons, or (vi) to engage in any transaction or activity or transmit any Entry that is not specifically authorized and permitted by this ACH Agreement. Merchant acknowledges and agrees that GrailPay has no obligation to monitor Merchant’s use of the ACH Services for transactions and activity that is impermissible or prohibited under the terms of this ACH Agreement; provided, however, that GrailPay reserves the right to decline to execute any transaction or activity that GrailPay believes violates the terms of this ACH Agreement, the NACHA Rules or Applicable Law.
    ‍
17. NOTICE OF REJECTED AND RETURNED ENTRIES AND NOTIFICATIONS OF CHANGE. GrailPay shall notify Merchant by e-mail, facsimile transmission mail, or other written means of the receipt of a returned Entry from Bank (as received from the ACH Operator). GrailPay shall have no obligation to retransmit a returned Entry to Bank and/or ACH Operator if GrailPay complied with the terms of this ACH Agreement with respect to the original Entry. Merchant shall notify the Receiver by phone or electronic transmission of receipt of each return Entry no later than one (1) Business Day after the Business Day of receiving such notification from GrailPay. GrailPay shall provide Merchant all information, as required by the NACHA Rules, with respect to each Notification of Change (“NOC”) Entry or Corrected Notification of Change (“Corrected NOC”) Entry received by GrailPay relating to Entries transmitted by Merchant. Merchant shall ensure that changes requested by the NOC or Corrected NOC are made within three (3) Business Day of Merchant’s receipt of the NOC information from GrailPay or prior to initiating another Entry to the Receiver’s account, whichever is later, or issue a Refused Notification of Change. In addition, GrailPay or Bank is entitled to delay settlement or availability of the proceeds of any Entry processed using the ACH Services for any reason permitted by law, including, without limitation, to investigate potential fraud or errors. Bank shall have no liability for any delay in making funds available to the Merchant in connection with any Entry processed under this ACH Agreement.
    ‍
18. NOTICE OF IMPROPER ENTRIES. GrailPay shall provide Merchant with a periodic statement reflecting the total of each File transmitted by Bank or similar transaction history. Merchant shall examine the periodic statement and notify GrailPay of any unauthorized or erroneous Entries within a reasonable time, not exceeding thirty (30) days from the date that the periodic statement is made available to Merchant by GrailPay (“Entry Notice”). If Merchant fails to deliver the Entry Notice, Merchant may not assert against GrailPay or Bank any claim for interest on the amount of the Entries for the period prior to the date that such notice is eventually delivered. If Merchant fails to deliver the Entry Notice to GrailPay within one (1) year from GrailPay’s issuance of any advice or statement reflecting such Entries, Merchant is precluded from asserting that GrailPay or Bank is not entitled to retain the principal amount of the unauthorized or erroneous debit of Merchant’s account(s).
    ‍
19. PROVISIONAL SETTLEMENT. Merchant shall be bound by and comply with the NACHA Rules as in effect from time to time, including without limitation the provision thereof related to making payment of an Entry to the Receiver provisional until receipt by GrailPay and/or the Bank of final settlement for such Entry; and Merchant acknowledges that it has received notice of that rule and/or the fact that, if such settlement is not received, GrailPay shall be entitled to a refund from the Receiver of the amount credited and Merchant shall not be deemed to have paid the Receiver the amount of the Entry.
    ‍
20. IDENTIFICATION OF RECEIVER. If Merchant identifies the Receiver of the Entry by account number or identifying number, or by name and account number or identifying number, Merchant acknowledges that payment of the proceeds of the Entry to the Receiver shall be made by the RDFI, on the basis of the identifying account number even if it identifies a person different from the named Receiver. Merchant is liable for and must settle with GrailPay for any Entry initiated by Merchant that identifies the Receiver by account or identifying number or by name and account or identifying number. With respect to any WEB Entry or other Entry that debits or credits a consumer account, Merchant shall authenticate the Receiver at the time such Entry is authorized by the Receiver.
