Corrigendum-I

RFP for Supply, Implementation and Maintenance of Aadhaar Data

Vault Solution at DC & DR Ref: IPPB/CO/IT/2020/05/CNS/09

The last date of submission of bids and technical bid opening has been extended as: -

Sr Description Original Date and Extended Date and

No Time Time
1 Last Date of Bid Submission 29-06-2020 03:00 PM 20-07-2020 03:00 PM
2 Technical Bid Opening 30-06-2020 05:00 PM 21-07-2020 05:00 PM

This is for the information of bidders.

Pursuant to Pre-bid meeting for subject RFP held on 12.06.2020, following changes are
being made to the RFP terms and conditions.

Revised Annexure D - Eligibility Criteria

S.
Eligibility Criteria Documents to be Compliance
No. submitted (Yes/No)

1 The bidder has to submit Integrity Pact (IP) Annexure H is to be

signed by authorized signatory as prescribed submitted.
format mentioned in Annexure H on plain
paper in advance(not prior to issuance of
RFP) or at the time of bid submission. Bidder
shall be liable for rejection in case of non-
submission of the same.
The bidder should be a Relevant Documents
2 registered/incorporated company in India as of registration is to be
per Companies Act 1956/2013 and must submitted.
have in existence for the last 5 years.
 The Bidder must have minimum annual Copies of Audited
turnover of Rs.4.00 crore each in last three financial statements
3 financial years (i.e. 2016-17, 2017-18 & for FY2016-17, FY
2018-19) from Indian operations. Audited 2017-18 & FY2018-19
financial statements for FY2016-17, FY2017- years are to be
18 & FY2018-19 are to be submitted. In case submitted.
the audited financials for the year 2018-19
is not available, CA Certificate should be
submitted. This must be the individual
company turnover and not that of any group
of companies.
Bidder should have positive operating Profit Copies of the audited
(as EBITDA i.e. Earnings Before Interest, balance sheet of the
Tax, Depreciation & Amortization) in each company for FY2016-
of the last three financial years, (2016-17, 17, FY2017-18 &
4
2017-18, and 2018-19). In case the audited FY2018-19 years are
financials for the year 2018-19 is not to be submitted.
available, CA Certificate should be
submitted.
The OEM/Bidder should have implemented The bidder has to
5
Aadhar Data Vault Solution with TPS of 500 submit Purchase Order/
and above to any Banks / Insurance Company performance Certificate
/ Government Organizations / Financial of solution
Institutions in India, during last three years
as on date of RFP. The bidder has to submit
Purchase Order and Performance Certificate
of solution
The Bidder should be OEM or Original
Solution Developer (OSD) or their authorized Bidder has to submit
partners or Service Provider (SP) or System authorization letter
Integrator (SI) of OEM/OSD in India with an from the proposed
6
authority to do customization/up-gradation OSD
during the period of contract with the Bank.
Bidder needs to provide Manufacturer
Authorization Form (MAF) from OEM stating
that bidder is authorized partner of OEM and
authorized to participate in this tender and
in case the bidder is not able to perform
obligations as per contract during the
contract period, contracted services will be
provided by OEM. Both OEM/OSD & their
authorized partner cannot participate in the
RFP. In case, both OEM & his authorized
 partner participate, only bid of the OEM/OSD
will be considered.

The Bidder should have not been black listed Self-Declaration on

at any time by the Central / State Company’s letter Head
Governments/ PSUs/PSBs. In case, in the signed by authorized
past, the name of their Company was black person as per the
listed by any of the Govt. Authority or Annexure R is required
PSUs/PSBs, the name of the company or to be submitted.
7
organization must have been removed from
the said list as on date of submission of the
RFP, otherwise it will not be considered.
Self-Declaration on Company’s letter Head
signed by authorized personas as per the
Annexure R is required to be submitted.

Place:

Date:

Authorized Signatory:

Name & Designation & E-mail ID:

Business Address:

Revised Clause 9.8.4

9.8.4. The following documents are to be submitted online at the e-
procurement site https://www.eprocure.gov.in

9.8.4.1. Annexure A - Letter Of Acceptance

9.8.4.2. Annexure B - Bid Form
9.8.4.3. Annexure C - Bidder's Profile Format
9.8.4.4. Annexure D - Eligibility Criteria
9.8.4.5. Annexure D (A) - Compliance To RFP Terms & Conditions
9.8.4.6. Annexure D (B) – Declaration for Compliance
9.8.4.7. Annexure E - Technical Specifications
9.8.4.8. Annexure E (A) – Hardware Specifications
9.8.4.9. Annexure F – Unpriced Indicative Commercial Bid
 9.8.4.10. Annexure G - Reference Site Details
9.8.4.11. Annexure L - Business Rules for Reverse Auction
9.8.4.12. Annexure L (A) - Compliance Statement - Reverse Auction
9.8.4.13. Annexure M - Confidentiality / Non-Disclosure Agreement
9.8.4.14. Annexure O - Undertaking By Bidder
9.8.4.15. Annexure P - Undertaking of information security (to be
submitted by both Bidder and OSD)

9.8.4.16. Annexure R – Know Your Employee (KYE)

9.8.4.17. Photocopies of relevant documents / certificates as proof
in support of various information submitted online in
aforesaid annexure and other claims made by the bidder.

9.8.4.18. Detailed Architecture of the proposed solution with various

features/functions of the system/sub-system including fail-
over methodology/strategy at both Primary & DR Site.

9.8.4.19. Documents and brochures pertaining to product that will be

deployed in the proposed solution.

9.8.4.20. Signed & Sealed copy of all the pages of RFP along with
corrigendum if any, is to be submitted along with the
technical bid.

Revised Clause 6.30 (Broad Scope of Work)

6.30 The vendor will provide services for implementation / rolling-out /support /
maintenance of proposed solution (including hardware) for a minimum period of
5 years (3 years warranty + 2 years AMC) from Go Live date with option of
further extension of contract for another 2 years at the same rate, provided
services of the bidder is satisfactory and at Bank’s sole discretion. Bank reserves
right to cancel the contract at any time in case system fails to meet any of the
requirements as mentioned in the RFP.
Revised Clause 11.1 and 11.11(Onsite development, support
& maintenance Resource)
11.1. The bidder has to provide onsite technical resource as desired by bank
for a period of five years after implementation of Aadhaar Data Vault
solution, without any extra cost to the Bank. Bank reserves the right to
engage one or more number of additional onsite technical resources as
per Bank’s requirement at the cost discovered and purchase order will be
issued based on the requirement of the Bank.

11.11. Bidder shall provide One L1 Onsite Technical Resource support from 7:00
Am till 11:00 Pm (One each at Corporate office and Data center premises)
and One L2 Onsite technical resource support from 10:00 AM to 6:00 PM at
Bank’s Corporate Office site on 7 Days a week working basis, without any
extra cost to the Bank. However, in case of business requirements, vendor
may be asked to depute the resources beyond the above stipulated time.
During the implementation phase, testing, planned activity and emergency
period, resources may have to work 24x7 depending upon the Bank
requirement. Payment will be released monthly basis in arrears against
invoice raised and after verification with attendance register maintained
in Bank for every additional Onsite Technical Support, if availed.

Revised Clause 23.6(Payment Terms)

23.6. Payment to additional onsite resources will be released monthly in
arrears whenever deployed by bank as per requirement of bank.
Revised Annexure F – Unpriced Indicative Commercial Bid
Total Cost in Rs. Submitte
SL. Quantity d
Items Unit Cost (A) (Exclusive of
(B) (Yes/No)
No. Taxes) C = A x B

1 Hardware* NA NA NA

i Server at DC XX XX XX

ii Storage at DC XX XX XX

iii Server at DR XX XX XX

iv Storage at DR XX XX XX

V HSM at DC XX XX XX

vi HSM at DR XX XX XX

vii Server for UAT XX XX XX

viii HSM for UAT XX XX XX

Any other hardware

ix XX XX XX
to be provided(
item-wise cost to be
provided)

Total Hardware Cost (sum of (i) to XX

(ix))
2 Software NA NA NA

I Perpetual License Cost XX XX XX

Ii Any other software
required (OS etc, XX XX XX
item-wise cost to be
provided)

Total Software Cost (i+ii) XX

3 AMC of Hardware
per year (Between
8-10% of hardware XX 2 years XX
cost)

4 ATS of Software per

year
XX 4 years XX
 (Between 16-22% of
software cost)

5 Additional Onsite NA NA NA
technical support cost
for resources per
month, if availed
5.01 L1 resource cost / XX 60 XX
month months

5.02 L2 resource cost XX 60 XX

/month months

6 Customization Cost
(man days charge) XX 500 days XX

Total Cost of Ownership (TCO) in Rs. (1+2+3+4+5+6) XX

* Hardware should be quoted for High Availability at DC. Quantity is to be specified

by the bidder wherever left blank.

Note:

1. The Commercial Offer should be given in the above format only.

2. There should be no conditions mentioned in the Commercial Offers.
3. Commercial offers with conditions will be rejected.
4. Bidder need to provide the detail configuration and purpose of proposed
hardware.
5. Bidder need to size the hardware to handle the load mentioned in the RFP
document. In case of any performance issue due to hardware sizing during
the contract period, bidder need to upgrade the hardware without any
cost to bank.
6. TCO is for five years including one year warranty, four years ATS for post
warranty and after go-live for software solution and three years warranty,
2 years AMC for post warranty for hardware/Server.
7. The price quoted should be inclusive of Cost of deliverables, Enterprise
License, installation, customization, configuration, maintenance and
support of Solution for Implementation of Aadhaar Data Vault solution as
per Bank’s requirement.
 8. The ATS charges per annum should be between 16 to 22% of the cost of
software components and AMC charges per annum should be between 8
to 10% of the cost of hardware components.
9. Bank will not pay any Labour charges for transportation, Road Permit,
installation of Software separately. All such costs, if any, should be
absorbed in the TCO.
10. The TCO should be exclusive of GST (CGST, SGST & IGST). Applicable
taxes, if any, shall be payable by the Bank at actual on date of invoicing.
11. Bidder has to show the bifurcation/details of applicable GST
(CGST/SGST/IGST) in every invoice.
12. If the cost for any line item is indicated as zero then it will be assumed
by the Bank that the said item is provided to the Bank without any cost.
13. In case of any discrepancy in calculation, price quoted in words will be
considered for computation of TCO.

Place:

Date:

Authorized Signatory:

Name & Designation & E-mail ID:

Business Address:
Revised Annexure F (A) - Indicative Commercial Bid
Total Cost in Rs.
SL. Quantit
Items Unit (Exclusive of
y (B)
No. Cost (A) Taxes) C = A x B

1 Hardware* NA NA NA

I Server at DC

Ii Storage at DC

Iii Server at DR

Iv Storage at DR

V HSM at DC

Vi HSM at DR

vii Server for UAT

viii HSM for UAT

Any other hardware to

Ix
be provided

Total Hardware Cost (sum of (i) to

(ix))
2 Software NA NA NA
I Perpetual License Cost

Ii Any other software

required (OS etc.,
item-wise cost to be
provided)

Total Software Cost (i+ii)

3 AMC of Hardware per
year (Between 8-10%
2 years
of
hardware cost)
4 ATS of Software per year
(Between 16-22% of 4 years
software cost)
 5 Additional Onsite NA NA NA
technical support cost
for resources per
month, if availed
5.01 L1 resource cost / month 60 Months

5.02 L2 resource cost /month 60 Months

6 Customization Cost -
500 days
(man days charge).

Total Cost of Ownership (TCO) in Rs.

(1+2+3+4+5+6)

* Hardware should be quoted for High Availability at DC. Quantity is to be specified

by the bidder wherever left blank.

Note:

1. The Commercial Offer should be given in the above format only.

2. There should be no conditions mentioned in the Commercial Offers.
3. Commercial offers with conditions will be rejected.
4. Bidder need to provide the detail configuration and purpose of proposed
hardware.
5. Bidder need to size the hardware to handle the load mentioned in the RFP
document. In case of any performance issue due to hardware sizing during
the contract period, bidder need to upgrade the hardware without any
cost to bank.

6. TCO is for five years including one year warranty, four years ATS for post
warranty and after go-live for software solution and three years warranty,
2 years AMC for post warranty for hardware/Server.
7. The price quoted should be inclusive of Cost of deliverables, Enterprise
License, installation, customization, configuration, maintenance and
support of Solution for Implementation of Aadhaar Data Vault solution as
per Bank’s requirement.
 8. The ATS charges per annum should be between 16 to 22% of the cost of
software components and AMC charges per annum should be between 8
to 10% of the cost of hardware components.
9. Bank will not pay any Labour charges for transportation, Road Permit,
installation of Software separately. All such costs, if any, should be
absorbed in the TCO.
10. The TCO should be exclusive of GST (CGST, SGST & IGST). Applicable
taxes, if any, shall be payable by the Bank at actual on date of invoicing.
11. Bidder has to show the bifurcation/details of applicable GST
(CGST/SGST/IGST) in every invoice.
12. If the cost for any line item is indicated as zero then it will be assumed
by the Bank that the said item is provided to the Bank without any cost.
13. In case of any discrepancy in calculation, price quoted in words will be
considered for computation of TCO.

Place:

Date:

Authorized Signatory:

Name & Designation & E-mail ID:

Business Address:
 Revised BoQ
Name of the
Bidder/
Bidding Firm
/ Company :

PRICE SCHEDULE

(This BOQ template must not be modified/replaced by the bidder and the same should be uploaded after filling the relevent columns, else the
bidder is liable to be rejected for this tender. Bidders are allowed to enter the Bidder Name and Values only ) Hardware should be quoted for
High Availability at DC. Quantity is to be specified by the bidder wherever left blank.

