Terms of Business

1. Risk Advisory’s obligations

1.1. Risk Advisory will provide the Services and any Deliverables using reasonable care and skill.

1.2. Risk Advisory reserves the right to make changes to the Services which are necessary to comply with applicable law. Except as provided in these Terms of Business, the Services may only be varied by written agreement.

2. Client’s obligations

2.1. The Client will provide Risk Advisory with clear, timely, complete and consistent instructions (both proactively and on request).

2.2. It is a condition of the Contract that the Client will pay Risk Advisory all sums due on a timely basis and otherwise as provided in these Terms of Business.

3. Fees

3.1. Risk Advisory’s Fees are set out or referred to in the Engagement Letter.

3.2. Unless expressly agreed otherwise in the Engagement Letter, Risk Advisory is entitled to invoice the Client at the end of each month for the Services. In addition, Risk Advisory will be entitled to request one or more payments on account prior to commencing or extending the period of work to cover any actual or anticipated fees or expenses.

3.3. The Client will reimburse Risk Advisory all expenses reasonably and properly incurred in connection with the provision of the Services. Risk Advisory will also be entitled to charge an administrative expense equal to five percent (5%) of the Fees and a charge for use of databases equal to five percent (7.5%) of the Fees (or such other percentage as is agreed in writing).

3.4. All applicable taxes will be added to the Fees and expenses and invoiced accordingly. If the Client is required to deduct or withhold from the amount due to Risk Advisory any sum on account of withholding tax, Risk Advisory reserves the right to require the Client to pay it such additional sum as will ensure that Risk Advisory receives payment in full in respect of its Fees and expenses.

3.5. The Client will pay Risk Advisory the Fees and expenses without any deduction (whether by way of set-off, counterclaim, discount or otherwise) within thirty (30) days of the date of Risk Advisory’s invoice.

3.6. Fees will be payable in the currency quoted by Risk Advisory. Where the Client requests a different currency for payment, Risk Advisory reserves the right to charge the Client for any charges or losses which Risk Advisory may incur on foreign currency fees, disbursements and expenses as a result of fluctuations in exchange rates between the date of the Contract and the date of actual payment of the invoice.

3.7. The Client acknowledges and agrees that the timely payment of invoices is a condition of the Contract. If any amount owed by the Client to Risk Advisory remains outstanding for more than thirty (30) days after the date of the relevant invoice, then until all outstanding amounts have been paid (whether or not overdue), Risk Advisory reserves the right to cease providing the Services with immediate effect and to retain all draft or completed Deliverables until all outstanding sums have been paid in full.

4. Intellectual Property

4.1. The Client IP belongs to and remains the property of the Client but Risk Advisory is entitled, during the term of the Contract, to use the Client IP to the extent necessary for, and in connection with, the performance of the Services.

4.2. The Risk Advisory IP belongs to and remains the property of Risk Advisory, but the Client is entitled to use the Risk Advisory IP that was created or provided in connection with the Engagement by way of a non-exclusive, worldwide, non-transferable licence, subject to payment in full of all sums payable under the Contract.

4.3. Each party warrants that it, or any person making disclosure of information on its behalf, has the right to supply all the information being supplied to the other party and that the supply of such information, and its receipt and use by such other party, will not infringe any rights, including any intellectual property rights, held by any third party or result in a breach by the disclosing party (or any person making disclosure on its behalf) of any law, regulatory obligation or fiduciary duty owed to any third party.

5. Compliance with laws

Data Protection

5.1. Each party warrants that any personal data that is provided to the other party, or which it requests the other party to process, for the purposes of the provision of the Services has been collected and is being disclosed in accordance with the provisions of any applicable Data Protection Laws.

5.2. Each party undertakes that any personal data provided to it by the other party will be processed in a manner consistent with such receiving party’s obligations under applicable Data Protection Laws and that the receiving party will treat such personal data in a manner consistent with the principles set out in such applicable Data Protection Laws.