    ‍
21. ADDITIONAL MERCHANT WARRANTIES FOR SELECTED STANDARD ENTRY CLASSES. NACHA, in its role of ensuring the safety, security, and viability of the ACH network has determined that certain single-use or limited-use consumer authorizations have the potential to increase risk in the ACH system and compromise system effectiveness by increasing the incidence of returned Entries. Therefore, to qualify as an Originator of such Entries Merchant hereby warrants to GrailPay that for each such ACH Entry submitted for processing, Merchant has or shall have obtained all authorizations from the Receiver as required by the NACHA Rules, by Regulation E or other Applicable Law, and this ACH Agreement. Merchant also makes the additional warranties to GrailPay that GrailPay makes to each of the Bank, the RDFI and the ACH Operator under the NACHA Rules for the respective SEC codes for Entries originated by Merchant. Merchant acknowledges and agrees to comply with all applicable measures as set forth in the NACHA Rules for each applicable SEC code.
    ‍
    WEB ENTRIES. If GrailPay authorizes Merchant to initiate debit WEB Entries, then: (i) Merchant will take all actions and obtain all consents and authorizations required under the NACHA Rules to allow Bank to meet its obligations as ODFI of WEB Entries, and agrees to retain the originals of such consents and authorizations, revocation, or termination thereof, for the timeframe provided by this ACH Agreement, or such other timeframe required by the NACHA Rules or Applicable Law; (ii) Merchant agrees it has performed or will perform periodic audit that satisfies the NACHA Rules for Originators before initiating a WEB Entry, if applicable, and to the extent required by Applicable Law; and (iii) pursuant to the NACHA Rules, Merchant will establish and implement commercially reasonable: (A) fraudulent transaction detection systems to screen debit WEB Entries; (B) methods of authentication to verify the identity of Receivers of debit WEB Entries; (C) procedures to verify that the routing number used in the debit WEB Entry is valid; and (D) security technology for communications between Merchant, Third-Party Senders and Receivers over the internet or wireless networks. Each time Merchant initiates a Web Entry, in addition to its other representations and warranties under this Agreement, Merchant warrants that the WEB Entry was screened by its fraudulent transaction detection system and that Merchant has used commercially reasonable methods to authenticate and verify the Receiver’s identity and to verify that the account number used in the WEB Entry is valid.
    ‍
22. ADDITIONAL REPRESENTATIONS, WARRANTIES, AND COVENANTS.
    a. NACHA. Without limiting anything herein, Merchant makes to GrailPay each of the warranties set forth in the NACHA Rules, Subsections 2.4.1 (General ODFI Warranties), 2.15.2 (Warranty of and Indemnification by Third Party Senders), 2.15.3 (Performance and Warranty of ODFI Obligations by Third Party Senders) and 2.5.17.4 (Additional ODFI Warranties for WEB Entries), and Section 5.2 (Warranties of Gateway) of the NACHA Rules. Such warranties are made by Merchant with each submission of Entries to GrailPay. Without limiting the foregoing, Merchant makes all representations and warranties set forth in the NACHA Rules related to each Entry type it submits.
    ‍
    b. MSA. Upon acceptance of this ACH Agreement and Merchant’s submission of each Entry, Merchant makes all representations, warranties, and covenants to Bank and GrailPay which are set forth in the MSA.
    ‍
    c. Other. Upon acceptance of this ACH Agreement and Merchant’s submission of each Entry, Merchant further represents, warrants, and covenants that: (i) this ACH Agreement forms a binding and enforceable agreement between the Merchant and GrailPay, with the Bank as a third-party beneficiary of this ACH Agreement; (ii) Merchant is not acting in the capacity of a Third-Party Sender, payment facilitator, lender, money services business, or money transmitter in connection with its use of the ACH Services; and (iii) Merchant has all licenses, permits, registrations, and other authorizations necessary for the Merchant to sell goods and services and to perform all transactions it initiates or originates using the ACH Services in connection with this Agreement, in all jurisdictions where it does business during the term of this ACH Agreement.
    ‍
23. FINANCIAL INFORMATION AND AUDIT.
    a. Audit. GrailPay and Bank shall have the right to audit Merchant’s compliance with this ACH Agreement and the NACHA Rules, and the Merchant’s capacity to continue to comply with the terms of this ACH Agreement. Upon reasonable notice to Merchant from GrailPay or Bank, as applicable, Merchant authorizes GrailPay or Bank to inspect Merchant’s books and records and to make on-site visits, at Merchant’s sole cost and expense, to any and all locations with regard to all information deemed by GrailPay or Bank to be necessary or pertinent to Merchant’s use of the ACH Services. Information subject to GrailPay’s and Bank’s right of inspection shall include all information maintained by Merchant relating to policies, procedures, processes, and business, accounting, and operations practices, as well as customers, clients, vendors and processors if, in the opinion of GrailPay or Bank, Merchant’s relationship with such parties is materially related to Merchant’s ACH transaction activity.