Note:

1. The Commercial Offer should be given in the above format only.

2. There should be no conditions mentioned in the Commercial Offers.
3. Commercial offers with conditions will be rejected.
4. Bidder need to provide the detail configuration and purpose of proposed hardware.
5. Bidder need to size the hardware to handle the load mentioned in the RFP document. In case of any performance issue due to hardware
sizing during the contract period, bidder need to upgrade the hardware without any cost to bank.
6. TCO is for five years including one year warranty, four years ATS for post warranty and after go-live for software solution and three years
warranty, 2 years AMC for post warranty for hardware/Server.
7. The price quoted should be inclusive of Cost of deliverables, Enterprise License, installation, customization, configuration, maintenance
and support of Solution for Implementation of Aadhaar Data Vault solution as per Bank’s requirement.
8. The ATS charges per annum should be between 16 to 22% of the cost of software components and AMC charges per annum should be
between 8 to 10% of the cost of hardware components.
9. Bank will not pay any Labour charges for transportation, Road Permit, installation of Software separately. All such costs, if any, should be
absorbed in the TCO.
10. The TCO should be exclusive of GST (CGST, SGST & IGST). Applicable taxes, if any, shall be payable by the Bank at actual on date of
invoicing.
11. Bidder has to show the bifurcation/details of applicable GST (CGST/SGST/IGST) in every invoice.
12. If the cost for any line item is indicated as zero then it will be assumed by the Bank that the said item is provided to the Bank without any
cost.
13. In case of any discrepancy in calculation, price quoted in words will be considered for computation of TCO.
NUMBER # TEXT # TEXT # TEXT # NUMBER # NUMB TEXT NUMBER # NUMBER # TEXT #
ER

Sl. Item Description Item Quoted BASIC No. of Unit TOTAL TOTAL TOTAL
No. Code / Currency RATE In Quanti AMOUNT AMOUNT With AMOUNT
Make in INR / Figures ty Without Taxes Taxes In Words
Other To be Quote
Currency entered d
by the
Bidder

1 2 3 12 13 17 18 53 54 55

1 HARDWARE

INR Zero
1.01 SERVER at DC item1 INR 0.00 0.00
Only

INR Zero
1.02 STORAGE at DC item2 INR 0.00 0.00
Only

INR Zero
1.03 SERVER at DR item3 INR 0.00 0.00
Only

INR Zero
1.04 STORAGE at DR item4 INR 0.00 0.00
Only

INR Zero
1.05 HSM at DC item5 INR 0.00 0.00
Only

INR Zero
1.06 HSM at DR item6 INR 0.00 0.00
Only

INR Zero
1.07 SERVER for UAT item7 INR 0.00 0.00
Only
 INR Zero
1.08 HSM for UAT item8 INR 0.00 0.00
Only

Any other Hardware to INR Zero

1.09 item9 INR 0.00 0.00
be Provided Only

2 SOFTWARE

Perpetual Liscense INR Zero

2.01 item10 INR 0.00 0.00
Cost Only

Any other Software

required (OS, etc, INR Zero
2.02 item11 INR 0.00 0.00
item wise cost to be Only
provided)

AMC for HARDWARE per

INR Zero
3 YEAR (Between 8-10% of item12 INR 2.00 YEARS 0.00 0.00
Only
Hardware cost)

ATS of SOFTWARE per

INR Zero
4 YEAR (Between 16-22% item13 INR 4.00 YEARS 0.00 0.00
Only
of Software Cost)

Additional Onsite
technical support cost
5
for resource per month,
if availed.

L1 resource cost / INR Zero

5.01 item 14 INR 60.00 MONTHS 0.00 0.00
month Only

L2 resource cost / INR Zero

5.02 Item 15 INR 60.00 MONTHS 0.00 0.00
month Only
 Customization cost INR Zero
6 item16 INR 500.00 DAYS 0.00 0.00
(man days charge) Only

Total in INR Zero

0.00 0.00
Figures Only

Quoted Rate in Words

INR Zero Only

Any further Corrigendum/ Addendum in respect of above tender / RFP will be uploaded on the CPP Portal
(www.eprocure.gov.in) and IPPB Website.
 In addition to above, as desired in Pre-bid meeting, following explanations are being provided to queries raised by the Bidders.
SI No Clause No Page No Clause Query Bank Response
We request the Bank to waive the Tender Cost to all MSE and MSME
1 3 Tender Cost Please be guided by RFP, Page no 3.
registered companies.
Modified Clause 9.1.3 as "Waiver in EMD amount
The bidder should deposit bid security of Rs.40,00000/- (Rupees Forty Lakhs) in the form of a demand
shall be applicable as per the Government
draft/Pay Order favoring India Post Payments Bank, payable at Delhi or Bank Guarantee from any We request the Bank to waive the EMD to all MSE and MSME registered
2 9.1. Bid Security/EMD 20 Procurement guidelines for Bidders from respective
Scheduled Commercial Bank. Bank Guarantee should be valid for minimum 6 months and with claim period companies.
category(duly supported by necessary
of 45 days.
documents/certificates)"
Within how many days Payment will be made to vendor after submission of
3 23. Payment Terms 46 30 days
undisputed invoice?
Bank may impose penalty to the extent of damage to its any equipment, if the damage was due to the
4 35. Penalty 57 Cumulative Penalty amount should be limited to 10% of TCO. Please be guided by RFP.
actions directly attributable to the staff of the Bidder.
The Bidder is required to integrate the proposed solution with CBS, MATM, Mobile Banking, Merchant App, Details shall be provided to sucessful bidder.
What are the names of the applications and their vendors?
5 6.5 14 CKYC, ODS/SAS and any other applications, with other service providers as and when required without any Bank ensures reasonable and timely support from
Will the Bank ensure support from respective vendors for integration?
extra cost to the Bank vendor for all integration
The bidder will coordinate with the existing vendor and other vendor or NPCI or any other Solution Provider
How can bidder coordinate with Bank’s existing or future vendors directly?
6 6.7 14 that Bank may take in future to make devices compatible for such applications. The bidder has to provide Bank shall provide the SPOC details
Bank has to be SPOC for such communications, please comment
support and applicable patches as and when released.
What tool Bank will use to replicate the Data from DC to DR?
Please be guided by the RFP,Bidder has to provide
7 7 19 Disaster Recovery Is there any support expected from ADV vendor in replicating data from DC
all required software/tools for DC/DR Replication.
to DR?
8 52 54 Annexure E (A) – Hardware Specifications Will the Bank provide Anti-Virus Software? No, Bidder has to provide
The Platform should support user management
9 52 54 Annexure E (A) – Hardware Specifications Will the Bank extends its Domain policy to ADV setup? integration with Active Directory for validate user
credentials.
10 52 54 Annexure E (A) – Hardware Specifications Will the Bank provide Backup tools for ADV setup? No,Please be guided by RFP
11 52 54 Annexure E (A) – Hardware Specifications Will the Bank provide tool to replicate data from DC to DR? No, Please be guided by RFP
12 52 54 Annexure E (A) – Hardware Specifications Who will handles OS Management of servers? Bidder
All supporting Hardware/
Software/ DB etc. need
13 52 54 Annexure E (A) – Hardware Specifications Will the Bank provide OS License? to be provided by Bidder
himself

All supporting Hardware/

Bidder will have to configure and maintain the Database and Software provided by the bidder during the
Software/ DB etc. need
contract period. Bidder would have to upgrade software version, deploy/update patches as per Bank’s Does bidder needs to provide database licences along or can use existing
14 6.4 14 to be provided by Bidder
requirement. None of the hardware, software etc. should be declared EOL/EOS by OEM. Bidder has to database licenses of India Post Payment Bank?
himself
upgrade the hardware/software etc. if declared EOL within the same cost during the tenure of the RFP.
15 52 54 Annexure E (A) – Hardware Specifications Who will handle Database management? Bidder, For details please be guided by RFP
16 52 54 Annexure E (A) – Hardware Specifications Will the Bank provide Server Racks? Yes
No, All supporting Hardware/
Software need
17 52 54 Annexure E (A) – Hardware Specifications Will the Bank provide Networking Switch/ Port? to be provided by Bidder
himself

18 52 54 Annexure E (A) – Hardware Specifications Who will perform FMS/ Maintenance of DC and DR Setup of ADV Solution? Bidder, For details please be guided by RFP

19 Miscellaneous Query How is India Post Payment Bank currently performing eKYC process? Details shall be provided to sucessful bidder

Is there is any gateway through which India Post Payment Bank currently
20 Miscellaneous Query Details shall be provided to sucessful bidder
sends request through UIDAI? If yes please explain the flow
21 Miscellaneous Query If there is gateway will ADV also integrated through that gateway? Details shall be provided to sucessful bidder
How is biometric authentication performed at India Post Payment Bank?
22 Miscellaneous Query Details shall be provided to sucessful bidder
Which are devices that will be used for biometric authentication?
Is it mandatory to have HSM for UAT? Can’t we use DR HSM or DC HSM for
23 Miscellaneous Query Please be guided by the RFP
these purposes?
24 Miscellaneous Query How many number of applications will be connected to ADV to start with? Details shall be provided to sucessful bidder
25 Miscellaneous Query Does have Bank have physical load balancer? Details shall be provided to sucessful bidder
6.2. Provide complete solution with necessary hardware & software for implementing Aadhaar Vault
26 6. Broad Scope of Work 13 Kindly clarify, if virtualization of Hardware is acceptable to the Bank Please be guided by RFP
system in bank as per UIDAI guidelines.
SI No Clause No Page No Clause Query Bank Response
6.2. Provide complete solution with necessary hardware & software for implementing Aadhaar Vault
27 6. Broad Scope of Work 13 Kindly clarify, if PCIe-based HSM is acceptable to the Bank Please be guided by RFP
system in bank as per UIDAI guidelines.
6.3. The Bidder is required to Supply all the required Hardware (including HSM) and Software
Related to Hardware supply, apart from Servers, Storage & HSM, kindly All Supporting Hardware/Software/ network devices
(OS/Application) with required licenses, install & deploy ,manage the solution at the Bank’s Data Center at
28 6. Broad Scope of Work 13 clarify the other hardware infrastructure the Bank is expecting the Bidder to etc to be provided by the bidder. For detials please
Mumbai and at DR Site Bangalore. The Hardware and Software licenses procured should be in the name of
provide. be guided by RFP
India Post Payments Bank.
6.3. The Bidder is required to Supply all the required Hardware (including HSM) and Software
All Supporting Hardware/Software/ network devices
(OS/Application) with required licenses, install & deploy ,manage the solution at the Bank’s Data Center at
29 6. Broad Scope of Work 13 Kindly clarify if Database is also in the supply scope of the Bidder. etc to be provided by the bidder. For detials please
Mumbai and at DR Site Bangalore. The Hardware and Software licenses procured should be in the name of
be guided by RFP
India Post Payments Bank.
6.5. The Bidder is required to integrate the proposed solution with CBS, MATM, Mobile Banking, Merchant Request the Bank to provide APIs for all the solutions with which ADV has to Details of API shall be provided to sucesful bidder.
30 6. Broad Scope of Work 14 App, CKYC, ODS/SAS and any other applications, with other service providers as and when required without integrate. It would be the responsibility of the Bank to coordinate with Bank ensures reasonable and timely support from
any extra cost to the Bank. respective solution OEM for the APIs. vendor for all integration

6.7 The bidder will coordinate with the existing vendor and other vendor or NPCI or any other Solution Request the Bank to provide APIs for all the solutions with which ADV has to Details of API shall be provided to sucesful bidder.
31 6. Broad Scope of Work 14 Provider that Bank may take in future to make devices compatible for such applications. The bidder has to integrate. It would be the responsibility of the Bank to coordinate with Bank ensures reasonable and timely support from
provide support and applicable patches as and when released. respective solution OEM for the APIs. vendor for all integration
6.19. The reporting and logging system of the Aadhaar Data Vault shall integrate seamlessly with existing
SIEM Solution. The Solution is also required to be integrated with Bank’s existing Privileged Identity Request the Bank to provide APIs for all the solutions with which ADV has to Details of API shall be provided to sucesful bidder.
32 6. Broad Scope of Work 17 Management (PIM) Solution. As required by Bank the Bidder shall provide all the required information and integrate. It would be the responsibility of the Bank to coordinate with Bank ensures reasonable and timely support from
data for integrating with SIEM & PIM Solution. Integration with Bank’s existing information security tools is respective solution OEM for the APIs. vendor for all integration
responsibility of the Bidder.
Considering the current transport situation due to COVID, there is
8.3. Implementation Plan and uncertainty on the opening of international borders for the transportation.
33 20 Delivery and installation of Hardware at DC and DR site. - 8 weeks Please be guided by RFP
Schedule Hence, as the HSM is an imported item, kindly modify the clause to 10
weeks.
Modified Clause 9.1.3 as "Waiver in EMD amount
shall be applicable as per the Government
9. Instructions for Bid
34 20 9.1. Bid Security/EMD For MSMEs, request the Bank to exempt the EMD Procurement guidelines for Bidders from respective
Submission
category(duly supported by necessary
documents/certificates)"
11.11. Minimum 2 Resources – 1 L1 Resource for 24 *7 and 1 L2 resource from 08:00 AM to 10:00 PM
11. Onsite development,
should be available at Bank’s Corporate Office site on 7 Days a week working basis. In addition, 1 L1 Kindly clarify if the resources are to be deployed for the duration of the Please refer to revised clause 11.1 and 11.11 in the
35 support & maintenance 39
Resource should be available at Bank’s DC and DRC site each for 24*7 Infra support on 7 days a week contract i.e. for 5 years. corrigendum.
Resource
working basis.