5.3. The Parties agree that Risk Advisory will be an independent controller with respect to any personal data that it processes in connection with the provision of the Services. Anti-Bribery and Anti-Corruption

5.4. Risk Advisory confirms that:

5.4.1. it will not (and will ensure that its directors and employees will not) commit any offence under the Foreign Corrupt Practices Act of 1977 or the Bribery Act 2010, or equivalent legislation in any country in which it conducts business; and

5.4.2. it has, and will maintain in place throughout the term of the Contract, appropriate policies, procedures and training that constitute adequate procedures designed to prevent acts of bribery as envisaged under the Bribery Act 2010.

6. Client liability

6.1. The Client will be liable to Risk Advisory and each member of Risk Advisory’s Group for all harm, losses, costs, and expenses any of them may suffer or incur in connection with (including, without limitation, taking advice on, responding to, defending, contesting or settling) any investigation, action, claim or proceeding notified, threatened or brought by a third party arising from or in any way connected with the Engagement (including its subject matter) (each a “Third Party Claim”).

6.2. In the event of any Third Party Claim which may reasonably be considered likely to give rise to a liability on the part of the Client under clause 6.1, Risk Advisory will:

6.2.1. give the Client prompt written notice of the Third Party Claim (specifying relevant details);

6.2.2. not take any material decisions relating to the defence of, nor (without the prior written consent of the Client, such consent not to be unreasonably withheld or delayed) make any admission of liability, agreement or compromise in relation to, the Third Party Claim;

6.2.3. to allow the Client (if the Client so requests) control of the defence of the Third Party Claim; and

6.2.4. to provide at the Client’s expense any assistance reasonably requested by the Client with respect to the defence of such Third Party Claim, including reasonable access to information within Risk Advisory’s control for the purposes of allowing the Client to assess, defend and/or settle the Third Party Claim.

6.3. Without limiting the scope of clause 6.1, the Client will be liable to Risk Advisory for all harm, losses, costs, and/or expenses it may suffer or incur (including reasonable legal costs and internal management time costs):

6.3.1. associated with the enforcement of this clause 6;

6.3.2. as a result of or consequential on the Client’s, or any of its Affiliates’, misuse or disclosure of any Deliverables; or

6.3.3. in complying with any legal, professional, or regulatory disclosure requirement relating to the Services or which relates in any way to the Client (including, without limitation, in connection with any notice, request, demand or order pursuant to section 2 of the Criminal Justice Act 1987, section 1782 of Title 28 of the US Code);

6.3.4. in responding to any subject access request made pursuant to article 15 of GDPR or UK GDPR;

6.3.5. in connection with any allegation that statements provided by Risk Advisory in any Deliverable are defamatory (including any actual or threatened claim, prosecution or investigation);

6.3.6. in connection with any order for disclosure in connection with third party legal proceedings (commonly known as a Norwich Pharmacal order).

6.4. The provisions of clause 6.1 and clause 6.3 do not apply to the extent the harm, losses, costs, and/or expenses are caused by a breach by Risk Advisory of its obligations under the Contract, its wilful default or fraud, or its breach of applicable law.

7. Limitation of Liability

7.1. Nothing in the Contract limits or excludes Risk Advisory’s liability for any matter in respect of which it cannot lawfully limit or exclude its liability, for death or personal injury caused by its negligence, or for any fraud or fraudulent misrepresentation of Risk Advisory. The remaining provisions of this clause 7 (and all other provisions of the Contract) are subject to this clause 7.1.

7.2. Risk Advisory’s entire liability for all amounts payable pursuant to or in connection with the Contract including all losses suffered by the Client or any member of the Client’s Group arising out of or in connection with the provision of the Services and/or pursuant to the Engagement (including any liability for the acts or omissions of its directors, officers, employees, agents and contractors), is limited to 100% of the fees paid by the Client to Risk Advisory.

