Asp Agreement

Exhibit 10.38


ASP AGREEMENT


between


ENABLEUS, INC.


&


CAPMARK FINANCE INC.


Dated as of April 26, 2007


ASP Agreement


Table of Contents


1. DEFINITIONS


1

2. TERM


1

2.01 Initial Term.


1

2.02 Renewal.


1

3. VENDOR SERVICES


2

3.01 Services.


2

3.02 Additional Services.


2

3.03 Hosting; Vendor Service Centers, Security & Backup.


2

3.04 Access to New Technology


4

3.05 Third Parties & Subcontractors.


4

3.06 Access to Server.


4

4. CUSTOMER RESPONSIBILITIES


5

4.01 Generally.


5

4.02 Dedicated Equipment & Software.


5

4.03 Customer' s Use of Third Parties.


5

5. FEES & PAYMENTS


5

5.01 Fees.


5

5.02 Service Levels and Remedies.


6

5.03 Invoices; Interest.


6

5.04 Audits.


7

6. MANAGEMENT


7

6.01 Vendor Personnel.


7

6.02 Staff.


7

6.03 Subcontractors.


7

6.04 Conduct of Vendor Personnel.


7

6.05 Change Control Procedures.


8

6.06 Physical Relocation of Vendor Service Center.


8

7. REPRESENTATIONS & WARRANTIES


9

7.01 By Each of Customer & Vendor.


9

7.02 By Vendor.


9

7.03 Exclusion.


9

8. CONFIDENTIALITY & PROPRIETARY RIGHTS


9

8.01 Confidential Information.


9

8.02 Customer Data and Customer Software


10

8.03 Vendor Software & Documentation.


11

8.04 Changes.


12

8.05 Upgrades.


12

8.06 New Functionality.


12

9. INDEMNIFICATION


12

9.01 By Customer.


12

9.02 By Vendor.


13

9.03 Indemnification Procedures.


13

9.04 Exclusive Remedy.


13

10. INSURANCE


13

11. ADDITIONAL PROJECTS & SERVICES


14

12. FORCE MAJEURE


15

12.01 Force Majeure.


15

12.02 Allocation of Resources.


15

13. TERMINATION, DEFAULT & REMEDIES


15

13.01 Termination for Convenience.


15


i


13.02 Termination for Default.


15

13.03 Limitation of Liability.


16

13.04 Exclusion of Damages.


16

14.01 Termination Assistance.


16

14.02 De-conversion Fees.


16

14.03 Instructions.


17

15. APPLICABLE LAW, VENUE


17

16. GENERAL PROVISIONS


17

16.01 Assignment and Sublicense.


17

16.02 Notices.


17

16.03 Counterparts.


18

16.04 Construction & Interpretation of Documents.


18

16.05 Relationship.


18

16.06 Consents, Approvals and Requests.


18

16.07 Severability.


18

16.08 Waiver.


18

16.09 Entire Agreement.


19

16.10 Amendments.


19

16.11 Survival.


19

16.12 Third Party Beneficiaries.


19

16.13 Acknowledgment.


19

16.14 Covenant of Further Assurances.


19

16.15 Compliance with Laws.


19

16.16 Solicitation.


19

SCHEDULE 1 - DEFINITIONS


1

SCHEDULE 3.01 - SERVICES


6

SCHEDULE 4.02 - DEDICATED EQUIPMENT AND SOFTWARE


8

SCHEDULE 5.01 - FEES


9

SCHEDULE 13.01 - ASSUMED EXPENSES


10

Exhibit A - Performance Standards and Service Levels


Exhibit B - Backup, Archival and Purge Schedule


Exhibit C Vendor Information Security Standards


Exhibit D - Disaster Recovery


EXHIBIT E - THIRD PARTY SOFTWARE


ii


EXECUTION COPY


ENABLEUS, INC.