36 33. Escrow Arrangement 56 Cost of the escrow arrangement to be borne by Bidder. Request the Bank to share the cost of escrow on 50-50 basis. Please be guided by RFP

Request the Bank to bear the cost for carrying out any audit activity. The
The Bidder is required to facilitate the same at no additional cost and shall provide uninterrupted access to
37 38. Audit 60 bidder will ensure & close any gaps found out in the audit report within Please be guided by RFP Clause "38.Audit"
the documents required by the auditors.
stipulated time.
Kindly note, demographic match is part of Aadhaar Authentication process
51. Annexure E –Technical 1.5 Demographic match from the Aadhaar Data Vault should be and not of Aadhaar Vault solution. Aadhaar Vault & Aadhaar Authentication
38 78 No, Please be guided by the RFP
Specifications done using the reference key. Aadhaar number should not be used in such cases. are 2 different applications. So, we request the Bank to kindly delete the
clause.
5. The ADV solution provided by the bidder shall support encryption and storage of scanned Aadhaar Card Kindly provide the volume of exisiting Aadhaar Nos. at the Bank & the
51. Annexure E –Technical
39 79 PDF / Image file and any other document / images as per the data encryption and storage guidelines issued growth rate for next 5 yrs. This information is required for sizing of storage Details shall be provided to succesful bidder.
Specifications
by UIDAI in a separate File Server. & file server.
51. Annexure E –Technical Aadhaar Vault & Aadhaar Authentication are 2 different applications. So, we
40 83 31.2 Security framework for authentication devices Please be guided by RFP
Specifications request the Bank to kindly delete the clause.
SI No Clause No
51. Annexure E –Technical
41
Specifications
42 6.5 Broad Scope of Work
43 6.20 Broad Scope of Work
44 6.26 Broad Scope of Work
11.11 Onsite development,
45 support & maintenance
Resource
Annexure E –Technical
46
Specifications / Point No. 1.5
Annexure E –Technical
47
Specifications / Point No. 5
Annexure E –Technical
48
Specifications / Point No. 11
Page No Clause Query Bank Response
Clause stands as per RFP.Aadhaar (Authentication)
regulations 2016 require to store the Aadhaar
number in the transaction logs.For the requirement
of mandatory storage of Aadhaar number in the logs
for authentication / e-KYC transactions, the agencies
need to replace the Aadhaar numbers in the Logs
Aadhaar Vault & Aadhaar Authentication are 2 different applications. So, we
83 32.2 Aadhaar (Authentication) Regulations 2016, Databases with the corresponding reference keys.
request the Bank to kindly delete the clause.
For future transactions, only reference keys shall be
stored in the logs and if for any regulatory or
genuine business purpose the transaction logs need
to be provided outside the agency / organization
same shall be provided along with the Aadhaar
number
Aadhaar Data Vault (ADV) is central system and other systems are expected
to integrate with ADV. The statement depicts that ADV to integrate with the
system which is not inline to the ADV system. ADV will only expose the
required REST API which has to be consumed by the other system to get
The Bidder is required to integrate the proposed solution with CBS, MATM, Mobile Banking, Merchant App,
integrated with ADV.
14 CKYC, ODS/SAS and any other applications, with other service providers as and when required without any Please be guided by the RFP
extra cost to the Bank.
Bidder can only assist other system vendors to do the integration activity.
Further if any commercial associated with this development in respective
system, we assume that bank will bare the same. Request bank to clarify us
on the same.
Modified Clause 6.20 as "The bidder is required to
To achieve Zero RPO, Oracle data grid is required to be used which provide
The bidder is required to maintain the RTO of 120 minutes and zero RPO as per the Bank’s Business maintain the RTO of 120 minutes and RPO of 30
17 near zero data loss. We assume that Bank will provide the required DB
Continuity Policy. minutes." All requisite Hardware/Software/Network
license.
devices to be provided by the Bidder.
We would request bank to clarify the following Points:
1. No
Training- Vendor is required to impart mandatory training of at least One week to Bank Nominated Officials
1. Is their a provision of Online Remote Training? 2. Corporate Office , Delhi.
(10 officials) twice in the first year of Contract (at a minimum gap of 6 months) and once every year from
18 2. If their is no provision of online training, request bank to mention the Duration shall be based on complete knowledge
second year onwards, with complete knowledge transfer for handling the application or regarding any new
location where training will take place, what would be the duration, and any transfer for handling application or regarding any
feature/update etc, at no extra cost to the Bank.
training material to be provided. new feature/update etc to Banks satisfaction
Minimum 2 Resources – 1 L1 Resource for 24 *7 and 1 L2 resource from 08:00 AM to 10:00 PM should be
available at Bank’s Corporate Office site on 7 Days a week working basis. In addition, 1 L1 Resource should
be available at Bank’s DC and DRC site each for 24*7 Infra support on 7 days a week working basis.
However, in case of business requirements, vendor may be asked to depute the resources beyond the As per the labour law, it is difficult to advise the FM resource to work more
Please refer to revised clause 11.1 and 11.11 in the
39 above stipulated time. The timing may be changed at Bank’s discretion. However, during the than 8 hours per day, we can achive 24x7 support by increasing the
corrigendum.
implementation phase, testing, planned activity and emergency period, resources may have to work 24x7 resources, request bank to consider the same.
depending upon the Bank requirement. Payment will be released monthly basis in arrears against invoice
raised and after verification with attendance register maintained in Bank.
register maintained in Bank.
As per Aadhaar Circular (
https://clicktime.symantec.com/3VHwizcuSnrVNmS9P1AJDV27Vc?u=https%
3A%2F%2Fuidai.gov.in%2Fimages%2Fresource%2FCircular_Reference_Key_
Demographic match from the Aadhaar Data Vault should be done using the reference key. Aadhaar number 02082017.pdf) demographic data should not be shoted in the same system
78 Please be guided by the RFP
should not be used in such cases. that aadhaar number is stored on. Since the ADV would contain encrypted
aadhaar number, demograpgic data cannot be stored in the same system
and hence demograhic matching cannot be done by ADV solution. Hence we
request bank to reconsider this requirement.
The ADV solution provided by the bidder shall support encryption and storage of scanned Aadhaar Card We request bank to clarify, whether the said requirement is mandatory. If
PDF / Image file and any other document / images as per the data encryption and storage guidelines issued its mandatory then sizing the hardware for file server would be difficult
79 Please be guided by the RFP
by UIDAI in a separate File Server. since the number of documents and its size is not provided in the RFP.
As a security the ADV login credential should be different than Active
The Platform should support user management integration with Active Directory for validate user
81 Directory. Since it is secure system with very limited users to access, it is Please be guided by the RFP
credentials.
wise to have its credentials not linked to any other systems Active Directory.
SI No Clause No
Annexure E –Technical
49
Specifications / Point No. 04
Annexure E –Technical
50
Specifications / Point No. 31.2
Annexure E - Technical
51
Specification / Point No. 17
48. Annexure D - Eligibility
52
Criteria Point 1.5
48. Annexure D - Eligibility
53
Criteria Point 4
48. Annexure D - Eligibility
54
Criteria Point 31.2
48. Annexure D - Eligibility
55
Criteria Point No. 17
56
57 4. Invitation of Tender Bids
58 3.4
Page No Clause Query Bank Response
72 Digit UID Token is an external Reference Key provided by UIDAI to be
stored in client applications that need to store such Reference Key. ADV has
79 The ADV solution provided by the bidder shall support storage of 72 digit UID token. Please be guided by the RFP
no use of this Reference Key. Hence we request bank to reconsider this
requirement.
Security framework for authentication devices published by UIDAI refers to
83 Security framework for authentication devices all end point authentication device requirements and is not applicable to Please be guided by the RFP
ADV. Hence we request bank to reconsider this requirement.
In Point 1.3 it is mentioned as "All encryption keys should only be stored in
HSM infrastructure as mandated by UIDAI.
"Whereas here it is mentioned only the root of trust master Key is to be
We have not mentioned that only the root of trust
The solution must be able to support storage of the root of trust master Key on a FIPS 140-2, minimum kept on the HSM. As per UIDAI guidelines the encryption key must be on the
81 master Key is to be kept on the HSM as stated in
Level 2 certified HSM device HSM. Hence request bank to amend the clause as mentioned below.
query.For details please be guided by the RFP.
"The solution must be able to support storage of the all encryption Keys on
a FIPS 140-2, minimum Level 2 certified HSM device as mandated by UIDAI."
As per Aadhaar Circular (
https://uidai.gov.in/images/resource/Circular_Reference_Key_02082017.pd
f) demographic data should not be shoted in the same system that aadhaar
Demographic match from the Aadhaar Data Vault should be done using the reference key. Aadhaar number
Pg 78 number is stored on. Since the ADV would contain encrypted aadhaar Please be guided by RFP
should not be used in such cases
number , demograpgic data cannot be stored in the same system and hence
demograhic matching cannot be done by ADV solution. Kindly reconsider
this requirement.
72 Digit UID Token is an external Reference Key provided by UIDAI to be
Pg 78 The ADV solution provided by the bidder shall support storage of 72 digit UID token. stored in client applications that need to store such RK. ADV has no use of Please be guided by RFP
this RK. Kindly reconsider this requirement.
Security framework for authentication devices published by UIDAI refers to
Pg 83 Security framework for authentication devices all end point authentication device requirements and is not applicable to Please be guided by RFP
ADV. Kindly reconsider this requirement.
Point 1.3 mentions that "All encryption keys should only be stored in HSM
infrastructureas mandated by UIDAI." whereas here it is mentioned only the We have not mentioned that only the root of trust
The solution must be able to support storage of the root of trust master Key on a FIPS 140-2, minimum root of trust master Key is to be kept on the HSM. As per UIDAI guideliles master Key is to be kept on the HSM as stated in
81
Level 2 certified HSM device. thhe encryption key must be on the HSM. Kindly change this to "The query.Please be guided by the RFP.For details please
solution must be able to support storage of the all encryption Keys on a be guided by the RFP.
FIPS 140-2, minimum Level 2 certified HSM device. as mandated by UIDAI."
Clause 3 of Common terms of reference / definition
Request you to modify the clause to
stands modified as "Bidder”, “Supplier”, “Vendor”
3) “Bidder”, “Supplier”, “Vendor” refers to the applicants applying for this RFP and are interested in Supply, 3) “Bidder”, “Supplier”, “Vendor” refers to the applicants applying for this
4-5 refers to the applicants applying for this RFP for
Installation and Commissioning of Air Conditioners to the Bank RFP and are interested in Supply, Installation and Commissioning of Air
Supply, Implementation and Maintenance of
Conditioners to the Bank
Aadhaar Data Vault Solution"
All offers of the bidders shall be unconditional and once accepted whether
All offers of the bidders shall be unconditional and once accepted whether with or without modifications by
11 with or without modifications by the Bank with mutual consent shall be Please be guided by the RFP
the Bank shall be binding between the Bank and such Bidder
binding between the Bank and such Bidder
At present, Aadhaar number is stored in CBS, MATM, Mobile Banking, Merchant App etc. In view of UIDAI provide the application details - vendor names , platforms, type of APIs that
11 Detals shall be provided to sucessful bidder only
notification…... would be exposed for integration.
SI No Clause No Page No Clause
6.4. Bidder will have to configure and maintain the Database and Software provided by the bidder during
the contract period. Bidder would have to upgrade software version, deploy/update patches as per Bank’s
requirement. None of the hardware, software etc. should be declared EOL/EOS by OEM. Bidder has to
upgrade the hardware/software etc. if declared EOL within the same cost during the tenure of the RFP. 6.5.
The Bidder is required to integrate the proposed solution with CBS, MATM, Mobile Banking, Merchant App,
CKYC, ODS/SAS and any other applications, with other service providers as and when required without any
extra cost to the Bank. 6.7 The bidder will coordinate with the existing vendor and other vendor or NPCI or
any other Solution Provider that Bank may take in future to make devices compatible for such applications.
The bidder has to provide support and applicable patches as and when released. 6.10. Standards
/specifications published by UIDAI to be referred for algorithm and key length such as Auth API
specifications or eKYC API specifications where it states RSA 2048 for Public key encryption and AES 256 for
symmetric encryption (this is as per mentioned in UIDAI Circular dated 25.07.2017 and the standards may
change with time). 6.15 The hardware sizing must be done accordingly by the bidder. At no instance,
during the contract period, the solution/servers utilization should exceed 75%. In case the performance is
adversely affected or the utilization of any server or any peripheral, exceeds the threshold of 75%, more
than 3 times in a quarter, the vendor is required to upgrade the hardware, within one month without any
extra cost to the Bank. 6.17. Regulatory Compliance- The Bidder should comply with UIDAI and ASA/KSA
guidelines specified by UIDAI/NPCI for the proposed solution and must comply to Aadhaar Act 2016 and the
subsequent amendments. The Aadhaar Vault solution (including all Hardware, Software etc) should at all
time be compliant with current standards / guidelines issued by Government / RBI/
IBA/IDRBT/NPCI/NABARD/UIDAI/DFS authorities and/or other statutory authorities with regard to Aadhaar
Act and Regulations, 2016. In case of any change in the guidelines (by any of the above mentioned
authorities) throughout the contract period, the bidder would have to comply with the same. Bank will not
pay the charges for minor customization (efforts required up to 10 Man days). For major customization
(efforts required more than 10 man days), Bank will pay the charges as per customization charge
discovered. Bidder has to customize/modify the solution to meet the requirement as per
RBI/IBA/IDRBT/NPCI/NABARD /UIDAI/DFS etc requirement within a maximum period of 1 month from the
date of issuance of such customization / modifications or earlier, depending upon the level of
customization/modification prescribed by the said authorities. 6.18. The proposed Aadhaar Vault Solution
59 6. Broad Scope of Work 13-18
must comply with UIDAI Circular No.K11020/205/2017 (Auth I) dated 25.07.2017, Circular no.4 of 2018
dated 01.05.2018, circular no.5 of 2018 dated 16.05.2018 and circular no.6 of 2018 dated 04.06.2018 on
implementation of Virtual ID, UID Token & limited KYC and other guidelines issued by UIDAI/other
regulators from time to time during the tenure of the RFP. Bidder must submit proper documentation along
with the technical bid to demonstrate that the implementation meets the requirement of UIDAI circular,
which could be subjected to internal audit or external audit from an independent team or confirmation on
the points of the circular by the internal technology or security team (independent). The Solution may also
be subjected to any audit by any of the regulatory authorities also. Bidder will have to address the
deficiency/deviation observed in the audits without any extra cost to the Bank and within the timelines as
stipulated by the regulatory authorities. 6.21. UAT – User Acceptance Test- The Bidder should setup the
UAT environment for testing of the solution before implementation of the solution in the production
environment. The UAT setup shall be used for the customization of any changes before movement in
production. The setup would be kept available at all times during the contract period. The Solution will be
deemed accepted only when all the functionalities as per the Scope are provided, commissioned and
accepted by the Bank or the Bank Appointed Consultant. The UAT shall be signed off between the Bank and
the Successful Bidder. 6.22. Aadhaar Data Vault solution should support the features and functionalities as
mentioned in the Annexure- E, Technical Specification of the Solution. The bidder is responsible for
Primitive maintenance of proposed solution and share the report with the Bank for every quarter. Vendor
should provide all feature upgrades or version upgrades during contract period without any cost 6.26.
Query Bank Response
6.4. Bidder will have to configure and maintain the Database and Software
provided by the bidder during the contract period. Bidder would have to
upgrade software version, deploy/update patches as per Bank’s
requirement. None of the hardware, software etc. should be declared
EOL/EOS by OEM. Bidder has to upgrade the hardware/software etc. if
declared EOL within the same cost during the tenure of the RFP. 6.5. The
Bidder is required to integrate the proposed solution with CBS, MATM,
Mobile Banking, Merchant App, CKYC, ODS/SAS and any other applications,
with other service providers as and when required without any at an extra
cost to the Bank . 6.7 The bidder will coordinate with the existing vendor
and other vendor or NPCI or any other Solution Provider that Bank may take
in future to make devices compatible for such applications . The bidder has
to provide support and applicable patches as and when released. 6.10.
Standards /specifications published by UIDAI to be referred for algorithm
and key length such as Auth API specifications or eKYC API specifications
where it states RSA 2048 for Public key encryption and AES 256 for
symmetric encryption (this is as per mentioned in UIDAI Circular dated
25.07.2017 and the standards may change with time). In case of increase in
cost due to change in standards, such cost shall be borne by the Bank. 6.15
The hardware sizing must be done accordingly by the bidder. At no instance,
during the contract period, the solution/servers utilization should exceed
75%. In case the performance is adversely affected or the utilization of any
server or any peripheral, exceeds the threshold of 75%, more than 3 times
in a quarter, the vendor is required to upgrade the hardware, within one
month without any extra cost to the Bank. The time lost due to any of the
following reasons shall be taken into account while calculating the
availability/ uptime requirement: (a) Time lost due to power or
environmental failures; (b) Time taken to recover the system because of
power or environmental failures; (c) Time lost due to damage or
malfunction in the system or any units thereof due to causes attributable to
Bank such as attachment of additional devices, making alteration to the
system, maintenance of the system, etc. without Bidder's consent and/ or
failure to maintain the site as required by the Bidder; (d) Time taken for
scheduled maintenance/ troubleshooting either for preventive purposes or
improvement in function or other purposes; (e) Time taken for
reconfiguration or other planned downtime situations; (f) Scheduled
shutdowns as required by Bank (Bidder may also request Bank for a
Please be guided by the RFP
shutdown for maintenance purpose, which request will not be denied
unreasonably by Bank); (g) Time taken for booting the system (h) Time lost
due to unavailability of links (i) Mis-handling of system by any person other
than Bidder's authorized representatives. 6.17. Regulatory Compliance- The
Bidder should comply with UIDAI and ASA/KSA guidelines specified by
UIDAI/NPCI for the proposed solution and must comply to Aadhaar Act 2016
and the subsequent amendments. The Aadhaar Vault solution (including all
Hardware, Software etc) should at all time be compliant with current
standards / guidelines issued by Government / RBI/
IBA/IDRBT/NPCI/NABARD/UIDAI/DFS authorities and/or other statutory
authorities with regard to Aadhaar Act and Regulations, 2016. In case of any
change in the guidelines (by any of the above mentioned authorities)
throughout the contract period, the bidder would have to comply with the
same. Bank will not pay the charges for minor customization (efforts
required up to 10 Man days). For major customization (efforts required
more than 10 man days), Bank will pay the charges as per customization
charge discovered . Bidder has to customize/modify the solution to meet
the requirement as per RBI/IBA/IDRBT/NPCI/NABARD /UIDAI/DFS etc
SI No Clause No Page No Clause Query Bank Response
should provide all feature upgrades or version upgrades during contract period without any cost 6.26.
Training- Vendor is required to impart mandatory training of at least One week to Bank Nominated Officials
(10 officials) twice in the first year of Contract (at a minimum gap of 6 months) and once every year from
second year onwards, with complete knowledge transfer for handling the application or regarding any new
feature/update etc, at no extra cost to the Bank. 6.28. The bidder will be responsible for hardening of the
OS for Aadhaar Data Vault Solution as per the Bank’s IT security policy. During the contract period, the
bidder will apply patches and upgrade of OS, database, application, etc from time to time without any
additional cost to the Bank. 6.30. The vendor will provide services for implementation / rolling-out
/support / maintenance of proposed solution (including hardware) for a minimum period of 5 years (3 years
warranty + 2 years AMC) from Go Live date. Bank reserves right to cancel the contract at any time in case
system fails to meet any of the requirements as mentioned in the RFP.