7.3. Risk Advisory has no liability for:

7.3.1. loss of profit;
7.3.2. loss of revenue;
7.3.3. loss of anticipated savings;
7.3.4. loss of business or sales;
7.3.5. loss of opportunity;
7.3.6. loss of or damage to goodwill;
7.3.7. loss of and/or corruption of data;
7.3.8. damage to property;
7.3.9. punitive or exemplary damages of any kind;
7.3.10. any indirect or consequential loss; and/or
7.3.11. any losses or costs of the Client or any member of the Client Group to the extent (i) they are caused by a Client Default or (ii) the performance of any of Risk Advisory’s obligations under the Contract or its provision of any Services or Deliverables is prevented or delayed by a Client Default.

8. Term, Suspension and Termination

8.1. The Contract is effective on and from the Commencement Date (as stated in the Engagement Letter or, if no such date is stated, the earlier of (i) the date on which we commenced providing Services and (ii) the date of the Engagement Letter).

8.2. Unless terminated earlier pursuant to this clause 8, the Contract will continue until the End Date or, if later (and at the Client’s request or with its agreement), until the provision of the Services has been completed. If, at the Client’s request or with its agreement, Risk Advisory provides any Services and/or Deliverables after the End Date, the terms of the Contract will apply in relation to those Services and/or Deliverables (unless the parties have expressly entered into a replacement agreement for such services and/or deliverables).

8.3. Either party may terminate the Contract at any time upon thirty (30) days’ written notice to the other.

8.4. Either party may terminate the Contract with immediate effect upon written notice to the other:

8.4.1. if the other party breaches a material term of the Contract (including, for the avoidance of doubt, terms relating to confidentiality and payment of invoices);

8.4.2. if the other party repeatedly breaches the Contract and, in the case of a breach that is capable of remedy, fails to remedy the same within fifteen (15) days after receipt of a written notice by the non-breaching party giving reasonable information regarding the nature and effect of the breach and requiring it to be remedied;

8.4.3. if the other party becomes, or the terminating party reasonably believes the other party is about to become, insolvent or unable to pay its debts as they fall due or goes into liquidation either voluntarily or as required by law; and/or

8.4.4. under the circumstances described in clause 10.2 (force majeure).

8.5. If at any time during the course of the engagement Risk Advisory considers that its provision of the Services or continuation of the Engagement would be reasonably likely to contravene applicable sanctions or place Risk Advisory (or any of its directors, officers or staff) at risk of penalty or censure in connection with an applicable sanctions regime, Risk Advisory shall be entitled to terminate the Contract with immediate effect upon written notice to the Client.

8.6. At its option, in any of the circumstances envisaged under Clause 8.4 or 8.5, Risk Advisory may instead suspend the Services and withhold any Deliverables. This right shall be without
prejudice to Risk Advisory’s right under Clause 8.4 or 8.5 to terminate the Contract, including to terminate the Contract during or after any period of suspension pursuant to this Clause 8.6.

8.7. On termination of the Contract for any reason:

8.7.1. the Client will immediately become liable to pay all of Risk Advisory’s outstanding unpaid invoices;

8.7.2. Risk Advisory is entitled to submit one or more invoices in respect of all Services supplied or partially supplied, and costs incurred, but for which no invoice has been submitted and such invoice(s) will be payable in accordance with clause 8.7.1; and

8.7.3. the accrued rights and liabilities of the parties as at termination will not be affected, and any provision of the Contract relating to or necessary to enable the enforcement of such rights and discharge of such liabilities will survive termination, as will the provisions of clause 6 (Client Liability), clause 7 (Limitation of Liability), clause 9 (Confidentiality and Publicity), and any other provisions necessary to give effect to
the Contract.

9. Confidentiality and Publicity

9.1. For avoidance of doubt, Deliverables will be treated confidentially, but the confidentiality and disclosure of Deliverables will be governed by clause 9.2.

9.2. Disclosure of Deliverables to third parties will be subject to Risk Advisory’s prior written consent (not to be unreasonably withheld or delayed) and conditional on such third parties signing a non-reliance and confidentiality agreement with Risk Advisory.

