Schedule A · Institutional Tier

1.1 Subscriber details.

1.2 Term.

1.3 Pricing.

1.4 Seat allocation. The Subscriber is allocated a minimum of twenty-five (25) named user seats during the Term, with the actual seat count specified at [SEAT COUNT, ≥ 25] in the Order Form. Additional seats above this allocation may be purchased at £[per-seat rate] per seat per month, billed pro rata to the next billing cycle. Removed seats remain billable to the end of the current billing cycle.

1.5 Tool-run allowance. The Subscriber receives unlimited use of the platform tools (NSI Act Triage, KYC/KYB Assessment, Compliance Gap Analysis, AML Scoring, PIPL Pathway, and any successor tools) during the Term, subject to a fair-use ceiling of [FAIR-USE CEILING, default 1,000 runs / month / Subscription]. KILC will give the Subscriber not less than fourteen (14) days' written notice before applying any fair-use throttle and will work in good faith to agree commercial terms for sustained higher-volume usage.

1.6 Fee terminology. References in this Schedule A to "Annual Fee" or "Annual Fees" are to the 12-month aggregate of the Subscriber's Subscription Fees, as defined in clause 1.1 of the Master Agreement, charged under the billing cycle specified at clause 1.3 of this Schedule. The terms "Annual Fees" and "Subscription Fees" are therefore equivalent for the Institutional-tier relationship and may be used interchangeably in this Schedule.

2.1 Branding fields.

2.2 Configuration timing. White-label configuration is delivered as part of Subscriber onboarding under Part 10 and is operational within [10] business days of Subscriber providing all branding assets.

2.3 Subscriber-supplied content warranty. The Subscriber represents that all branding assets supplied to KILC for white-label configuration (logos, marks, names, typefaces) are the Subscriber's own intellectual property or are licensed to the Subscriber for use in this manner. The Subscriber indemnifies KILC against any third-party claim that KILC's use of those assets, in the manner directed by the Subscriber, infringes a third-party right.

2.4 Co-branding direction. The Subscriber may direct that XOS-derived deliverables addressed to the Subscriber's end-clients be issued under the Subscriber's brand alone, the Subscriber's brand with a "powered by KILC" mark, or co-branded equally. The default is Subscriber's brand alone with KILC unattributed, save for back-office references and audit trail.

3.1 Single sign-on (SSO). KILC delivers SSO via SAML 2.0 or OpenID Connect (OIDC) on engagement. Tick the SSO route required:

• ☐ SAML 2.0 — IdP provided by Subscriber (Okta / Azure AD / Google Workspace / Ping / other)
• ☐ OIDC — IdP provided by Subscriber
• ☐ Not required (XOS-managed user accounts only)

3.2 API access. KILC provides metered API access for matter-management integration. Rate limits and authentication scheme:

3.3 Matter-management integration. Tick integrations required:

• ☐ Clio — bidirectional matter sync
• ☐ LEAP — bidirectional matter sync
• ☐ PracticePanther — bidirectional matter sync
• ☐ iManage — document repository link
• ☐ NetDocuments — document repository link
• ☐ Other — [specify]
• ☐ None required

Integration scope, field mapping, and conflict-resolution rules are agreed during onboarding (Part 10).

3.4 Audit-log export. Tick the export channel(s) required for the Subscriber's SIEM or compliance retention system:

• ☐ Daily JSON / CSV file drop to SFTP endpoint provided by Subscriber
• ☐ Real-time push to syslog / HTTP collector
• ☐ Splunk / Elastic / Datadog / Sumo connector
• ☐ S3 / Azure Blob / GCS bucket write (Subscriber-provided IAM credentials)
• ☐ None required (KILC-managed retention only)

4.1 Named AM. KILC assigns a named Dedicated Account Manager (the "AM") to the Subscriber for the duration of the Term. Where the AM is unavailable for any extended period (illness, leave, departure), KILC nominates a named cover AM within 5 UK business days.

4.2 AM responsibilities. The AM is the Subscriber's principal point of operational contact. Responsibilities include:

1. quarterly business review meetings (in-person or video) to surface usage trends, integration health, and upcoming regulatory developments relevant to the Subscriber's portfolio;
2. routing operational support requests internally and tracking SLA-clock items to closure;
3. coordinating bespoke template development (Part 5);
4. onboarding new seats and any sub-entities added under Part 6;
5. monthly written status update covering: SLA performance, open issues, incident reports, upcoming changes.

4.3 AM escalation. Where the AM cannot resolve a matter within the SLA in Part 5, the Subscriber may escalate in writing to KILC's Managing Partner at legal@kilc.co.uk, copying the AM. KILC's Managing Partner shall acknowledge within 1 UK BD and respond substantively within 5 UK BD.

5.1 Uptime SLA. KILC commits to 99.9% uptime measured monthly, calculated as (total minutes in month − unavailability minutes) ÷ total minutes in month. Scheduled maintenance windows announced not less than 7 days in advance and outside UK business hours are excluded.