ASP AGREEMENT


This ASP AGREEMENT (the Agreement ) dated as of the 26th day of April, 2007 (the Effective Date ) is by and between EnableUs, Inc. ( Vendor ), a Delaware corporation with offices at 8 Suburban Park Drive, Billerica, MA 01821 and Capmark Finance Inc. ( Customer ), a California corporation with offices at 116 Welsh Road, Horsham, PA 19044.


WHEREAS , pursuant to that certain License Agreement for McCracken Program Products between McCracken Financial Services, Inc. and GMAC Mortgage Corporation of PA dated May 10, 1991, as amended (the Pre-Existing License ), which the parties confirm has previously been assigned to Customer and Vendor, Customer currently utilizes and seeks to continue to have uninterrupted access to the Strategy ASP (as herein defined) service bureau to perform certain data processing and related services pertaining to servicing commercial loans, and Vendor offers to provide such services;


WHEREAS , Vendor is a software developer and an application service provider for, among other things, the Strategy ASP service bureau;


WHEREAS , MFS Acquisition Corp. ( Buyer ) and Capmark Financial Group Inc. ( Seller ), the parent of Customer and the present parent of the Vendor, entered into that certain Stock Purchase Agreement, dated as of the date hereof (the Stock Purchase Agreement ) pursuant to which Buyer has agreed to purchase from Seller all of the issued and outstanding shares of capital stock of Vendor; and


WHEREAS , the Stock Purchase Agreement contemplates that Vendor and Customer shall enter into this Agreement as a condition precedent to the obligation of either Buyer or Seller to consummate the transactions contemplated by the Stock Purchase Agreement.


NOW, THEREFORE , in consideration of the agreements of the parties set forth below and other good and valuable consideration, the receipt and sufficiency of which are hereby acknowledged, Vendor and Customer agree as follows:


1. DEFINITIONS


Capitalized terms used in this Agreement shall have the respective meanings set forth in Schedule 1 annexed hereto.


2. TERM


2.01 Initial Term. The initial term of this Agreement shall commence on the Effective Date and unless extended or terminated earlier pursuant to this Agreement shall continue until 12:00 midnight (Eastern Time) on the third anniversary of the Effective Date (the Initial Term ).


2.02 Renewal. Provided that Customer has not received notice from Vendor of the breach of any material provision of this Agreement and then failed to cure such breach within the applicable cure period, Customer shall have the option to renew this Agreement for two (2) successive one (1) year increments (each, a Renewal Term and together with the Initial Term, the Term ) by providing Vendor with written notice of its intent to renew no fewer than ninety (90) days prior to the expiration of the Initial Term or the then current Renewal Term.


3. VENDOR SERVICES


3.01 Services. Commencing on the Effective Date and continuing throughout the Term, Vendor will perform the services described in Schedule 3.01 (the Services ) in exchange for Customer' s payment of the Monthly Service Fee as set forth in Section 5.01 . Services do not include support for software modified by or on behalf of Customer other than as by Vendor in connection with its provision of Services to Customer.


3.02 Additional Services. From time to time, Customer and Vendor may agree that additional services outside the scope of the Services (the Additional Services ) shall be performed. Additional Services may include, without limitation, additional training, and/or any customization or interfaces. Additional Services will be invoiced at the hourly rates set forth on Schedule 5.01 and shall be governed by Section 11 .