9.3. A Receiving Party will not disclose the Disclosing Party’s Confidential Information to any third party without the prior written consent of the Disclosing Party, except in connection with its performance under the Contract or pursuant to clause 9.5, and will protect the Disclosing Party’s Confidential Information against unauthorised use or disclosure using at least those measures that it takes to protect its own Confidential Information of a similar nature, but no less than reasonable care. Notwithstanding the foregoing, disclosure of Confidential Information is permitted on a need to know basis to the directors, officers, employees, contractors, professional advisers and insurers of the Client’s Group or, as the case may be, Risk Advisory’s Group, provided that each such person is made aware of the confidential and proprietary nature thereof and agrees to abide by confidentiality obligations no less onerous than those contained in the Contract.

9.4. The parties agree that Confidential Information does not include information which:

9.4.1. was available to the Receiving Party on a non-confidential basis at the time of or prior to the receipt of the information by it;

9.4.2. is or becomes publicly available on a non-confidential basis through no fault of the Receiving Party;

9.4.3. is received in good faith by the Receiving Party from a third party, provided that such third party is not bound by a confidentiality agreement with the Disclosing Party or otherwise legally prohibited from transmitting the information; and/or

9.4.4. has been developed independently by the Receiving Party without reference to the Disclosing Party’s Confidential Information.

9.5. In the event the Receiving Party receives an order to disclose any Confidential Information by a court of competent jurisdiction, a recognised stock exchange, governmental department or agency or other regulatory body to which it is subject, it will promptly notify the Disclosing Party in writing and use reasonable good faith efforts to: (a) disclose only the specific Confidential Information legally required to be disclosed; and (b) assist the Disclosing Party (at the Disclosing Party’s request) in obtaining a protective order or other appropriate assurances that the confidential nature of the Confidential Information will be protected and preserved. The Client agrees to reimburse any costs (including reasonable legal costs) Risk Advisory may incur in complying with this clause 9.5.

9.6. Client consents to Risk Advisory providing data to affiliated third parties including financial services providers for audit purposes. These third parties will be subject to appropriate data protection obligations and will only use information as provided for in the Contract.

10. General

Definitions and interpretation

10.1. Capitalised terms and expressions used in these terms of business have the meanings given to them below or, if not defined below, in the engagement letter (the “Engagement Letter”) that accompanies them.

“Affiliate” means, in relation to a party each member of its Group and its owners (being any person who, directly or indirectly, exercises control over the party.

“Client Default” means any act or omission by the Client including, but not limited to, any failure by the Client to comply with its obligations under clause 2.

“Client IP” means all intellectual property rights of whatsoever nature that are the property of, or are licensed to, the Client and includes any derivatives, improvements, enhancements or extensions thereto developed during the course of the provision of the Services.

“control” means the direct or indirect legal or beneficial ownership of more than 50% of the voting shares in an entity or the ability though contractual or other means to determine or materially influence the composition of the board of directors of an entity (or, in each case, the nearest equivalent in respect of a person (such as an LLP) that is not a corporate entity).

“Confidential Information” means, with respect to either party, any proprietary or confidential information or data concerning the business, technology, products or affairs of such party furnished or made available by it (the “Disclosing Party”) to the other party (the “Receiving Party”) in connection with the Contract but does not include Deliverables.

“Data Protection Laws” means the UK and EU Data Protection Laws and the laws of other states and territories that create and regulate substantially similar concepts and legal principles as are contained in the UK and EU Data Protection Laws in relation to the processing of personal data.

Force Majeure means any event, matter or circumstances beyond the reasonable control of the affected party, which such party could not reasonably have anticipated and which it could not also, with reasonable commercial efforts, have avoided or substantially mitigated the effects of, and which wholly or partially prevents the performance by that party of its obligations under the Contract.

“Group” means, in relation to a person, each company that is controlled by it or is under common control with it.

“personal data”, “consent”, “controller”, “processor” and “processing” mean those concepts, roles and activities as defined in UK and EU Data Protection Laws or, where relevant, equivalent concepts, roles and activities as described in other Data Protection Laws.