    ‍
    b. Site Visits. Physical site visits of Merchant may be conducted to ensure notification and communication processes and disclosure requirements are being followed with respect to those addressed in the NACHA Rules.
    ‍
    c. Reports. At GrailPay’s or Bank’s request, and at least annually, Merchant shall provide information in form and content satisfactory to GrailPay of Merchant’s financial condition, operational capabilities, physical security, and internal audit procedures sufficient to demonstrate to the satisfaction of GrailPay Merchant’s continued ability to perform its obligations under the NACHA Rules in an accurate and timely manner.
    ‍
    d. Records. Merchant, at its cost and expense, shall maintain accurate records relating to ACH transactions in a manner consistent with Applicable Law, this ACH Agreement, the NACHA Rules and Bank policies. Merchant shall obtain all consents and authorizations required under the NACHA Rules. Merchant shall retain data on File adequate to permit remaking of Entries for six (6) years following the date of their transmittal, and shall provide such data to GrailPay and Bank upon their request. Merchant shall be jointly and severally liable with each of its customers for the retention and delivery of any records, documentation, or data required by the NACHA Rules.
    ‍
    e. Taxes. Merchant is solely responsible for collecting, calculating, withholding, reporting, filing, and remitting any taxes for which it or its customers is liable in connection with any Transactions initiated under this Agreement. Neither Bank nor GrailPay is responsible for calculating, charging, withholding, or remitting any applicable taxes.
    ‍
24. LIMITATION OF LIABILITY AND INDEMNITY. IN THE PERFORMANCE OF THE SERVICES REQUIRED BY THIS ACH AGREEMENT, GRAILPAY AND BANK SHALL BE ENTITLED TO RELY SOLELY ON THE INFORMATION, REPRESENTATIONS, AND WARRANTIES PROVIDED BY MERCHANT AND ANY PERSON WITH ACTUAL OR APPARENT AUTHORITY TO ACT ON MERCHANT’S BEHALF, PURSUANT TO THIS ACH AGREEMENT, AND SHALL NOT BE RESPONSIBLE FOR THE ACCURACY OR COMPLETENESS THEREOF. GRAILPAY SHALL BE RESPONSIBLE ONLY FOR PERFORMING OR MAKING AVAILABLE THE ACH SERVICES EXPRESSLY PROVIDED FOR IN THIS ACH AGREEMENT. GRAILPAY SHALL NOT BE LIABLE UNLESS GRAILPAY PERFORMED SUCH ACH SERVICES IN A GROSSLY NEGLIGENT MANNER OR FOR ITS WILLFUL MISCONDUCT IN PERFORMING THOSE ACH SERVICES. BANK SHALL HAVE NO LIABILITY TO MERCHANT FOR THE ACH SERVICES, AND TO THE EXTENT NOT PROHIBITED BY LAW, MERCHANT HEREBY WAIVE, RELEASE AND DISCHARGE ALL RIGHTS OR CLAIMS BY MERCHANT AGAINST BANK IN CONNECTION WITH THE ACH SERVICES. GRAILPAY AND BANK SHALL NOT BE RESPONSIBLE FOR MERCHANT’S ACTS OR OMISSIONS (INCLUDING, WITHOUT LIMITATION, THE AMOUNT, ACCURACY, TIMELINESS OF TRANSMITTAL OR AUTHORIZATION OF ANY ENTRY RECEIVED FROM MERCHANT) OR THOSE OF ANY OTHER PERSON, INCLUDING, WITHOUT LIMITATION, ANY FEDERAL RESERVE BANK, ACH OPERATOR OR TRANSMISSION OR COMMUNICATIONS FACILITY, ANY RECEIVER OR RDFI (INCLUDING, WITHOUT LIMITATION, THE RETURN OF ANY ENTRY BY SUCH RECEIVER OR RDFI), AND NO SUCH PERSON SHALL BE DEEMED GRAILPAY’S OR BANK’S AGENT. GRAILPAY AND BANK SHALL HAVE NO RESPONSIBILITY FOR ANY GOODS AND SERVICES SOLD OR PROVIDED BY MERCHANT, NOR THE MERCHANT’S CONDUCT OF ANY OTHER ASPECT OF ITS BUSINESS.