The bidder will coordinate with the existing vendor and other vendor or NPCI or any other Solution Provider
60 6.7 14 that Bank may take in future to make devices compatible for such applications. The bidder has to provide Please elaborate the requirement especially wrt NPCI aspects. Clause is self explanatory
support and applicable patches as and when released.
Upgrade should include just the patch installation/implementation for bug
Bidder would have to upgrade software version, deploy/update patches as per Bank’s requirement. None
61 6; sub-section 6.4 14 fixing on the s/w etc. It should not include major version upgrade etc for Please be guided by the RFP
of the hardware, software etc. should be declared EOL/EOS by OEM.
hardware as well as software. Pls clarify.
What does integration mean? May it be elaborated to define the scope of
The Bidder is required to integrate the proposed solution with CBS, MATM, Mobile Banking, Merchant App,
integration.
62 6; sub-section 6.5 14 CKYC, ODS/SAS and any other applications, with other service providers as and when required without any Please be guided by the RFP
What are the details of these allied systems like Mobile banking, ODC/SAS
extra cost to the Bank.
etc
Aadhaar Data Vault shall have functionality for first Time Migration Batch, which migrates the existing Bidder share the volumetric data for migration of existing adhaar details to
63 6.12.8 15 Details to be provided to the sucessful bidder.
Aadhaar details to vault in an efficient manner vault

Hardware for the Solution must be capable enough to handle 1100 TPS and should be scalable so as to Bidder understands that the TPS is for transactions within the Data center
64 6.15 16 No, Please be guided by RFP
handle transactions and cater Aadhaar numbers during the contract period of 5 years as provided below (ADV application I/O volume). Is our understanding correct ?
The reporting and logging system of the Aadhaar Data Vault shall integrate seamlessly with existing SIEM
Solution. The Solution is also required to be integrated with Bank’s existing Privileged Identity Management
65 6.19 17 (PIM) Solution. As required by Bank the Bidder shall provide all the required information and data for Please share the details of existing SIEM and PIM solution Details to be provided to the sucessful bidder
integrating with SIEM & PIM Solution. Integration with Bank’s existing information security tools is
responsibility of the Bidder.
Please share the following:
1. Location of Near site.
2. Capacity of connectivity with Near Site Modified Clause 6.20 as "The bidder is required to
3. Type of connectivity -Dark Fiber, P2P, Leased link etc. maintain the RTO of 120 minutes and RPO of 30
The bidder is required to maintain the RTO of 120 minutes and zero RPO as per the Bank’s Business
66 6.2 17 4. Peak utilisation of link connecting to DR site minutes." NDR site - Vashi Mumbai, Other
Continuity Policy.
5. Location of DR site. details asked shall be provided to the sucessfull
6. Capacity of connectivity to DR site bidder.
7. Type of connectivity to DR site - MPLs, P2P etc.

Bidder understands that the RPO measurement is for the I/O of aadhaar RPO and RTO are in context of ADV solution only
The bidder is required to maintain the RTO of 120 minutes and zero RPO as per the Bank’s Business vault application only .RPO as zero for end to end solution across channels Modified Clause 6.20 as "The bidder is required to
67 6.2 17
Continuity Policy may not be possible hence bidder sugegsts that the RFP time be suitable maintain the RTO of 120 minutes and RPO of 30
modified. minutes."
User Acceptance Test- The Bidder should setup the UAT environment for testing of the solution before Please confirm if UAT environment should be 100% or 50% of production UAT environment should be min 25% of the
68 6.21 17
implementation of the solution in the production environment. environment. production environment
6.19. The reporting and logging system of the Aadhaar Data Vault shall integrate seamlessly with existing
SIEM Solution. The Solution is also required to be integrated with Bank’s existing Privileged Identity As per requirement, ADV shall integrate seamlessly with existing SIEM
Bank will share the detail of SIEM product with
69 6.19 17 Management (PIM) Solution. As required by Bank the Bidder shall provide all the required information and Solution. Request to share Make, model and version of existing SIEM
succesfull bidder
data for integrating with SIEM & PIM Solution. Integration with Bank’s existing information security tools is solution with which ADV shall be integrated.
responsibility of the Bidder.
SI No Clause No Page No Clause Query Bank Response
The time period for costomization is limited to 1 month. In many cases, it
Bank will pay the charges as per customization charge discovered. Bidder has to customize/modify the may not be feasible; rather timeline will depend on case to case basis
solution to meet the requirement as per RBI/IBA/IDRBT/NPCI/NABARD /UIDAI/DFS etc requirement within depending upon the work involved.
70 6; sub-section 6.17 17 Please be guided by the RFP
a maximum period of 1 month from the date of issuance of such customization / modifications or earlier, So the language should be changed to mean the timeline to be on mutually
depending upon the level of customization/modification prescribed by the said authorities agreed terms.
Pls clarify
Clause 6.22 modified as "Aadhaar Data Vault
solution should support the features and
functionalities as mentioned in the Annexure- E,
Technical Specification of the Solution. The bidder is
71 6.22 18 The bidder is responsible for Primitive maintenance of proposed solution What is Primitive Maintenance responsible for Preventive maintenance of proposed
solution and share the report with the Bank for
every quarter. Vendor should provide all feature
upgrades or version upgrades during contract period
without any cost."preventive maintenance

1. Yes- Corporate Office Delhi

2. Training will be held in IPPB, Corporate Office
Please confirm the following:
3. Duration shall be based on complete knowledge
Training- Vendor is required to impart mandatory training of at least One week to Bank Nominated Officials 1. Will the trainings be held in one location?
transfer for handling application or regarding any
(10 officials) twice in the first year of Contract (at a minimum gap of 6 months) and once every year from 2. Will the training be held in DOP premises
72 6.26 18 new feature/update etc to Banks satisfaction
second year onwards, with complete knowledge transfer for handling the application or regarding any new 3 Please fix the duration of training as this has bearing on the costing
4. Hands on
feature/update etc, at no extra cost to the Bank. 4. Will the training be presentation based or hands-on
5. IPPB shall provide only with Training space and
5. If Hands-on training who will provide the training infrastructure
connectivity

The proposed system must be capable and compatible for Disaster Recovery Implementation. The
Is there any DRM tool currently deployed? If so please share the details for
73 7 18 successful bidder should describe the provisions and setup required for disaster recovery. The successful Details shall be shared with sucessful bidder.
us to ensure compatibility of solution we will propose
bidder should replicate the whole setup for all modules with customization in DR.

DOP is requested to share the current design architecture. This is required

74 8.1.3 19 The bidder shall propose Plan & Design/Architecture services from the OEM. Clause is self explanatory. Please be guided by RFP
to design the Data Vault solution

8.1.2. The bidder shall propose Support & Subscription services from the
8.1.2. The bidder shall propose Support & Subscription services from the OEM with unlimited number of OEM with unlimited number of support requests , remote support, access to
support requests, remote support, access to product updates/upgrades and 24x7 supports as per response product updates/upgrades and 24x7 supports as per response time matrix
75 8. Support 19-20 Please be guided by the RFP
time matrix 8.2. Project Management Extension of contract for support however shall be at the discretion 8.2. Project Management Extension of contract for support however shall be
of the bank. at the discretion of the bank but with mutual consent of the parties at
mutually decided rates, terms and conditions.

9.1.5. Bid security of successful bidder will be released after submission of

Performance Bank Guarantee within six months from the date of receipt of
purchase order or before expiry of EMD for an amount equivalent to 105%
9.1.5. Bid security of successful bidder will be released after submission of Performance Bank Guarantee
of the project cost valid till contract period of 5 years plus three months
within six months from the date of receipt of purchase order or before expiry of EMD for an amount
beyond the date of completion of all contractual obligations and such other
equivalent to 15% of the project cost valid till contract period of 5 years plus three months beyond the date
extended period as the Bank may decide for due performance of the project
of completion of all contractual obligations and such other extended period as the Bank may decide for due
obligations. 9.1.6. Bid Security will be forfeited in the following cases:
performance of the project obligations. 9.1.6. Bid Security will be forfeited in the following cases: 9.1.6.1.
9.1.6.1. If a bidder withdraws its bid during the period of bid validity; or
If a bidder withdraws its bid during the period of bid validity; or 9.1.6.2. If a Bidder makes any statement
9.1.6.2. If a Bidder makes any statement or encloses any form which turns
76 9.1. Bid Security/EMD 20-22 or encloses any form which turns out to be false / incorrect at any time prior to signing of Contract or Please be guided by the RFP
out to be false / incorrect at any time prior to signing of Contract or refuses
refuses to correct the errors found in the bid. 9.1.6.3. In case of any technical issues during reverse
to correct the errors found in the bid. 9.1.6.3. In case of any technical
auction, if Bank decides to re-conduct reverse auction and any of the shortlisted bidder does not participate
issues during reverse auction, if Bank decides to re-conduct reverse auction
in the re-reverse auction at least by way of log in. 9.1.6.4. In case of a successful Bidder, if the Bidder fails:
and any of the shortlisted bidder does not participate in the re-reverse
a. To execute Contract within the stipulated time: b. To respond to the Purchase order within the
auction at least by way of log in. 9.1.6.4. In case of a successful Bidder, if
stipulated time, Or c. To furnish Performance Bank Guarantee as mentioned in Performance Bank
the Bidder fails: a. To execute Contract on mutually agreed terms and
Guarantee herein
conditions within the stipulated time: b. To respond to the Purchase order
within the stipulated time, Or c. To furnish Performance Bank Guarantee as
mentioned in Performance Bank Guarantee herein
SI No Clause No Page No Clause Query Bank Response
The successful bidder shall provide a Performance Bank Guarantee within 30 days from the date of receipt
of the order or signing of the contract whichever is earlier in the format as provided in Annexure J, to the
77 Section 9.2 22 extent of 15% of the total contract value for the entire period of the contract plus 3 months and such other Suggest Performance Bank Guarantee should be for 10% and not 15% Please be guided by the RFP
extended period as the Bank may decide for due performance of the project obligations. The guarantee
should be of that of a nationalized Bank only, other than India Post Payments Bank.