3.03 Hosting; Vendor Service Centers, Security & Backup.


(a) Information Security Review. So long as Customer operates in a dedicated environment and network, Customer reserves the right to perform periodic information security reviews on any dedicated environment, applications and/or facilities used by Vendor to provide Services to Customer hereunder ( Reviews ) such right being contingent upon Customer providing Vendor with written notice of each such Review and a description of all tests to be conducted during such Review at least five (5) days prior to the occurrence of each such Review. The Reviews shall include, but not be limited to, physical inspection, external scan, internal scan, code review, process reviews and reviews of system configurations. The Reviews shall be conducted in Customer' s discretion, by Customer or its designee (who will be a nationally known security firm), and at Customer' s expense in accordance with and based upon SAS 70 Type II requirements and standards. Vendor hereby grants permission to Customer to perform the Reviews. To the fullest extent permitted by law, Vendor hereby waives the benefit of any state or Federal law which may provide a cause of action against Customer based on actions permitted under this Section. Should any Review result in the discovery of material security risks under SAS 70 Type II standards to (a) the network used by Vendor to perform Services for Customer (excluding Customer' s network), (b) the application used by Vendor to perform Services for Customer, or (c) any Vendor Service Center used by Vendor to perform services for Customer, Customer shall immediately notify Vendor of such risks and Vendor shall respond to Customer in writing within three (3) days with Vendor' s plan to promptly correct, repair or modify the said network or application or facility to effectively eliminate the risk (each a Remediation Plan ). Any such Remediation Plan shall call for the security risk to be corrected, repaired or modified, as applicable, in accordance with SAS 70 Type II standards, within thirty (30) days. Should Vendor fail to remedy any identified security risk within the time frame agreed upon by the parties, and in any event within thirty (30) days, Customer may withhold payment of all Fees. Customer must pay Fees withheld upon remediation of the identified risk with no accumulated interest. Should Customer identify any material security risk other than those under SAS 70 Type II standards, Vendor' s Remediation Plan shall call for Vendor to use commercially reasonable best efforts to correct, repair or modify, as applicable, such security risk, as soon as practicable.


(b) Third Party Security Review. Vendor has acquired through a third party and will maintain on an annual basis throughout the Term SAS 70 Type II certification performed in accordance with the standards developed by the American Institute of Certified Public Accountants ( AICPA ) or such other industry accepted third party audit for hosting services of at least comparable scope. On an annual basis, Vendor shall provide to Customer the full and complete SAS 70 Type II audit. Should Vendor fail to remedy a risk identified in a qualified SAS 70 Type II report within thirty (30) days of receipt of such qualified report, or fail to maintain a SAS 70 Type II certification, Customer may withhold payment of all Fees. Customer must pay Fees withheld upon remediation of the identified risk with no accumulated interest.


(c) Information Security Standards. The Vendor Information Security Standards are set forth in Exhibit C . For the avoidance of doubt, Customer is " Customer 202" identified in such Exhibit C. Within thirty (30) days of the Effective Date, Vendor shall, in the performance by Vendor of Services under this Agreement, ensure that all Services meet the standards for such Services as set forth in the Vendor Information


2


Security Standards. Vendor shall also use commercially reasonable efforts to comply with any additional information security requirements as requested by Customer. Any information security standards requested by Customer that exceed the then-current criteria set forth in SAS 70 Type II will be implemented at the sole expense of Customer. With respect to any such information security standard that becomes a standard SAS 70 Type II requirement before the end of the calendar year following the calendar year in which such security standard was requested by Customer, Vendor shall credit Customer for all related costs incurred by Customer as of the date of the increased SAS 70 Type II requirement. Such credit shall be made available to Customer as of the date on which any Customer-requested information security standard becomes a standard SAS 70 Type II requirement.


(d) Electronic Incident Reporting. Vendor shall report to Customer all known or suspected Electronic Incidents. If an Electronic Incident occurs, the Vendor shall promptly notify Customer' s Incident Management Center at telephone number 215-328-3018, and provide the following information, if known:


1. Nature and impact of the Electronic Incident;


2. Actions already taken by Vendor to remedy an Electronic Incident;


3. Vendor' s assessment of immediate risk posed by Electronic Incident; and


4. Corrective measures to be taken, evaluation of alternatives, and next steps in resolution of an Electronic Incident.


In addition to the foregoing, Vendor shall continue providing appropriate status reports to Customer regarding the resolution of the Electronic Incident until it has been fully resolved and prevention of future such Electronic Incidents has been reasonably ensured. In response to any Electronic Incident, Customer may require that the Services be suspended, connectivity with Vendor be terminated, or other appropriate action be taken pending such resolution of such Electronic Incident.