5.2 Service credits. Where uptime falls below the committed level in any calendar month, the Subscriber is entitled to a service credit against the next monthly fee instalment, calculated as follows:

Service credits are the Subscriber's sole remedy for missed uptime targets. The Subscriber must claim the credit in writing within 30 days of the end of the affected month; unclaimed credits lapse.

5.3 Incident response.

5.4 Quarterly business review. The AM convenes a Quarterly Business Review (QBR) with the Subscriber's nominated stakeholders, covering: SLA performance for the quarter, incident summary, integration roadmap, regulatory developments relevant to the Subscriber, upcoming product changes.

5.5 Status communication. KILC operates a status page at [status.kilc.co.uk] publishing real-time platform status. P1 incidents trigger an email to the AM and the Subscriber's notice contact within the acknowledgement target.

6.1 Bespoke template development. KILC includes [N] hours of bespoke template development per Term-year for the Subscriber. Specification, drafting, and KILC sign-off process for each bespoke template is managed through the AM. Additional hours billable at £[hourly rate] per hour.

6.2 Bespoke language pairs. Beyond the standard EN + 简体中文 (Simplified Chinese), the Subscriber may request additional language pair(s) for specific Templates: [e.g. Traditional Chinese / Cantonese / Japanese / Korean / Bahasa]. Additional languages are quoted separately based on translation volume.

6.3 Multi-entity workspace. Where the Subscriber operates as a group with multiple legal entities, KILC configures a Multi-Entity Workspace allowing:

1. separate sub-workspaces per legal entity, with independent matter trees, document libraries, and audit trails;
2. group-level dashboard surfacing aggregate metrics across the group;
3. configurable workflow rules per practice group (e.g. all NSI mandatory matters must be routed for partner sign-off);
4. cross-entity user assignment with role-based permissions.

List of entities and practice groups in the multi-entity workspace:

[Subscriber to list each entity, its registered office, and its practice group designation. KILC configures sub-workspaces accordingly during onboarding.]

6.4 Notarisation and apostille flow. Where the Subscriber requires that bespoke documents flow through a notarisation or apostille step (for cross-border use), KILC integrates the document-output stage with the Subscriber's preferred notary or apostille service. Service fees and processing times are the Subscriber's responsibility.

7.1 Granular permission model. KILC delivers a role-based access control model with the following standard roles, each scoped to a sub-workspace:

• Read-only — view matter, view documents, no edits
• Author — create / edit matter, draft documents, no sign-off
• Reviewer — author rights + comment / redline on documents
• Approver — author / reviewer rights + sign-off authority on matter outputs
• Workspace admin — full rights within a sub-workspace, including user management
• Group admin — full rights across the entire multi-entity workspace

Bespoke roles or modifications agreed during onboarding (Part 10).

7.2 VPN / IP-restricted access. The Subscriber may request that platform access be restricted to traffic originating from the Subscriber's specified IP allow-list or VPN endpoints. Allow-list management is via the AM. KILC reserves the right to permit emergency access (e.g. AM intervention during incident response) outside the allow-list, logged in the audit trail.

7.3 Session controls. Session timeout (default 60 minutes idle), MFA enforcement (KILC default: required), password complexity requirements (KILC default policy applies unless Subscriber's IdP enforces stricter via SSO).

8.1 Custom report templates. KILC delivers up to [N] custom report templates configured during onboarding to match the Subscriber's existing reporting style. Additional or revised templates billable per Part 6.1 hourly rate.

8.2 Cloud retention. KILC retains the Subscriber's matter outputs and audit logs for 7 years from the date of last activity on a matter, designed to support the record-keeping minimum under MLR 2017 regulation 40. Retention period extendable on request.

8.3 Encrypted offline archive. On Subscriber request, KILC delivers a quarterly encrypted offline archive (AES-256) of the Subscriber's matter outputs and audit logs to a Subscriber-controlled S3, Azure Blob, or SFTP target. Archive format: [ZIP / TAR + manifest CSV].

8.4 Data residency.

9.1 Data Processing Addendum (DPA). KILC's standard DPA applies to the Subscriber's processing of personal data through XOS. The DPA forms part of this Schedule by reference and is published at kilc.co.uk/xos/dpa. Where the Subscriber's institutional risk profile or specific data flows require bespoke DPA terms, KILC and the Subscriber agree such bespoke terms in a written supplement to the DPA before the Schedule A Effective Date.

9.2 Cross-border data transfers. Where the Subscriber transfers personal data to KILC originating from data subjects in the People's Republic of China, the Subscriber and KILC agree the appropriate transfer mechanism (UK IDTA + transfer risk assessment + supplementary measures, or PIPL Standard Contract, or PIPL Certification, or such other mechanism as may be appropriate). Specifics for this engagement:

[Specify the agreed transfer mechanism, supplementary measures, and TRA reference. Reviewable annually.]