“Risk Advisory” means The Risk Advisory Group Limited and (where applicable) includes any member of its Group that provides services pursuant to the Engagement Letter.

“Risk Advisory IP” means all intellectual property rights of whatsoever nature (including, for the avoidance of doubt, the copyright in its Deliverables) that are the property of, or are licensed to, Risk Advisory and includes any derivatives, improvements, enhancements or extensions thereto developed during the course of the provision of the Services.

“UK and EU Data Protection Laws” means the European Union General Data Protection Regulation 2016/679 (“GDPR”) , the GDPR as incorporated into UK legislation (“UK GDPR”), the Data Protection Act 2018, the Data (Use and Access) Act 2025, and any legislation in force in EU member states from time to time which implements GDPR.

Force majeure

10.2. Neither party will be liable to the other for any loss or any failure or delay to perform any obligation under the Contract which is due to Force Majeure. Should the Force Majeure continue for more than thirty (30) days, either party may terminate the Contract in accordance with clause 8 (Term and Termination). Amendment

10.3. No amendment to the Contract will be effective unless agreed in writing and signed by a duly authorised representative of each party. Waiver

10.4. All waivers will be in writing. Any failure or delay by a party to exercise a right or remedy under the Contract or available at law does not constitute a waiver of the right or remedy or a waiver of any other rights or remedies available to such party.

Assignment

10.5. The Contract may not be assigned in whole or in part by either party without the prior written consent of the other party.

Counterparts

10.6. The Contract may be executed in counterparts, each of which will constitute an original, but which taken together will constitute one and the same agreement.
Third party rights

10.7. Other than as may be expressly provided in the Contract, the parties do not intend that any person who is not a party to the Contract will have any rights under the Contracts (Rights of Third Parties) Act 1999 or otherwise to enforce any term hereof.

10.8. Each member of Risk Advisory’s Group may enforce any term of this Contract to the extent that it suffers loss or harm as a result of the Client’s breach of any provision of the Contract.

10.9. The parties are free to amend the Contract without the consent of any third party.

No partnership or agency

10.10. Nothing in the Contract is intended to or will operate to create a partnership or joint venture of any kind between Risk Advisory and the Client or to authorise either Risk Advisory or the Client to act as agent for the other, and neither Risk Advisory nor the Client will have authority to act in the name or on behalf of or otherwise to bind the other in any way (including, but not limited to, the making of any representation or warranty, the assumption of any obligation or liability and the exercise of any right or power).

Severance

10.11. If any provision of the Contract is found by any court or administrative body of competent jurisdiction to be invalid or unenforceable, such invalidity or unenforceability will not affect the other provisions of the Contract which will remain in full force and effect.

10.12. If any provision of the Contract is so found to be invalid or unenforceable but would be valid or enforceable if some part of the provision were deleted, the provision in question will apply with such modification(s) as may be necessary to make it valid.

Entire agreement

10.13. These Terms and Conditions, together with the Engagement Letter, set out the entire agreement and understanding of the parties and supersede and override all prior oral and written agreements, negotiations, understandings or arrangements (whether oral or written) between the parties relating to the subject matter of the Engagement Letter and, unless otherwise agreed, any extension thereof. In the event of any inconsistency between the terms of the Engagement Letter and these Terms and Conditions, these Terms and

Conditions will prevail.

10.14. Each party agrees that, in entering into the Contract it does not rely on, and it will have no remedies in respect of, any statement, representation, assurance or warranty (whether made innocently or negligently) that is not set out in the Contract. Each party agrees that it will have no claim for innocent or negligent misrepresentation or negligent misstatement based on any statement in the Contract.

Governing law and jurisdiction

10.15. The Contract is governed by and construed in accordance with the laws of England and Wales.

10.16. Any dispute or claim, including in relation to non-contractual matters, arising under or in connection with the Contract will be submitted to the non-exclusive jurisdiction of the English courts.