(e) Vendor Service Center; Shared/Dedicated System. The Services shall be provided from the Vendor Service Center at 8 Suburban Park Drive, Billerica, MA 01821. Vendor shall provide the Services using hardware and software and personnel in a dedicated environment. Vendor shall be responsible for maintaining adequate security so that other customers of Vendor do not access or receive Customer' s Confidential Information, including, without limitation, Customer Data. Customer' s environment is currently on a dedicated server. In the event that Vendor requests that Customer change to a dedicated environment on a shared server, Vendor shall seek approval from Customer and provide at least six (6) months notice prior to making such change.


(f) Physical Security Procedures. Vendor shall maintain and enforce at the Vendor Service Center(s) safety and physical security procedures that are commensurate with industry standards and at least as rigorous as those procedures in effect at the Vendor Service Center(s) as of the Effective Date. In addition, Vendor shall use commercially reasonable efforts to comply with additional information security standards as reasonably requested by Customer, and Customer shall be responsible for the associated costs. Vendor shall cause its employees and agents to obey all reasonable instructions and directions issued by Customer concerning its business operations when Vendor' s employees and agents are on Customer' s premises. When Vendor' s personnel are on Customer' s premises or have remote access to Customer' s systems, Vendor shall comply with Customer' s building security, information security, safety, and fire protection procedures. If Vendor is provided keys or other access devices, including without limitation codes and passwords, to Customer' s premises, equipment, or systems, Vendor shall protect such keys or access devices, shall maintain a log book of the names of personnel and times when they have possession of such keys or access to the systems or equipment, shall account for all such keys and access devices whenever requested to do so by Customer, and shall return and discontinue use of all such keys and access devices upon request or upon termination of its obligations hereunder. Customer may require Vendor' s personnel to carry or display identification cards when on Customer' s premises. Customer shall have the right to inspect the contents of all containers or packages being brought onto or removed from Customer' s premises.


(g) Backup. Vendor will be responsible for backup and archiving of data consistent with the Services described in Exhibit B .


3


(h) Purges/Archiving . Customer will be responsible for purging and archiving all data for paid-off loans.


(i) Disaster Recovery: Vendor will consistently maintain a disaster recovery plan for recovery of the Vendor System that satisfies or exceeds the requirements set forth in Exhibit D . Upon Customer' s request, Vendor will provide a complete copy of its disaster recovery plan and certify in writing that the back up platform and Services (collectively, the Disaster Recovery Platform ) to be provided pursuant to such disaster recovery plan are consistent with the parameters set forth in Exhibit D and are operational. Vendor shall participate in tests of the Disaster Recovery Platform no less than once per year. If Vendor fails to demonstrate in any test of the Disaster Recovery Platform that it meets or exceeds the disaster recovery plan' s recovery requirements, Vendor will deliver to Customer within thirty (30) days of such failure, a project plan identifying the corrective action(s) to be taken and applicable completion date(s). The project plan shall be to the reasonable satisfaction of Customer and shall comply with the requirements set forth in Exhibit D . Customer will notify Vendor at least ninety (90) days in advance of any scheduled test of the Disaster Recovery Platform, and provide Vendor with the opportunity to participate in the portions of such test that address the Services provided to Customer. Vendor will implement its disaster recovery plan and make the Disaster Recovery Platform operational as soon as reasonably practicable upon the occurrence of a Disaster and in any event within the time frames set forth in the Nature of Outage Matrix in Exhibit D . If a Disaster causes Vendor to allocate limited resources between or among its customers, Customer will receive at least the same priority as such other customers in respect of such allocation.


3.04 Access to New Technology . From time to time, Vendor may also develop new technology employing additional functionality. Vendor will provide to Customer for Customer' s evaluation and testing in connection with the Services any new commercially available Vendor technology developments, including new software, in accordance with Sections 8.05 and 8.06 .