The successful bidder shall provide a Performance Bank Guarantee within

30 days from the date of receipt of the order or signing of the contract
whichever is earlier in the format as provided in Annexure J, to the extent of
105% of the total contract value for the entire period of the contract plus 3
The successful bidder shall provide a Performance Bank Guarantee within 30 days from the date of receipt months and such other extended period as the Bank may decide for due
of the order or signing of the contract whichever is earlier in the format as provided in Annexure J, to the performance of the project obligations. The guarantee should be of that of a
extent of 15% of the total contract value for the entire period of the contract plus 3 months and such other nationalized Bank only, other than India Post Payments Bank. In the event
extended period as the Bank may decide for due performance of the project obligations. The guarantee of non-performance of material obligation or failure to meet material terms
9.2. Performance Bank
78 22 should be of that of a nationalized Bank only, other than India Post Payments Bank. In the event of non- of this tender the Bank shall be entitled to invoke the performance Please be guided by the RFP
Guarantee
performance of obligation or failure to meet terms of this tender the Bank shall be entitled to invoke the guarantee without notice or right of demur to the successful bidder
performance guarantee without notice or right of demur to the successful bidder. Any amount pending for provided the failure or non-performance of material obligation is for the
payment due to non achieving of milestone/s set under the agreement or any other reason solely reasons solely and directly attributable to the Bidder and not due to reasons
attributable to the successful bidder should be included in the remaining amount of the contract value. attributable to Bank and/or its other vendors or due to reasons of Force
Majeure. . Any amount pending for payment due to non achieving of
milestone/s set under the agreement or any other reason solely attributable
to the successful bidder should be included in the remaining amount of the
contract value.

The successful bidder must strictly adhere to the delivery dates or lead times identified in their proposal.
Failure to meet these delivery dates, unless it is due to reasons entirely attributable to the Bank, may
constitute a material breach of the successful bidder’s performance and to recover liquidated damages
/forfeit the bid security. In the event that the Bank is forced to cancel an awarded contract (relative to this
In case of Risk purchase we must cap the liability to the value of
79 Section 9.13.4 30 tender document) due to the successful bidder’s inability to meet the established delivery dates or any Please be guided by the RFP
goods/Services being procured as stated in the agreed contract
other reasons attributing to successful bidder then, that bidder will be responsible for any re- procurement
costs suffered by the Bank. The liability in such an event could be limited to the differential excess amount
spent by the Bank for procuring similar deliverables and services.

9.13.4. The successful bidder must strictly adhere to the delivery dates or lead times identified in their
proposal. Failure to meet these delivery dates, unless it is due to reasons entirely attributable to the Bank,
may constitute a material breach of the successful bidder’s performance and to recover liquidated damages
/forfeit the bid security. In the event that the Bank is forced to cancel an awarded contract (relative to this
tender document) due to the successful bidder’s inability to meet the established delivery dates or any
other reasons attributing to successful bidder then, that bidder will be responsible for any re- procurement
costs suffered by the Bank. The liability in such an event could be limited to the differential excess amount
spent by the Bank for procuring similar deliverables and services 9.13.5. The bidder shall represent and
acknowledge to the Bank that it possesses necessary experience, expertise and ability to undertake and
fulfill its obligations, involved in the performance of the provisions of this RFP. The bidder represents that
the solution to be supplied in response to this RFP shall meet the proposed bidders requirement. If any
services, functions or responsibilities not specifically described in this RFP are an inherent, necessary or
customary part of the deliverables or services and are required for proper performance or provision of the
deliverables or services in accordance with this RFP, they shall be deemed to be included within the scope
of the deliverables or services, as if such services, functions or responsibilities were specifically required
and described in this RFP and shall be provided by the bidder at no additional cost to the Bank. The bidder
also acknowledges that the Bank relies on this statement of fact, therefore neither accepting responsibility
9.13. Other Terms and
80 30-35 for, nor relieving the bidder of responsibility for the performance of all provisions and terms and conditions
Conditions of RFP
of this RFP, the Bank expects the bidder to fulfill all the terms and conditions of this RFP. The modifications,
which are accepted by the Bank, shall form a part of the final contract. 9.13.15. No Commitment to Accept
Lowest bid or Any Tender – The Bank shall be under no obligation to accept the lowest price bid or any
other offer received in response to this Tender notice and shall be entitled to reject any or all offers
including those received late or incomplete offers without assigning any reason whatsoever. The Bank
reserves the right to make any changes in the terms and conditions of purchase. The Bank will not be
9.13.4. The successful bidder must strictly adhere to the delivery dates or
lead times identified in their proposal. Failure to meet these delivery dates,
unless it is due to reasons entirely attributable to the Bank, may constitute a
material breach of the successful bidder’s performance and to recover
liquidated damages /forfeit the bid security. In the event that the Bank is
forced to cancel an awarded contract (relative to this tender document) due
to the successful bidder’s inability to meet the established delivery dates or
any other reasons attributing to successful bidder then, that bidder will be
responsible for any re- procurement costs suffered by the Bank. The liability
in such an event could be limited to the 5% of the differential excess
amount spent by the Bank for procuring similar deliverables and services
9.13.5. The bidder shall represent and acknowledge to the Bank that it
possesses necessary experience, expertise and ability to undertake and
fulfill its obligations, involved in the performance of the provisions of this
RFP. The bidder represents that the solution to be supplied in response to
this RFP shall meet the proposed bidders requirement. If any services,
functions or responsibilities not specifically described in this RFP are an
inherent, necessary or customary part of the deliverables or services and
are required for proper performance or provision of the deliverables or
services in accordance with this RFP, they shall be deemed to be included
within the scope of the deliverables or services, as if such services, functions
or responsibilities were specifically required and described in this RFP and Please be guided by the RFP
shall be provided by the bidder at an no additional cost to the Bank. The
bidder also acknowledges that the Bank relies on this statement of fact,
therefore neither accepting responsibility for, nor relieving the bidder of
responsibility for the performance of all provisions and terms and
conditions of this RFP, the Bank expects the bidder to fulfill all the terms and
conditions of this RFP. The modifications, which are accepted by the Bank,
SI No Clause No Page No Clause
reserves the right to make any changes in the terms and conditions of purchase. The Bank will not be
obliged to meet and have discussions with any Bidder, and / or to listen to any representations unless there
is change in the terms and conditions of purchase. 9.13.18. There will be an acceptance test by the Bank or
its nominated consultants after implementation of the solution. In case of discrepancy in solution
implemented, the Bank reserves the right to cancel the entire purchase contract and the bidder should take
back their deliverables at their costs and risks. The test will be arranged by the bidder at the sites in the
presence of the officials of the Bank and/ or its consultants 9.13.21. The price payable to the Bidder shall
be inclusive of carrying out any modifications / changes / upgrades to the application and other software
that is required to be made in order to comply with any statutory or regulatory requirements or any
industry-wide changes arising during the subsistence of the contract/ agreement, and the Bank shall not
pay any additional cost for the same. The Bidder needs to provide with the details about all such items
considered in the RFP.
There will be an acceptance test by the Bank or its nominated consultants after implementation of the
81 9.13.18 34
solution
statutory or regulatory requirements or any industry-wide changes arising during the subsistence of the
82 9.13.21 35
contract/ agreement, and the Bank shall not pay any additional cost for the same
TCO is for five years including one year warranty, four years ATS from the date of go-live for software
83 Section 9.15.2 35
components and three years warranty, two years AMC for hardware components.
Query Bank Response
conditions of this RFP. The modifications, which are accepted by the Bank,
shall form a part of the final contract. 9.13.15. No Commitment to Accept
Lowest bid or Any Tender – The Bank shall be under no obligation to accept
the lowest price bid or any other offer received in response to this Tender
notice and shall be entitled to reject any or all offers including those
received late or incomplete offers without assigning any reason whatsoever.
The Bank reserves the right to make any changes in the terms and
conditions of purchase with mutual consent of the bidder. The Bank will not
be obliged to meet and have discussions with any Bidder, and / or to listen
to any representations unless there is change in the terms and conditions of
purchase. 9.13.18. There will be an acceptance test by the Bank or its
nominated consultants after implementation of the solution. In case of
discrepancy in solution implemented, the Bank will give notice to the bidder
to rectify the defects within certain time frame and conduct acceptance
tests. the Bank reserves the right to cancel the entire purchase contract and
the bidder should take back their deliverables at their costs and risks. The
Should we ask for the acceptance criteria or what is the test they are going
to conduct. This may have cost implication on us in terms of timelines, Please be guided by the RFP
provisioning environment for test etc.
Any change arrising out of this point which is out of scope of this RFP will
need to be treated as per Change Request. Please be guided by the RFP
Request Bank to ammend the clause accordingly.
Not clear on the Total Duration of the Project TCO is for 5 years

Clause 11.4 modified as "The technical resources

should be competent to handle/ develop/ Integrate/
Implement/ Test/ Go Live with the Apps on the
proposed platform within Bank’s stipulated time.
Onsite resources are expected to perform
The technical resources should be competent to handle/ develop/ Integrate/ Implement/ Test/ Go Live with development, testing, UAT, User management,
the Apps on the proposed platform within Bank’s stipulated time. Onsite resources are expected to preparation of test cases, support, monitoring,
perform development, testing, UAT, User management, preparation of test cases, support, monitoring, certification, implementation, reporting,
certification, implementation, reporting, coordination with banks team/s, Audit compliance, IT industry As per RFP requirement, Onsite resources are expected to perform coordination with banks team/s, Audit compliance,
84 114 37 best practices/VAPT closures, vulnerability assessment , any other statutory compliance, Patch Installation, vulnerability assessment. Bidder understands that vulnerability assessment IT industry best practices/VAPT closures, any other
fixes, analytics, fraud risk/rule management & monitoring, day to day MIS reports, Regulatory reports, tool will be provided by IPPB. Request confirmation on the same. statutory compliance, Patch Installation, fixes,
conducting DR Drill, Database support, backup/restore, online replication with zero lag and post Go-live analytics, fraud risk/rule management & monitoring,
support. These activities are illustrative and the details will be shared with successful bidder. Bank reserves day to day MIS reports, Regulatory reports,
the right to claim change in resource based on the performance of the resources. conducting DR Drill, Database support,
backup/restore, online replication with zero lag and
post Go-live support. These activities are illustrative
and the details will be shared with successful bidder.
Bank reserves the right to claim change in resource
based on the performance of the resources."
SI No Clause No Page No Clause
11.2. During the assignment substitution of resources shall not be allowed unless such substitution
becomes unavoidable to overcome the undue delay or that such changes are critical to meet obligation. In
such circumstances vendor can do so only with the concurrence of the bank by giving sufficient intimation /
notice and by providing alternate staff of equivalent/higher competency. If bank is not satisfied with
substitution, bank reserve the right to terminate the onsite contract and recover whatever payments made
by the bank to the vendor during the course of the assignment besides claiming an amount, equal to onsite
contract value as liquidated damages 11.3. Bank may take additional resource/s as per frozen price
through this tender process. 11.4. The technical resources should be competent to handle/ develop/
Integrate/ Implement/ Test/ Go Live with the Apps on the proposed platform within Bank’s stipulated time.
Onsite resources are expected to perform development, testing, UAT, User management, preparation of
test cases, support, monitoring, certification, implementation, reporting, coordination with banks team/s,
Audit compliance, IT industry best practices/VAPT closures, vulnerability assessment , any other statutory
compliance, Patch Installation, fixes, analytics, fraud risk/rule management & monitoring, day to day MIS
reports, Regulatory reports, conducting DR Drill, Database support, backup/restore, online replication with
zero lag and post Go-live support. These activities are illustrative and the details will be shared with
successful bidder. Bank reserves the right to claim change in resource based on the performance of the
resources. 11.8. Selected bidder is expected to deploy academically good, technically sound and
competent personnel to ensure smooth operations at Bank’s site. The deputed personnel will be employed
11. Onsite development, by the selected bidder on their payrolls/contracts without having any employment right with the bank.
85 support & maintenance 37-39 Moreover, deployed personnel will not have any right whatsoever to lodge claim of any nature directly or
Resource indirectly with the bank and it would be responsibility of selected bidder to address such issues without
involving the bank. The deputed persons have to maintain the utmost secrecy & confidentiality of the
Bank’s data including process performed at the Bank premises. At any time, if it comes to the notice of the
bank that data has been compromised/ disclosed/ misused/ misappropriated then bank would take suitable
action as deemed fit and selected vendor would be required to compensate the bank to the fullest extent
of loss incurred by the bank. Bidder is expected to adhere Bank’s request for removal of any personnel, if
bank notices any negligence/gross misconduct/violation of trade secret/disclosure of Bank’s data to third
party and any decision of the bank in this regard would be final and binding upon the selected vendor.
11.10. The Bidder also has to agree and submit an undertaking that during the subsistence of this
agreement it will not employ any personnel/individual below the Minimum Wages fixed by appropriate
Government on this behalf from time to time, as per the provision of Minimum Wages Act 1948. 11.11.
Minimum 2 Resources – 1 L1 Resource for 24 *7 and 1 L2 resource from 08:00 AM to 10:00 PM should be
available at Bank’s Corporate Office site on 7 Days a week working basis. In addition, 1 L1 Resource should
be available at Bank’s DC and DRC site each for 24*7 Infra support on 7 days a week working basis.
However, in case of business requirements, vendor may be asked to depute the resources beyond the
above stipulated time. The timing may be changed at Bank’s discretion. However, during the
implementation phase, testing, planned activity and emergency period, resources may have to work 24x7
depending upon the Bank requirement. Payment will be released monthly basis in arrears against invoice
raised and after verification with attendance register maintained in Bank. register maintained in Bank.
Minimum 2 Resources – 1 L1 Resource for 24 *7 and 1 L2 resource from 08:00 AM to 10:00 PM should be L1 skills to comply with the Labour laws. Similarly of L2 has to be present 14
86 11.11 39 available at Bank’s Corporate Office site on 7 Days a week working basis. In addition, 1 L1 Resource should hours at site 7 days a week then we will require 4 resources.
be available at Bank’s DC and DRC site each for 24*7 Infra support on 7 days a week working basis
Query Bank Response
11.2. During the assignment substitution of resources shall not be allowed
unless such substitution becomes unavoidable to overcome the undue delay
or that such changes are critical to meet obligation or in case of resignation,
termination, death of such resource or if such resource becoming incapable
to work due to any reason. In such circumstances vendor can do so only
with the concurrence of the bank by giving sufficient intimation / notice and
by providing alternate staff of equivalent/higher competency. If bank is not
satisfied with substitution, bank reserve the right to terminate the onsite
contract and recover whatever payments made by the bank to the vendor
during the course of the assignment besides claiming an amount, equal to
onsite contract value as liquidated damages 11.3. Bank may take additional
resource/s as per frozen mutually agreed price through this tender process.
11.4. The technical resources should be competent to handle/ develop/
Integrate/ Implement/ Test/ Go Live with the Apps on the proposed
platform within Bank’s stipulated time. Onsite resources are expected to
perform development, testing, UAT, User management, preparation of test
cases, support, monitoring, certification, implementation, reporting,
coordination with banks team/s, Audit compliance, IT industry best
practices/VAPT closures, vulnerability assessment , any other statutory
compliance, Patch Installation, fixes, analytics, fraud risk/rule management
& monitoring, day to day MIS reports, Regulatory reports, conducting DR
Drill, Database support, backup/restore, online replication with zero lag and
post Go-live support. These activities are illustrative and the details will be
shared with successful bidder . Bank reserves the right to claim change in
Please refer to revised clause 11.1 and 11.11 in the
resource based on the performance of the resources but provide the
corrigendum.
detailed reasons to bidder for such change in resources. 11.8. Selected
bidder is expected to deploy academically good, technically sound and
competent personnel to ensure smooth operations at Bank’s site. The
deputed personnel will be employed by the selected bidder on their
payrolls/contracts without having any employment right with the bank.
Moreover, deployed personnel will not have any right whatsoever to lodge
claim of any nature directly or indirectly with the bank and it would be
responsibility of selected bidder to address such issues without involving
the bank. The deputed persons have to maintain the utmost secrecy &
confidentiality of the Bank’s data including process performed at the Bank
premises. At any time, if it comes to the notice of the bank that data has
been compromised/ disclosed/ misused/ misappropriated then bank would
take suitable action as deemed fit and selected vendor would be required to
compensate the bank to the fullest extent of loss incurred by the bank claim
the damages as per legal process. Bidder is expected to adhere Bank’s
request for removal of any personnel, if bank notices any negligence/gross
misconduct/violation of trade secret/disclosure of Bank’s data to third party
and any decision of the bank in this regard would be final and binding upon
the selected vendor. 11.10. The Bidder also has to agree and submit an
undertaking that during the subsistence of this agreement it will not employ
any personnel/individual below the Minimum Wages fixed by appropriate
Government on this behalf from time to time, as per the provision of
Minimum Wages Act 1948. In case of increase in Minimum Wages, the price
should be suitably adjusted by the Bank. 11.11. Minimum 2 Resources – 1
Since the requirement for L1 is 24 * 7 at site, we will require 5 persons with
Please refer to revised clause 11.1 and 11.11 in the
corrigendum.
Request you to change the requirement from "Minimumn2 Resources" to
"Minimun 2 types of resources". The former indicates Qty specified by Bank.
SI No Clause No Page No Clause Query Bank Response
Pre-bid meeting would be held at India Post
Payments Bank, Corporate Office, 2nd Floor Speed
Post Center, Bhai Veer Singh Marg, New Delhi-
110001 at 11:00 Am on 12th June,2020 as
communicated in the RFP.