    ‍
    MERCHANT COVENANTS AND AGREES TO INDEMNIFY AND HOLD HARMLESS GRAILPAY, BANK AND THEIR RESPECTIVE PARENTS, AFFILIATES SUBSIDIARIES, OFFICERS, DIRECTORS, MEMBERS, EMPLOYEES, REPRESENTATIVES, SHAREHOLDERS, AGENTS, ATTORNEYS AND PERMITTED ASSIGNS FROM AND AGAINST ANY DAMAGES, AWARDS, JUDGMENTS, SETTLEMENT AMOUNTS, FINES, PENALTIES, LOSSES, COSTS AND EXPENSES (INCLUDING REASONABLE LEGAL FEES AND EXPENSES AND COSTS OF INVESTIGATION) AND OTHER LIABILITIES (COLLECTIVELY, THE “LOSSES”) ARISING OUT OF: (A) TRANSACTION LOSSES; (B) ANY UNTRUE OR INACCURATE MATERIAL REPRESENTATION OR WARRANTY MADE BY MERCHANT  UNDER, IN CONNECTION WITH OR PURSUANT TO THIS ACH AGREEMENT OR THE MSA; (C) ANY FAILURE ON THE PART OF MERCHANT OR ANY MERCHANT DELEGEE TO PERFORM OR COMPLY WITH ANY COVENANT OR OBLIGATION REQUIRED TO BE PERFORMED OR COMPLIED WITH BY MERCHANT UNDER OR PURSUANT TO THIS AGREEMENT OR THE MSA, INCLUDING ANY FAILURE TO PERFORM ANY OBLIGATIONS OF BANK WHICH MERCHANT HAS UNDERTAKEN ON BEHALF OF BANK; (D) ANY VIOLATION OF OR NONCOMPLIANCE WITH APPLICABLE LAW; (E) AN ACT OF FRAUD, EMBEZZLEMENT, OR CRIMINAL ACTIVITY BY MERCHANT OR ANY OF ITS EMPLOYEES OR AGENTS; (F) THE NEGLIGENCE OR WILLFUL MISCONDUCT OF MERCHANT OR ANY MERCHANT CONTRACTOR OR AGENT IN CONNECTION WITH MERCHANT’S PERFORMANCE OF ITS OBLIGATIONS UNDER THIS AGREEMENT; (G) ANY DAMAGES, CLAIMS, OR LOSSES ASSERTED BY A CUSTOMER OF MERCHANT OR OTHERWISE IN CONNECTION WITH MERCHANT’S SALE OF GOODS OR SERVICES; AND (H) ANY AND ALL LOSSES ARISING FROM THE MERCHANT’S USE OF THE ACH SERVICES, EXCEPT TO THE EXTENT CAUSED BY ANY GROSS NEGLIGENCE OR WILLFUL MISCONDUCT OF THE BANK.
    ‍
25. INCONSISTENCY OF NAME AND ACCOUNT NUMBER. Merchant acknowledges and agrees that, if an Entry describes the Receiver inconsistently by name and account number, payment of the Entry transmitted by GrailPay to the Bank for transmission to the RDFI may be made by the RDFI on the basis of the account number supplied by the Merchant, even if it identifies a person different from the named Receiver, and that the Merchant’s obligation to pay the amount of the Entry to GrailPay is not excused in such circumstances. Merchant is liable for and must settle with GrailPay for any Entry initiated by Merchant that identifies the Receiver by account or identifying number or by name and account or identifying number.
    ‍
26. MERCHANT AS RECEIVER. If Merchant is the Receiver of an Entry or other funds transfer, and GrailPay or Bank does not receive final settlement for any payment made to or by Merchant, Merchant acknowledges and agrees that Merchant is obligated to GrailPay and Bank for the amount of the payment order, and Bank is authorized to charge Merchant’s account(s) for any amount paid to or owed by Merchant. If GrailPay credits Merchant’s account for an Entry or other funds transfer naming Merchant as the Receiver, such credit Entry to Merchant’s account is not acceptance of the funds transfer by GrailPay or the Bank. Notwithstanding the foregoing, GrailPay may make funds available to Merchant at an earlier time at GrailPay’s option. GrailPay has no obligation to notify Merchant of receipt of a funds transfer naming Merchant as the Receiver even if payment for the funds transfer to Merchant is made by credit to Merchant’s Operating Account or other account, or the payment order directs payment to an account. Demand by Merchant for payment of a payment order for which GrailPay or Bank is obligated to pay Merchant must be made in writing and delivered to GrailPay at the location disclosed by GrailPay to Merchant. Issuance of a check by Merchant on the account to which payment was made shall not constitute notice under this section.