3.05 Third Parties & Subcontractors. It is understood that Vendor reserves the right to provide the Services itself or through a third party service provider; provided , however, that Vendor has sole responsibility for furnishing the Services contemplated by any agreement between Customer and Vendor, and Customer shall look solely to Vendor for the performance of any such Services or agreement. Any third party service provider providing Services must agree to be bound by all applicable terms and conditions of this Agreement and any other applicable agreement.


3.06 Access to Server. Upon the reasonable prior written request of Vendor, Customer shall provide Vendor reasonable access, accompanied by a representative of Customer, to the IBM iSeries Server, serial #10DA96A, located at Customer' s facilities in Dallas, TX utilized in the provision of the Services hereunder, when necessary to allow Vendor to provide the Services hereunder. Customer shall bear all risk of loss of such IBM iSeries server located at Customer' s facilities, except to the extent such loss is caused, directly or indirectly, by the acts or omissions of Vendor. Customer shall not grant any security interest in or permit any liens to attach to such IBM iSeries server located at Customer' s facilities.


3.07 Acknowledgment; Mutual Waiver. Customer acknowledges that, as of the Effective Date, (a) Vendor and the Services satisfy or exceed the Vendor Information Security Standards, (b) the Disaster Recovery Platform satisfies or exceeds the requirements set forth in Exhibit D , (c) Vendor' s provision of the Services satisfies or exceeds the Performance Standards and Service Levels set forth in Exhibit A, and (d) the Vendor Service Center satisfies or exceeds the security requirements imposed upon Vendor under this Agreement. Each party hereby waives any claim or action against the other party based on an assertion that subsections (a) through (d) above are untrue; provided , however , that such waiver shall have no effect on and shall not apply to any claims or actions arising out of either party' s failure to perform its obligations in accordance with the terms and conditions of this Agreement.


4


4. CUSTOMER RESPONSIBILITIES


4.01 Generally. During the Term, Customer shall on a timely basis and at its sole expense be responsible for:


(a) Dedicated Equipment & Software: Maintaining and, as necessary, acquiring, the Dedicated Equipment & Software in accordance with Section 4.02 .


(b) Customer Data Accuracy & Completeness. The accuracy and completeness of the Customer Data and any errors or inaccuracies in and with respect to data obtained from Vendor because of any inaccurate or incomplete Customer Data.


4.02 Dedicated Equipment & Software. The minimum requirements of the computer hardware, software and telecommunications equipment that will be required to use the Vendor Software (the Dedicated Equipment & Software) are attached as Schedule 4.02. Customer' s Dedicated Equipment & Software shall meet or exceed such minimum hardware requirements during the Term. Customer shall bear the cost of the Dedicated Equipment & Software, including, without limitation, procurement, acquisition, installation, configuration, cabling and maintenance.


4.03 Customer' s Use of Third Parties. Customer shall have the right to contract with a third party to perform any service outside the scope of, or in addition to, the Services, including systems operations and related services to augment or supplement the Services or to interface with the Vendor System (collectively, the Customer Third Party Services ). In the event Customer contracts with a third party to perform any Customer Third Party Service, Vendor shall cooperate with Customer and any such third party to the extent reasonably required by Customer, including by providing (a) to the extent available, written requirements, standards, and policies for systems operations so that the developments of such third party may be operated by Vendor, (b) assistance and support services to such third party in connection with the Vendor System and (c) to the extent permitted by the applicable third party agreements, third party access to the Vendor System in connection with such Customer Third Party Service. Customer shall require any such third party to comply with Vendor' s requirements regarding operations, confidentiality and security. Vendor shall charge Customer in respect of all of the foregoing at Vendor' s hourly rates.