Request that the bank should share a audio bridge so that prospective There is no provision of Video Conferencing for this
87 13 40 Prebid meeting scheduled on 12th June @ 11 AM at IPBB office.
bidders can join the meeting remotely. Pre-Bid meeting. Interested parties are requested to
join meeting in person at aforesaid time and place.

Please note only one person from each bidder party

should attend the meeting to abide by social
distancing norms.

All submissions will become the property of Bank. Recipients shall be

All submissions will become the property of Bank. Recipients shall be deemed to license, and grant all rights
to, Bank to reproduce the whole or any portion of their submission for the purpose of evaluation, to
disclose the contents of the submission to other Recipients who have registered a submission and to
88 14. RFP Response 40 disclose and/or use the contents of the submission as the basis for any resulting RFP process,
notwithstanding any copyright or other intellectual property right that may subsist in the submission or
Banking documents. Bid properly documented should be submitted by uploading at https://eprocure.gov.in
on or before stipulated date & time mentioned in the RFP.
deemed to license, and grant all rights to, Bank to reproduce the whole or
any portion of their submission for the purpose of evaluation, to disclose
the contents of the submission to other Recipients who have registered a
submission and to disclose and/or use the contents of the submission as the
basis for any resulting RFP process, notwithstanding any copyright or other Please be guided by the RFP
intellectual property right that may subsist in the submission or Banking
documents. Bank will protect the confidentiality of the information shared
by the Bidder to Bank. Bid properly documented should be submitted by
uploading at https://eprocure.gov.in on or before stipulated date & time
mentioned in the RFP.

16.2. Should be able to deliver hardware and implement the software

solution within 16 weeks from the date of purchase order. For late delivery
16.2. Should be able to deliver hardware and implement the software solution within 16 weeks from the the LD clause would be applicable @0.51 % of the value of purchase order
date of purchase order. For late delivery the LD clause would be applicable @1 % of the value of purchase delayed goods or services exclusive of ATS and onsite support charges per
order exclusive of ATS and onsite support charges per week or part thereof subject to a maximum of 10%. week or part thereof subject to a maximum of 5 10% of the value of delayed
In case of undue delay beyond a period of 15 days after attaining the maximum penalty of 10% during goods or services. In case of undue delay beyond a period of 30 15 days
89 16. Liquidated Damage (LD) 41 Please be guided by the RFP
implementation, Bank may consider termination of the contract or purchase order. 16.4. Bank will deduct after attaining the maximum penalty of 5 10% during implementation, Bank
the amount of liquidated damages from the payment due of the same project from the Successful bidder. may consider termination of the contract or purchase order. 16.4. Bank will
Bank may also withhold the amount to be recovered from the payment due from other projects held by the deduct the amount of liquidated damages from the payment due of the
same bidder. same project from the Successful bidder. Bank may also withhold the
amount to be recovered from the payment due from other projects held by
the same bidder.
SI No Clause No Page No Clause
17.2. The warranty would be on-site and comprehensive in nature. Warranty will start from the date of full software, carried out after acceptance testing. This warranty is only valid for
go- live/implementation and will be valid for a period of one year. The successful bidder shall provide
maintenance and support under warranty, without any extra cost. Warranty for software will start from the shall also not apply if there is any (i) combination, operation, or use of some
90 17. Warranty 41-42
date of final signoff (go-live) of the Bank. Bank will not pay any charges during warranty period. 17.3. Any or all of the deliverables or any modification thereof furnished hereunder
corruption in the software or media or any services shall be rectified during the full period of the contract with information, software, specifications, instructions, data, or materials
including warranty, if contracted, at no extra cost to the Bank.
The contract period for Implementation of required solution will be initially for a period of 5 years support
from the date of go-live/implementation with the selected bidder including one-year warranty and 4 years
Annual Technical Support post warranty for software solution and 3 years warranty and 2 years Annual
Maintenance Contract post warranty for hardware/Server. However, if the Bank desires, it must be
agreeable to the selected bidder to provide Annual Technical Support for Application software for the next
two years after expiry of the contract period on mutually agreed terms and will be renewed on yearly basis.
91 18. Contract Period 42-43 Bank reserves the right to extend the contract for further period of two years at mutually agreed terms.
The successful bidder shall execute (a) a Service Level Agreement (SLA), which would include all the
services and terms and conditions of the services to be extended as detailed herein and any other
conditions as may be prescribed by the Bank; and (b) Non-disclosure Agreement (NDA). The bidder shall
execute the SLA and NDA within one month/within the date specified by bank , from the date of issuance of
purchase order. The contract shall be executed by the authorized signatory of the bidder. A power of
attorney to that effect shall be submitted by the successful bidders as per Annexure S.
92 Section 19 43 AMC and ATS should be payable half yearly in arrears
Query Bank Response
17.2. The warranty would be on-site and comprehensive in nature.
Warranty will start from the date of full go- live/implementation and will be
valid for a period of one year. The successful bidder shall provide
maintenance and support under warranty, without any extra cost. Warranty
for software will start from the date of final signoff (go-live) of the Bank.
Bank will not pay any charges during warranty period. 17.3. Any corruption
in the software or media or any services shall be rectified during the full
period of the contract including warranty, if contracted, at no extra cost to
the Bank. The scope of the warranty shall be limited only to correction of
any bugs that were left undetected during acceptance testing by the Bank.
Warranty shall not cover any enhancements or changes in the application
defects against approved Specifications. The above mentioned warranty
Please be guided by the RFP
not approved by Bidder and operation of the deliverables on incompatible
hardware not recommended by Bidder; (ii) any change, not made by
Bidder, to some or all of the deliverables; or (iii) if the deliverables have
been tampered with, altered or modified by the Bank without the written
permission of Bidder; or (iv) defects in components or materials provided to
Bidder by Bank in connection with the preparation of the deliverable. In
case of breach of this warranty, Bank’s exclusive remedy will be to obtain
(1) the re-performance of the service or the correction or replacement of
any service deliverable that provides substantially similar functionality or (2)
if both parties mutually determines that such remedies are not practicable,
a refund of the fees allocable to that part of the deliverable will be due to
the Bank if already paid by the Bank. EXCEPT AS SET FORTH IN THIS
The contract period for Implementation of required solution will be initially
for a period of 5 years support from the date of go-live/implementation
with the selected bidder including one-year warranty and 4 years Annual
Technical Support post warranty for software solution and 3 years warranty
and 2 years Annual Maintenance Contract post warranty for
hardware/Server. However, both the parties with mutual consent may
agree if the Bank desires, it must be agreeable to the selected bidder to
provide Annual Technical Support for Application software for the next two
years after expiry of the contract period on mutually agreed terms and will
be renewed on yearly basis. Both the parties with mutual consent may Bank
reserves the right to extend the contract for further period of two years at Please be guided by the RFP
mutually agreed terms. The successful bidder shall execute (a) a Service
Level Agreement (SLA), which would include all the services and terms and
conditions of the services to be extended as detailed herein and any other
conditions as may be prescribed by the Bank mutually agreed by both the
parties; and (b) Non-disclosure Agreement (NDA) on mutually agreed terms
and conditions. The bidder shall execute the SLA and NDA within one
month/within the date specified by bank , from the date of issuance of
purchase order. The contract shall be executed by the authorized signatory
of the bidder. A power of attorney to that effect shall be submitted by the
successful bidders as per Annexure S.
AMC / ATS should be payable latest Quarterly in arrears Please be guided by the RFP
SI No Clause No Page No Clause Query Bank Response

Section 6.30:
The vendor will provide services for implementation / rolling-out /support / maintenance of proposed
solution (including hardware) for a minimum period of 5 years (3 years warranty + 2 years AMC) from Go
Live date. Bank reserves right to cancel the contract at any time in case system fails to meet any of the
Pls refer section 6.30 and section 19.
43 and requirements as mentioned in the RFP
93 section 6.30 and section 19 It required clarity in terms of maintenance period. Clause self explanatory. Please be guided by the RFP
18
PLs provide the clarity.
Section 19: AMC/ATS
The successful bidder must undertake to provide support for the software for minimum post warranty
period of four (4) years and AMC of Hardware for a period of 2 years after expiry of warranty period of 3
years.

Bidder should make available the spare parts for the systems for at least
two years after the expiry of warranty period. If any of the peripherals,
components etc. are not available or difficult to procure or if the
procurement is likely to be delayed, the replacement shall be carried out
Bidder should make available the spare parts for the systems for at least two years after the expiry of
with equipment of equivalent capacity or higher capacity at no additional
warranty period. If any of the peripherals, components etc. are not available or difficult to procure or if the
charges to the Bank, during the currency of warranty period and AMC. The
procurement is likely to be delayed, the replacement shall be carried out with equipment of equivalent
ATS charges shall be released to the vendor half-yearly subject to timely
capacity or higher capacity at no additional charges to the Bank, during the currency of warranty period and
submission of applicable documents like invoice, performance availability
AMC. The ATS charges shall be released to the vendor half-yearly subject to timely submission of applicable
reports etc. AMC charges shall be released to the vendor half-yearly in
documents like invoice, performance availability reports etc. AMC charges shall be released to the vendor
arrears subject to timely submission of applicable documents like invoice,
half-yearly in arrears subject to timely submission of applicable documents like invoice, performance
performance availability reports etc. Payment will be released by Bank
availability reports etc. Any regulatory /statutory changes or updates or guidelines as required under the
within 30 days of submission of invoice. Any regulatory /statutory changes
directive of Government of India, Reserve Bank of India or any other regulatory/statutory authority must
or updates or guidelines as required under the directive of Government of
be provided/ upgraded to the Bank free of cost by Bidder during warranty or ATS tenure. The Bank
India, Reserve Bank of India or any other regulatory/statutory authority
reserves the right to enter into Technical Support (ATS) with the selected bidder for four years or more
must be provided/ upgraded to the Bank free of at an additional cost to
subject to renewal of every year. The Bank reserves the right to terminate the ATS (if contracted) by giving
Bank by Bidder during warranty or ATS tenure. The Bank reserves the right
Successful Bidder, a prior and written notice of one month indicating its intention to terminate the
to enter into Technical Support (ATS) with the selected bidder for four years
Contract, if the services rendered by the vendor(s) are not satisfactory. In that case, the vendor(s) will
94 19. AMC/ATS 43-44 or more subject to renewal of every year. The Bank reserves the right to Please be guided by the RFP
refund the proportionate amount of ATS for the rest of the period of the ATS, if any. Not following all that is
terminate the ATS (if contracted) by giving Successful Bidder, a prior and
mentioned above, the Bank reserves the right to outsource the software maintenance work to a third party
written notice of one month indicating its intention to terminate the
or the bank may decide to perform the same through its internal resources. Whatever the case may be
Contract, if the services rendered by the vendor(s) are not satisfactoryas
(either third- party maintenance or maintenance through internal resources), the vendor(s) shall provide
per the agreed scope and not rectified within such one month notice period.
requisite maintenance training, technical know-how, and expert assistance to the persons and/or agencies,
In that case, the vendor(s) will refund the proportionate amount of ATS for
duly authorized by the Bank for this purpose with no extra cost to bank. Any decision in this regard by the
the rest of the period of the ATS, if any. Not following all that is mentioned
Bank shall be final, conclusive and binding on the selected Bidder and shall not be questioned/ challenged
above, the Bank reserves the right to outsource the software maintenance
by the selected Bidder. The ATS charges per annum should be between 16 to 22% of the cost of software
work to a third party or the bank may decide to perform the same through
components. In case the rate of ATS is not within the range of 16 to 22%, Bank reserves the right to
its internal resources. Whatever the case may be (either third- party
calculate the ATS charges at the rate of 22% of software solution’s cost after the final cost derived through
maintenance or maintenance through internal resources), the vendor(s)
Reverse Auction. The AMC charges per annum should be between 8 to 10% of the cost of hardware
shall provide requisite maintenance training, technical know-how, and
equipment. In case the rate of AMC is not within the range of 8 to 10%, Bank reserves the right to calculate
expert assistance to the persons and/or agencies, duly authorized by the
the Maintenance charges at the rate of 10% of hardware equipment's cost after the final cost derived
Bank for this purpose with no extra cost to bank. Any decision in this
through Reverse Auction.
regard by the Bank shall be final, conclusive and binding on the selected
Bidder and shall not be questioned/ challenged by the selected Bidder. The
ATS charges per annum should be between 16 to 22% of the cost of
software components. In case the rate of ATS is not within the range of 16
If the order has been placed by vendor to the OEM then ATS termination
The Bank reserves the right to terminate the ATS (if contracted) by giving Successful Bidder, a prior and
year will not be possible and for subsequest years termination notice period
written notice of one month indicating its intention to terminate the Contract, if the services rendered by
95 Section 19 44 should be 60 to 90 days. Also, in case of early termination, Customer will be Please be guided by the RFP
the vendor(s) are not satisfactory. In that case, the vendor(s) will refund the proportionate amount of ATS
required to pay termination charges and clear all outstanding payments, if
for the rest of the period of the ATS, if any.
applicable
Not following all that is mentioned above, the Bank reserves the right to outsource the software
maintenance work to a third party or the bank may decide to perform the same through its internal Please clarify if this is after award of Contract or before. Also there should
resources. Whatever the case may be (either third- party maintenance or maintenance through internal be a notice period of 120 days and TCO for the prevailant year in which
96 Section 19 44 Clause self explanatory. Please be guided by the RFP
resources), the vendor(s) shall provide requisite maintenance training, technical know-how, and expert descopeing is done along with all outstanding payment should be paid to
assistance to the persons and/or agencies, duly authorized by the Bank for this purpose with no extra cost the vendor if descoping is done.
to bank.
SI No Clause No Page No Clause Query Bank Response