9.3 Sub-processor approval. The Subscriber pre-approves the sub-processors listed in KILC's DPA as at the Schedule A Effective Date. Material additions or replacements of sub-processors are notified 30 days in advance; the Subscriber may object on reasonable grounds within that 30-day window, and KILC and the Subscriber will work in good faith to resolve the objection (KILC's options including using an alternative sub-processor or carving the Subscriber out of the affected processing).

10.1 Implementation timeline. KILC delivers the Institutional configuration in stages from the Schedule A Effective Date:

10.2 Subscriber dependencies. The Subscriber commits to provide, on or before the dates indicated in the implementation plan: branding assets (Part 2.1), IdP metadata (Part 3.1), API webhook endpoints (Part 3.2), allow-list IPs (Part 7.2), entity list (Part 6.3), and named user list with role assignments (Part 7.1). Slippage in Subscriber dependencies extends the corresponding KILC milestone by an equivalent period.

10.3 Training. KILC provides up to [N] training sessions during onboarding, plus refresher sessions at no additional cost in months 3 and 6. Additional training billable per Part 6.1 hourly rate.

11.1 Termination for convenience. Either Party may terminate this Schedule A on not less than [6 / 12] months' written notice, expiring no earlier than the end of the Initial Term. The pro-rata refund in clause 8 of the Master Agreement does NOT apply to Institutional-tier annual fees; instead, the Subscriber pays the Annual Fee for the period until termination takes effect.

11.2 Termination for cause. Either Party may terminate this Schedule A immediately by written notice if the other commits a material breach of the Master Agreement or this Schedule and (where remediable) fails to remedy within 30 days of written notice; or becomes insolvent under Master Agreement clause 14.3(c).

11.3 Data exit. On termination of this Schedule A, KILC shall:

1. provide the Subscriber with a full data export in machine-readable form (matter outputs, audit logs, custom templates) within 30 days of termination;
2. retain the Subscriber's data for an additional 90 days after termination to support late export requests, then permanently delete (subject to any longer statutory retention obligation under MLR 2017 or equivalent);
3. provide a written deletion certificate within 7 days of completing deletion;
4. continue to honour the 7-year audit-log retention under Part 8.2 for matters processed during the Term, save where the Subscriber requests immediate deletion;
5. support reasonable transition assistance to a successor system at the AM hourly rate (Part 6.1), capped at [40] hours.

11.4 Survival. Confidentiality (Master Agreement clause 10), Data Protection (Part 9), the deletion certificate (11.3(c)), and the licence wind-down for retained Templates (Master Agreement clause 9.5) survive termination of this Schedule A.

12.1 The liability cap in clause 13.3 of the Master Agreement (£25,000 / 12 months Subscription Fees) is replaced for the Institutional-tier relationship by the following:

12.2 Subject to clauses 13.1 and 13.2 of the Master Agreement, KILC's total liability to the Subscriber under or in connection with the Master Agreement and this Schedule (whether in contract, tort (including negligence), breach of statutory duty or otherwise) shall not exceed the greater of (i) £250,000 or (ii) the total amount of Annual Fees paid by the Subscriber in the 12 months preceding the event giving rise to the claim. The £250,000 figure in (i) is a contractual floor applicable to all Institutional Subscribers; it may be negotiated upward in the Order Form but shall not be reduced below £250,000. Both legs of the cap are calibrated to the Institutional-tier price level.

13.1 This Schedule A is published in two language versions: English and Simplified Chinese. The English version and the Chinese version are intended to have the same meaning. However, in the event of any inconsistency, conflict, ambiguity, omission, or discrepancy of any kind between the English version and the Chinese version — including but not limited to differences in wording, interpretation, scope of obligation, drafting style, choice of legal terminology, or legal effect — the English version shall prevail and shall be conclusive and definitive in all respects. The Chinese version is provided solely for the convenience of the Chinese-reading Subscriber and shall not be construed as a separate, independent, or controlling document, nor shall it be relied upon to vary, qualify, or contradict the English version.

13.2 Each Subscriber represents that, before signing this Schedule A, the Subscriber has had the opportunity to review the English version with qualified legal counsel of its own choosing, and that it has fully understood the meaning, content, and legal effect of the English version.

13.3 In any proceeding to interpret or enforce this Schedule A (whether before the courts of England and Wales under clause 19.2 of the Master Agreement, or any other tribunal), the English version is the only version that may be relied upon as the operative text. Any translation provided in the course of any such proceeding is a translation of the English version and not a substitute for it.

13.4 This Part 13 itself shall be interpreted in accordance with the English version, in the event of any inconsistency between the English and Chinese drafts of this Part 13.

13.5 This Part 13 is in addition to, and reinforces rather than modifies, clause 19.3 of the Master Agreement. Any conflict between the operative texts of clause 19.3 and this Part 13 shall be resolved in favour of whichever wording offers the strongest protection to the prevailing-language principle.