5. FEES & PAYMENTS


5.01 Fees.


(a) Invoicing and Payment. Customer shall be responsible for the payment of all fees set forth on Schedule 5.01 , including, but not limited to, the Monthly Service Fees, the Asset Surveillance License Fees and the Additional Service Fees (collectively, the Fees ). Vendor invoices shall separately itemize and reasonably identify all Fees and taxes assessed in respect of this Agreement. Customer agrees to pay all undisputed Fees, subject to any applicable Service Level Credits (as defined in Section 5.02 ), within thirty (30) days after receipt of the applicable invoice in United States dollars at Vendor' s notice address; provided , however, that the Customer' s responsibility for the Fees shall be automatically reduced by $47,064 for each month during which Customer makes payments to IBM for the costs and expenses of the Capmark-Only Servers or any successor servers pursuant to clause (c) of the immediately following paragraph.


Customer shall pay directly to International Business Machines Corp. ( IBM ) the costs and expenses for only the IBM iSeries Server, serial #109969E, located in Billerica, MA, and the IBM iSeries Server, serial #10DA96A, located in Dallas, TX (collectively, the Capmark-Only Servers ) in accordance with the Term Lease Master Agreement, dated March 27, 2002, as amended and modified from time to time, including without limitation all addenda and term lease supplements thereto, by and between IBM and Vendor (formerly known as McCracken Financial Software, Inc.) (the IBM Term Lease ). For the avoidance of doubt, the payments for the Capmark-Only Servers under the IBM Term Lease as of the date hereof are $40,278 per month until March 31, 2008 for Server #109969E and $20,547 per month until March 31,


5


2009 for Server #10DA96A. When the IBM Term Lease or a schedule, supplement or similar addendum thereto governing the lease of a Capmark-Only Server is due for renewal or expiration, Customer shall (a) enter into a lease agreement for such Capmark-Only Server directly with IBM or (b) have Vendor renew such IBM Term Lease or schedule on behalf of Customer for an additional term, in which case, Vendor shall consult with Customer regarding duration and pricing terms of such renewal and shall work diligently and in good faith to negotiate favorable pricing terms with IBM, and Capmark shall have the right to participate in such negotiations, or (c) if Customer does not elect either of the foregoing options (a) or (b), Customer shall, at its sole expense, make arrangements for the use of other suitable server(s) to replace the Capmark-Only Servers, in which case Vendor shall assist Customer in the transition of the Services to such other suitable servers and Vendor shall be entitle to invoice Customer for such assistance at the Additional Services rate set forth in Schedule 5.01 . For the avoidance of doubt, any reduction in the amounts payable by Customer to IBM with respect to the Capmark-Only Servers or any successor servers pursuant to the foregoing clause (c) of this paragraph shall inure solely to the benefit of Customer. Additionally, if Vendor acquires the right pursuant to the IBM Term Lease to purchase either of the Capmark-Only Servers, Vendor will offer such right to Customer, or work in good faith with Customer to exercise such right on Customer' s behalf, provided that such actions are not prohibited under the terms of the IBM Term Lease.


(b) Expenses. In the event that Customer requires Vendor to perform any Additional Services during the Term, Customer shall pay or reimburse Vendor for any reasonable and actual documented out of pocket expenses, including shipping charges, travel and travel-related expenses, incurred by Vendor in connection with its performance of any Additional Services, all as approved by Customer in advance.


(c) Fee Adjustments . All Fees payable by Customer under this Agreement may only be adjusted by Vendor once in any given twelve (12) month period. In any such event, Vendor may increase the Fees by no more than two percent (2%).


(d) Taxes . Customer agrees to pay all state and local sales, use, property or other taxes (except for taxes on Vendor' s property or net income) that may be assessed against Vendor or Customer with respect to this Agreement, the Services or any equipment, products or services provided hereunder. Customer shall also be responsible for paying all personal property or use taxes due on or with respect to the customer system, as well as all taxes, assessments, and other real property-related levies on its owned or leased real property, including all customer locations. ...