Bidders are liable for not meeting the security standards or desired security
aspects of all the ICT resources as per Bank’s IT/Information Security / Cyber
Security Policy. The IT /Information Security/ Cyber Security Policy will be
Bidders are liable for not meeting the security standards or desired security aspects of all the ICT resources shared with successful bidder. Bidders should ensure Data Security and
as per Bank’s IT/Information Security / Cyber Security Policy. The IT /Information Security/ Cyber Security protection of facilities/application managed by them. The deputed persons
Policy will be shared with successful bidder. Bidders should ensure Data Security and protection of should aware about Bank’s IT/IS/Cyber security policy and have to maintain
facilities/application managed by them. The deputed persons should aware about Bank’s IT/IS/Cyber the utmost secrecy & confidentiality of the Bank’s data including process
security policy and have to maintain the utmost secrecy & confidentiality of the Bank’s data including performed at the Bank premises. At any time, if it comes to the notice of the
process performed at the Bank premises. At any time, if it comes to the notice of the bank that data has bank that data has been compromised/disclosed/misused/misappropriated
been compromised/disclosed/misused/misappropriated then bank would take suitable action as deemed then bank would claim the damages as per legal processtake suitable action
20. Adherence of cyber
97 44-45 fit and selected vendor would be required to compensate the bank to the fullest extent of loss incurred by as deemed fit and selected vendor would be required to compensate the please be guided by the RFP
security policy
the bank. Bidder has to agree and provide undertaking not to disclose any Bank information and will bank to the fullest extent of loss incurred by the bank. Bidder has to agree
maintain confidentiality of Bank information as per policy of the Bank and will sign “Non-Disclosure and provide undertaking not to disclose any Bank information and will
Agreement” document provided by Bank. The legal and regulatory requirements, including data maintain confidentiality of Bank information as per policy of the Bank and
protection, intellectual property rights, copy right, all the relevant regulations for sub-contracting; including will sign “Non-Disclosure Agreement” document provided by Bank. The
the controls that need to be implemented shall be included in the supplier agreement. All information legal and regulatory requirements, including data protection, intellectual
resources (online/in-person) of the vendors and its partners shall be made accessible to Reserve Bank of property rights, copy right, all the relevant regulations for sub-contracting;
India as and when sought including the controls that need to be implemented shall be included in the
supplier agreement. All information resources (online/in-person) of the
vendors and its partners shall be made accessible to Reserve Bank of India
as and when sought

In the event of any claim asserted by a third party of infringement of

In the event of any claim asserted by a third party of infringement of copyright, patent, trademark,
industrial design rights, etc. arising from the use of the procurement of this RFP or any part/component
thereof in India, the supplier shall act expeditiously to extinguish such claim. If the Supplier fails to comply
98 21. Patent Rights 45-46
and the Bank is required to pay compensation to a third party resulting from such infringement, the
supplier shall be responsible for the compensation including all expenses, court costs and lawyer fees. Bank
will give notice to the supplier of such claim, if it is made, without any delay.
copyright, patent, trademark, industrial design rights, etc. arising from the
use of the procurement of this RFP or any part/component thereof in India,
the supplier shall act expeditiously to extinguish such claim. If the Supplier
fails to comply and the Bank is required to pay compensation to a third
Please be guided by the RFP
party resulting from such infringement, the supplier shall be responsible for
the compensation including all expenses, court costs and lawyer fees. Bank
will give notice to the supplier of such claim, if it is made, without any delay.
All payments for amounts of indemnity under this Agreement shall be as per
the court awarded damages.

Suggest the Milestone break-up as below:

- 100% payment for Hardware and Software on delivery and Installation.
99 Section 23 46 Payment terms Please be guided by the RFP
- 100% payment for Implementation Services till Go-live
- Payment for Infra O&M as equated quarterly installment in Arrears
SI No Clause No Page No Clause
23.8. All the payments to the Bidder shall be subject to the report of satisfactory accomplishment of the
concerned task / performance/ delivery of the Services to the satisfaction of Bank for this purpose. 23.10. engaged by the Successful Bidder in the course of performance of the
Under no circumstances Bank shall be liable to the Successful Bidder and/or its
employees/personnel/representatives/agent etc. for direct, indirect, incidental, consequential, special or payment/withhold payments (except in case of payments for successfully
exemplary damages arising from termination of the Contract. 23.11. Bank shall not have any liability
whatsoever in case of any third party claims, demands, suit, actions or other proceedings against the
100 23. Payment Terms 46-49
Successful Bidder or any other person engaged by the Successful Bidder in the course of performance of
the Service. 23.12. Bank reserves the rights to dispute/deduct payment/withhold payments/further
payment due to the Successful Bidder under the Contract, if the Successful Bidder has not performed or
rendered the Services in accordance with the provisions of the Contract which the Bank at its sole
discretion adjudge. 23.13. Successful Bidder shall permit Bank to hold or deduct the amount from invoices, or failure to discharge obligations under the Contract. Please add in
for non-performance or part performance or failure to discharge obligations under the Contract.
Vendor’s aggregate liability for actual direct damages shall be limited to a maximum of the Contract Value, development /testing & lapses in support, the selected bidder is liable to
provided that this limit shall not apply to following: 25.1. The infringement indemnity; or 25.2. Bodily
injury (including death) and damage to real property and tangible personal property caused by Vendor’s
negligence 25.3. Financial loss due to delay in service/delivery or claim for damages due to breach of
101 25. Limitation of liability 50
contract. 25.4. Due to any wrong coding / breach of system / bugs in customization/configuration /
development /testing & lapses in support, the selected bidder is liable to pay the financial losses incurred otherwise, for any special, punitive, indirect, exemplary, consequential, or
to the Bank. For the purposes of this Section, “Contract Value” at any given point in time, means the
aggregate value of purchase orders placed by Bank on the Vendor under this project.
Query Bank Response
23.8. All the payments to the Bidder shall be subject to the report of
satisfactory accomplishment of the concerned task / performance/ delivery
of the Services to the satisfaction of Bank for this purposeas per the agreed
scope. 23.10. Under no circumstances Bank shall be liable to the Successful
Bidder and/or its employees/personnel/representatives/agent etc. for
direct, indirect, incidental, consequential, special or exemplary damages
arising from termination of the Contract. 23.11. Bank shall not have any
liability whatsoever in case of any third party claims, demands, suit, actions
or other proceedings against the Successful Bidder or any other person
Service. 23.12. Bank reserves the rights to dispute/deduct
delivered services)/further payment due to the Successful Bidder under the
Contract, if the Successful Bidder has not performed or rendered the
Please be guided by the RFP
Services in accordance with the provisions of the Contract which the Bank at
its sole discretion adjudge. 23.13. Successful Bidder shall permit Bank to
hold (except in case of payments for successfully delivered services) or
deduct the amount from invoices, for non-performance or part performance
payment terms: Bank will make the payment within 30 days of receipt of
invoice. All payments due for more than thirty (30) days will attract an
interest at the rate of 2 percent per month on the invoice amount
calculated from the date the payment became due until the recovery is
made in full with interest. Without prejudice to the other rights available,
Bidder also reserves the right to withhold the provision of Services till such
time all the payments due to it under this Agreement have been made by
Bank and any such withholding by the Bidder shall not be treated as breach
by it of the
Vendor’s provisions
aggregate of thisfor
liability Agreement. Anydamages
actual direct dispute regarding the invoice
shall not exceed the
amount paid to Bidder by Bank in the preceding twelve months under that
applicable work that gives rise to such liability (as of the date the liability
arose)be limited to a maximum of the Contract Value, provided that this
limit shall not apply to following: 25.1. The third party infringement
indemnity claims ; or 25.2. Bodily injury (including death) and damage to
real property and tangible personal property caused by Vendor’s negligence
willful misconduct 25.3. Financial loss due to delay in service/delivery or
claim for damages due to breach of contract. 25.4. Due to any wrong
coding / breach of system / bugs in customization/configuration /
pay the financial losses incurred to the Bank. For the purposes of this
Section, “Contract Value” at any given point in time, means the aggregate
value of purchase orders placed by Bank on the Vendor under this project.
Please be guided by the RFP
In no event Service Provider shall be liable, whether in contract, tort, or
incidental losses, damages, claims, liabilities, charges, costs, expenses or
injuries, including, without limitation, loss of use, data, profits, revenues,
business and for any claims of customers of the Bank or other third parties
claiming through the Bank arising under or in connection with this
Agreement even if such Party has been advised in advance of their
possibility. Service Provider shall be excused and not be liable or
responsible for any delay or failure to perform the services or failure of the
services or a deliverable under this Agreement, to the extent that such
delay or failure has arisen as a result of any delay or failure by the Bank or
its employees or agents or third party service providers to perform any of
its duties and obligations as set out in this Agreement. In the event that
Service Provider is delayed or prevented from performing its obligations
SI No Clause No Page No Clause
The bidder must undertake that they shall hold in trust any Information received by them, under the
Contract/Agreement, and the strictest of confidence shall be maintained in respect of such Information.
The bidder has also to agree: 26.1. To maintain and use the Information only for the purposes of the
Contract/Agreement and only as permitted by the BANK; 26.2. To only make copies as specifically
authorized by the prior written consent of the Bank and with the same confidential or proprietary notices
102 26. Confidentiality 50-51 as may be printed or displayed on the original; 26.3. To restrict access and disclosure of Information to
such of their employees, agents, strictly on a "need to know" basis, to maintain confidentiality of the
Information disclosed to them in accordance with this Clause and 26.4. To treat all Information as
Confidential Information. 26.5. The Selected Bidder shall be required to sign a Non Disclosure Agreement
(NDA) with Bank as per prescribed format provided in Annexure M within thirty days of issuing the
order/letter of intent.
27.1. Bidder on submission of proposal indemnifies to protect and save the Bank and hold the Bank
harmless from and against all claims, losses, costs, damages, expenses, action suits and other proceedings,
(including reasonable attorney fees), relating to or resulting directly or indirectly from 27.1.1. An act or
omission of the Bidder, its employees, its agents, or employees of the consortium in the performance of the
services provided by this contract, 27.1.2. Breach of any of the terms of this RFP or breach of any
representation or warranty by the Bidder, 27.1.3. Use of the deliverables and or services provided by the
Bidder, 27.1.4. Infringement of any patent trademarks copyrights etc. or such other statutory
infringements in respect of all components provided to fulfill the scope of this project. Bidder shall further
indemnify the Bank against any loss or damage to the Bank’s premises or property, Bank’s data, direct
financial loss, loss of life, etc., due to the acts of the Bidder's employees or representatives. The Bidder shall
103
further indemnify the Bank against any loss or damage arising out of loss of data, claims of infringement of
third- party copyright, patents, or other intellectual property, and third-party claims on the Bank for
malfunctioning of the equipment or software or deliverables at all points of time, provided however,
27.1.4.1. The Bank notifies the bidder in writing in a reasonable time frame on being aware of such claim,
27.1.4.2. The Bidder has sole control of defense and all related settlement negotiations, 27.1.4.3. The Bank
provides the Bidder with the assistance, information and authority as it deems fit to perform the above.
27.2. It is clarified that the bidder shall in no event enter into a settlement, compromise or makes any
statement (including failure to take appropriate steps) that may be detrimental to the Bank’s (and/or its
customers, users and service providers) rights, interest and reputation. 27.3. Bidder shall solely be
responsible for any loss of data, loss of life, etc., due to acts of Bidder's representatives, and not just arising
out of gross negligence or misconduct, etc., as such liabilities pose significant risk. 27.4. Bidder should take
full responsibility for its and its employee's actions and there is no employer employee relationship
27. Indemnity 51-53
between bank and the bidder/or his employees/representatives. Further, since the Bank’s data could be
integrated / used under Bidder provided software, the Bidder should be responsible for loss/compromise
Query Bank Response
The bidder must undertake that they shall hold in trust any Information
received by them, under the Contract/Agreement, and the strictest of
confidence shall be maintained in respect of such Information. The bidder
has also to agree: 26.1. To maintain and use the Information only for the
purposes of the Contract/Agreement and only as permitted by the BANK;
26.2. To only make copies as specifically authorized by the prior written
consent of the Bank and with the same confidential or proprietary notices
as may be printed or displayed on the original; 26.3. To restrict access and
disclosure of Information to such of their employees, agents, strictly on a
"need to know" basis, to maintain confidentiality of the Information
disclosed to them in accordance with this Clause and 26.4. To treat all such
Information as Confidential Information which is marked or designated as
“Confidential Information”. 26.5. The Selected Bidder shall be required to
Please be guided by the RFP
sign a Non Disclosure Agreement (NDA) with Bank as per prescribed format
provided in Annexure M within thirty days of issuing the order/letter of
intent. The bank should also maintain the confidentiality of the
information, data, documents etc shared by the bidder to Bank. However,
nothing in this clause shall prevent the receiving party from treating a
confidential information as non-confidential, if such information is: i) in the
possession of, or was known to receiving party prior to its receipt, without
an obligation to maintain its confidentiality; ii) or subsequently becomes
generally known to the public without violation of this provision by the
receiving party; iii) obtained by receiving party from a third party (i) who the
receiving party does not know to have violated , or to have obtained such
information in violation of any obligation to the disclosing party with respect
to such information, (ii) who does not require the receiving party to refrain
27.1. Bidder on submission of proposal indemnifies to protect and save the
Bank and hold the Bank harmless from and against all claims, losses, costs,
damages, expenses, action suits and other proceedings, (including
reasonable attorney fees), relating to or resulting directly or indirectly from
27.1.1. An act or omission of the Bidder, its employees, its agents, or
employees of the consortium in the performance of the services provided
by this contract, 27.1.2. Breach of any of the terms of this RFP or breach of
any representation or warranty by the Bidder, 27.1.3. Use of the
deliverables and or services provided by the Bidder, 27.1.4. Infringement
of any patent trademarks copyrights etc. or such other statutory
infringements in respect of all components provided to fulfill the scope of
this project. Bidder shall further indemnify the Bank against any loss or
damage to the Bank’s premises or property, Bank’s data, direct financial
loss, loss of life, etc., due to the acts of the Bidder's employees or
representatives. The Bidder shall further indemnify the Bank against any
loss or damage arising out of loss of data, claims of infringement of third-
party copyright, patents, or other intellectual property, and third-party
claims on the Bank for malfunctioning of the equipment or software or
deliverables at all points of time, provided however, 27.1.4.1. The Bank
notifies the bidder in writing in a reasonable time frame on being aware of
such claim, 27.1.4.2. The Bidder has sole control of defense and all related
settlement negotiations, 27.1.4.3. The Bank provides the Bidder with the
assistance, information and authority as it deems fit to perform the above.
27.2. It is clarified that the bidder shall in no event enter into a settlement,
compromise or makes any statement (including failure to take appropriate
steps) that may be detrimental to the Bank’s (and/or its customers, users Please be guided by the RFP
and service providers) rights, interest and reputation. Vendor shall have
no obligations with respect to any Infringement Claims to the extent that
SI No Clause No Page No Clause Query Bank Response
no obligations with respect to any Infringement Claims to the extent that
or damage to Bank’s data and for causing reputation risk to bank. 27.5. The bidders should indemnify the
the Infringement Claim arises or results from: (i) Vendor’s compliance
Bank (including its employees, directors or representatives) from and against claims, losses, liabilities,
with Bank’s specific technical designs or instructions (except where
penalties, fines and suits arising from: 27.5.1. Non-compliance of the bidder with
Vendor knew or should have known that such compliance was likely to
Laws/Governmental/regulatory Requirements 27.5.2. IP infringement under any laws including Copyrights
result in an Infringement Claim and Vendor did not inform Bank of the
Act 1957 & IT Act 2000 and such other statutory acts and amendments thereto and violation of Cyber Laws.
same); (ii) inclusion in a Deliverable of any content or other materials
27.5.3. Negligence and misconduct of the Bidder, its employees, and agents. 27.5.4. Breach of any terms
provided by Bank and the infringement relates to or arises from such Bank
of RFP, Representation or Warranty. 27.5.5. Act or omission in performance of service. 27.5.6. Loss of
materials or provided material; (iii) modification of a Deliverable after
data due to any of the reasons mentioned above. 27.5.7. Loss of reputation /financial loss to bank arising
delivery by Vendor to Bank if such modification was not made by or on
from the breach of contract by the bidder. 27.6. In the event that the Bank is called as a defendant for IPR
behalf of the Vendor; (iv) operation or use of some or all of the
infringement of patent, trademark or industrial design rights arising from use of any of the components of
Deliverable in combination with products, information, specification,
the supplied solution, the Bidder on its own expense will undertake to defend the Bank. 27.7. It will be the
instructions, data, materials not provided by Vendor; or (v) use of the
Bidder's responsibility to rapidly do away with such third-party claims. The Bidder will also pay any
Deliverables for any purposes for which the same have not been designed
compensation arising from the infringement claims and the Bank will in no manner be responsible for such
or developed or other than in accordance with any applicable
payments. In addition, the Bidder will bear all the related expenses and legal fees. 27.8. On its part, the
specifications or documentation provided under the applicable Statement
Bank will immediately relay to the Bidder any such claims and offer assistance within reasonable limits to
of Work by the Vendor ; or (v) use of a superseded release of some or all
rid the claim. 27.9. The Bidder must undertake to indemnify that all the components delivered are free of
of the Deliverables or Bank’s failure to use any modification of the
defects, are brand new and original. If at some stage it is discovered that the components do not meet
Deliverable furnished under this Agreement including, but not limited to,
these criteria, the Bank has the right to cancel the order and the Bidder will have to refund the total
corrections, fixes, or enhancements made available by the Vendor. In the
amount received from the Bank along with the interest and separate penalties. Similar conditions apply to
event that Bank is enjoined or otherwise prohibited, or is reasonably likely
software; as well the system software must be licensed and original.
to be enjoined or otherwise prohibited, from using any Deliverable as a
result of or in connection with any claim for which Vendor is required to
indemnify Bank under this section according to a final decision of the courts
or in the view of Vendor, Vendor, may at its own expense and option: (i)