    ‍
27. COOPERATION IN LOSS RECOVERY EFFORTS. In the event of any damages for which GrailPay or Merchant may be liable to each other or to a third party in connection with the ACH Services, GrailPay and Merchant will undertake reasonable efforts to cooperate with each other, as permitted by Applicable Law, in performing loss recovery efforts and in connection with any actions that the relevant party may be obligated to defend or elects to pursue against a third party.
    ‍
28. AMENDMENTS; TERMINATION.
    This ACH Agreement may be amended from time to time upon notice by GrailPay to Merchant.
    ‍
    This ACH Agreement may be terminated by either party upon 60 days’ written advance notice to the other party.  This Agreement may be terminated by GrailPay or Bank upon Merchant’s breach of this ACH Agreement or Applicable Law, subject to any applicable right to cure.  Upon Merchant’s breach of this ACH Agreement or Applicable Law, GrailPay or Bank may notify Merchant of such breach. Merchant shall have thirty (30) days from the date such notice is sent to cure the breach, unless otherwise provided by this Agreement. Notwithstanding the foregoing, GrailPay is not obligated to provide the Merchant with an opportunity to cure the breach if Bank determines that doing so would result in an imminent violation of Applicable Law or present unreasonable risk to the Bank.  In the event that performance of services under this ACH Agreement would result in a violation of any present or future or revised statute, regulation or governmental policy, or Bank policy, to which GrailPay or Bank is subject, or if any state or federal regulatory authority that currently has or in the future may have jurisdiction over GrailPay or Bank with respect to ACH Services requests or requires that GrailPay or Bank to terminate this ACH Agreement, then GrailPay may terminate this ACH Agreement   upon ten (10) days prior written notice, or such shorter timeframe if required by such Regulatory Authority, if it deems such action necessary under the circumstances. GrailPay and Bank shall have no liability to Merchant as a result of any such termination. Any practices or course of dealings between GrailPay or Merchant or any procedures or operational alterations used by them, shall not constitute a modification of this ACH Agreement or the NACHA Rules, nor shall they be construed as an amendment to this ACH Agreement or the NACHA Rules. This ACH Agreement may be automatically terminated by GrailPay upon the termination or suspension of the MSA.
    ‍
29. WAIVER. No waiver by GrailPay or Bank (whether or not in writing) of any term, condition, or obligation of Merchant shall bind GrailPay or Bank to waive that same term, condition, or obligation again, nor shall any other provision, condition, term, or obligation hereof be affected by such waiver.
    ‍
30. BINDING EFFECT. This ACH Agreement shall inure to the benefit of and be binding upon the successors, heirs, trustees, and assigns of the parties and third-party beneficiaries hereto. This ACH Agreement is not for the benefit of any other person (except for Bank), and no other person shall have any right against GrailPay or Merchant hereunder.
    ‍
31. APPENDICES AND EXHIBITS. Appendices and exhibits to this ACH Agreement are incorporated into, and constitute a part of, this ACH Agreement.
    ‍
32. TRANSFERS AND ASSIGNMENTS. Merchant cannot transfer or assign any rights or obligations under this ACH Agreement without GrailPay’s and Bank’s written consent. Merchant consents to the assignment of this ACH Agreement to that financial institution designated by GrailPay.
    ‍
33. SAME DAY ENTRIES. Merchant may initiate Same Day Entries with respect to certain transaction types that may be permitted by the Bank from time to time. Only Entries with each of (i) an Effective Entry Date of the date of or a date prior to the date of the transmission of the Entry or File to Bank and received by Bank prior to 12:00 pm EST on such transmission date and (ii) with a “SD1700” designation in the Company Descriptive Date Field of the Batch Header Record shall be considered to be a Same Day Entry. IAT and Entries above $100,000 are not eligible for Same Day ACH processing.