Cookie	Duration	Description
__cf_bm	1 hour	This cookie, set by Cloudflare, is used to support Cloudflare Bot Management.
_cfuvid	session	Calendly sets this cookie to track users across sessions to optimize user experience by maintaining session consistency and providing personalized services
cookielawinfo-checkbox-advertisement	1 year	Set by the GDPR Cookie Consent plugin, this cookie records the user consent for the cookies in the "Advertisement" category.
cookielawinfo-checkbox-analytics	1 year	Set by the GDPR Cookie Consent plugin, this cookie records the user consent for the cookies in the "Analytics" category.
cookielawinfo-checkbox-functional	1 year	The GDPR Cookie Consent plugin sets the cookie to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	1 year	Set by the GDPR Cookie Consent plugin, this cookie records the user consent for the cookies in the "Necessary" category.
cookielawinfo-checkbox-other	1 year	CookieYes sets this cookie to store the user consent for the cookies in the category "Other".
cookielawinfo-checkbox-others	1 year	Set by the GDPR Cookie Consent plugin, this cookie stores user consent for cookies in the category "Others".
cookielawinfo-checkbox-performance	1 year	Set by the GDPR Cookie Consent plugin, this cookie stores the user consent for cookies in the category "Performance".
CookieLawInfoConsent	1 year	CookieYes sets this cookie to record the default button state of the corresponding category and the status of CCPA. It works only in coordination with the primary cookie.
li_gc	6 months	Linkedin set this cookie for storing visitor's consent regarding using cookies for non-essential purposes.
viewed_cookie_policy	1 year	The GDPR Cookie Consent plugin sets the cookie to store whether or not the user has consented to use cookies. It does not store any personal data.

Cookie	Duration	Description
_gcl_au	3 months	Google Tag Manager sets this cookie to experiment advertisement efficiency of websites using their services.
bcookie	1 year	LinkedIn sets this cookie from LinkedIn share buttons and ad tags to recognize browser IDs.
iutk	6 months	Issuu sets this cookie to recognise the user's device and what Issuu documents have been read.
mc	1 year 1 month	Quantserve sets the mc cookie to track user behaviour on the website anonymously.
test_cookie	15 minutes	doubleclick.net sets this cookie to determine if the user's browser supports cookies.
visitor_id*	1 year 1 month 4 days	Pardot sets this cookie to store a unique user ID.
visitor_id*-hash	1 year 1 month 4 days	Pardot sets this cookie to store a unique user ID.

Cookie	Duration	Description
_ga	1 year 1 month 4 days	Google Analytics sets this cookie to calculate visitor, session and campaign data and track site usage for the site's analytics report. The cookie stores information anonymously and assigns a randomly generated number to recognise unique visitors.
_ga_*	1 year 1 month 4 days	Google Analytics sets this cookie to store and count page views.
pardot	past	The pardot cookie is set while the visitor is logged in as a Pardot user. The cookie indicates an active session and is not used for tracking.

Cookie	Duration	Description
libsyn-paywall-s	1 day	Description is currently not available.
lpv135291	1 hour	Description is currently not available.
pi_opt_in135291	7 days	Description is currently not available.

Search Risk Advisory

What we do

Terms of Business

1. Risk Advisory’s obligations

2. Client’s obligations

3. Fees

4. Intellectual Property

5. Compliance with laws

Data Protection

6. Client liability

7. Limitation of Liability

8. Term, Suspension and Termination

9. Confidentiality and Publicity

10. General

Force majeure

Assignment

Counterparts

No partnership or agency

Severance

Entire agreement

Conditions will prevail.

Governing law and jurisdiction

Opportunities without compromise

Terms of Business

1. Risk Advisory’s obligations

2. Client’s obligations

3. Fees

4. Intellectual Property

5. Compliance with laws

Data Protection

6. Client liability

7. Limitation of Liability

8. Term, Suspension and Termination

9. Confidentiality and Publicity

10. General

Force majeure

Assignment

Counterparts

No partnership or agency

Severance

Entire agreement

Conditions will prevail.

Governing law and jurisdiction