Any supplies and services, which might not have been specifically
mentioned in this tender but, are necessary for the installation,
Any supplies and services, which might not have been specifically mentioned in this tender but, are Configuration, testing, commissioning, performance or completeness of the
necessary for the installation, Configuration, testing, commissioning, performance or completeness of the order, shall be provided/ made available as per the adjusted time schedule
order, shall be provided/ made available as per the time schedule for smooth and efficient operation and for smooth and efficient operation and maintenance of the system under
31. Responsibility for maintenance of the system under Indian conditions. The bidder shall be responsible for any discrepancies, Indian conditions at an additional cost to Bank. The bidder shall be
104 55 Please be guided by the RFP
Completeness errors and omissions in the technical details submitted by him/them, irrespective of whether these have responsible for any discrepancies, errors and omissions in the technical
been approved, reviewed or otherwise, accepted by the Bank or not. The Bidder shall take all corrective details submitted by him/them, irrespective of whether these have been
measures arising out of discrepancies, errors and omissions in drawing and other information as mentioned approved, reviewed or otherwise, accepted by the Bank or not. The Bidder
above within the time schedule and without extra cost to the Bank. shall take all corrective measures arising out of discrepancies, errors and
omissions in drawing and other information as mentioned above within the
time schedule and without extra cost to the Bank.

33.1. Bidder has to agree to keep source code of proposed solution with
33.1. Bidder has to agree to keep source code of proposed solution with approved / recognized escrow
approved / recognized escrow agency under escrow arrangements mutually
agency under escrow arrangements mutually acceptable to the bank and Bidder for entire project period.
105 33. Escrow Arrangement 56 acceptable to the bank and Bidder for entire project period. Cost of the Please be guided by the RFP
Cost of the escrow arrangement to be borne by Bidder. Contract will be signed on mutually acceptable
escrow arrangement to be borne by BidderBank. Contract will be signed on
terms with bank and escrow agent.
mutually acceptable terms with bank and escrow agent.

34.1. All information processed, stored, or transmitted by Bank to the

34.1. All information processed, stored, or transmitted by successful Bidder application belongs to the
Bank. By having the responsibility to maintain the application, the Bidder does not acquire implicit access
34. Ownership and Retention rights to the information or rights to redistribute the information. The Bidder understands that civil,
106 57
of Documents criminal, or administrative penalties may apply for failure to protect information appropriately. Any
information considered sensitive by the bank must be protected by the successful Bidder from
unauthorized disclosure, modification or access. The Bank’s decision will be final.
Bidder successful Bidder application belongs to the Bank. By having the
responsibility to maintain the application, the Bidder does not acquire
implicit access rights to the Bank information or rights to redistribute the
Bank information. The Bidder understands that civil, criminal, or
Please be guided by the RFP
administrative penalties may apply for failure to protect information
appropriately. Any information considered sensitive by the bank must be
notified to the Bidder as being sensitive and be protected by the successful
Bidder from unauthorized disclosure, modification or access. The Bank’s
decision will be final.
SI No Clause No Page No Clause Query Bank Response

If any act or failure by the bidder under the agreement results in failure or inoperability of systems and if
the Bank has to take corrective actions to ensure functionality of its property, the Bank reserves the right to
impose penalty, which may be equal to the cost it incurs or the loss it suffers for such failures. If the Bidder
fails to complete the due performance of the contract in accordance with the specification and conditions
of the offer document, the Bank reserves theright either to cancel the order or to recover a suitable
107 35. Penalty 57-58
amount as deemed reasonable as Penalty / Liquidated Damage for non- performance. Any financial loss to
the Bank on account of fraud taking place due to Successful Bidder, its employee or their services provider’s
negligence shall be recoverable from the Successful Bidder along with damages if any with regard to the
Bank’s reputation and goodwill. Bank may impose penalty to the extent of damage to its any equipment, if
the damage was due to the actions directly attributable to the staff of the Bidder.
If any act or failure by the bidder under the agreement results in failure or
inoperability of systems and if the Bank has to take corrective actions to
ensure functionality of its property, the Bank reserves the right to impose
penalty, which may be equal to the cost it incurs or the loss it suffers for
such failures. If the Bidder fails to complete the due performance of the
contract in accordance with the specification and conditions of the offer
document, the Bank reserves theright either to cancel the order or to
recover a suitable amount as deemed reasonable as Penalty / Liquidated Please be guided by the RFP
Damage for non- performance as per the penalty/LD clause . Any financial
loss to the Bank on account of fraud taking place due to Successful Bidder,
its employee or their services provider’s negligence shall be recoverable
from the Successful Bidder along with damages if any with regard to the
Bank’s reputation and goodwill. Bank may impose penalty to the extent of
damage to its any equipment, if the damage was due to the actions directly
attributable to the staff of the Bidder.

Please confirm if we have to provision for EMS and Service desk tools or we
108 36 58 Service Level Agreement & Penalties Bidder to provision for all SLA related tools
will have access to the existing tool.

36.5. The bidder shall guarantee 99.95% uptime. The Bidder shall be liable for penalties for uptime
maintained below 99.95% in a month. Max. Limit 10% of (A+B), beyond which Bank may terminate the
contract 36.7. Downtime due to schedule activity and Bank issues will be exempted. 36.8. If the solution
36. Service Level Agreement
109 58-60 or any of its components behaves erroneously which results in monetary or business loss to the Bank, then
& Penalties
the entire amount of such loss shall be recovered from the bidder on actual basis. 36.9. In case of absence
of the FM engineer during the contract period, there will be a penalty of Rs 1000/- per day besides
deducting prorate charges from agreed FM charges.
36.5. The bidder shall guarantee 99.95% uptime. The Bidder shall be liable
for penalties for uptime maintained below 99.95% in a month. Max. Limit
10% of (A+B), beyond which Bank may terminate the contract 36.7.
Downtime due to following reasons schedule activity and Bank issues will be
exempted: . schedule activity; Bank issues which may involve time lost due
to power or environmental failures; Time taken to recover the system
because of power or environmental failures; Time lost due to damage or
malfunction in the system or any units thereof due to causes attributable to
Bank such as attachment of additional devices, making alteration to the
system, maintenance of the system, etc. without Bidder's consent and/ or
failure to maintain the site as required by the Bidder; Time taken for
reconfiguration or other planned downtime situations; Scheduled
Please be guided by the RFP
shutdowns as required by Bank (Bidder may also request Bank for a
shutdown for maintenance purpose, which request will not be denied
unreasonably by Bank); Time taken for booting the system (h) Time lost due
to unavailability of links Mis-handling of system by any person other than
Bidder's authorized representatives. 36.8. If the solution or any of its
components behaves erroneously which results in monetary or business
loss to the Bank, then the entire amount of such loss shall be recovered
from the bidder on actual basis. 36.9. In case of absence of the FM
engineer during the contract period, there will be a penalty of Rs 1000/- per
day besides deducting prorate charges from agreed FM charges. The
overall LD and Penalty under all provisions of the contract shall not exceed
10% of contract value.

The Bank would expect the bidder to commit to the service level assurances. The Bidder shall commit to If we will have access to existing tool, please let us know the tool being used
110 36.3 59 Bidder to provision for all SLA related tools
maintain uptime of 99.95% and above per month currently and if it can measure availability of services

Please amend this to "Further the Bidder has to ensure rectification of all
Further the Bidder has to ensure rectification of all the irregularities thus pointed out by the auditor within
111 38 60 irregularities with respect to scope of this RFP which are pointed out by the Please be guided by the RFP
a given time frame.
auditor. Same shall be completed within mutually accepted time frame."

We expect that all security requirements as per the existing policy is

The bidder has to ensure compliance of Information Security according to policy of the Bank and mitigate mentioned in this RFP. Any additional effort or procurement which is Information security policy of bank is seprate
112 38 60
the risk, if any, within the stipulated time without any additional cost to Bank outside of details mentioned in tis RFP will be completed as part of Change document from RFP. Please be guided bt the RFP
management process and costs incurred will be paid by the bank..
SI No Clause No Page No Clause
The Bidder shall at all times whenever required furnish all information, records, data stored in whatsoever
form to internal, external, Bank appointed and statutory/RBI inspecting auditors and extend full
cooperation in carrying out of such inspection. The Bidder will also undertake to co- operate with the RBI to
carry out its supervisory functions and objectives and will furnish all records and other information as RBI
may call for to carry our inspection and/or other functions. The Bidder is required to facilitate the same at
no additional cost and shall provide uninterrupted access to the documents required by the auditors.
Further the Bidder has to ensure rectification of all the irregularities thus pointed out by the auditor within
a given time frame. The Bank has right to audit the Application /Source Code by the suitable Security
Auditor. The bidder has to ensure compliance of Information Security according to policy of the Bank and
mitigate the risk, if any, within the stipulated time without any additional cost to Bank. In line of above,
the selected bidder shall ensure that all regulatory, Statutory, Local Administration requirements are
adhered to subsequently while undertaking deliverable and services over the period of contract without
113 38. Audit 60-61
any additional cost to Bank. Compliance with security best practices may be monitored by periodic
computer/information security audit performed by or on behalf of the Bank. The periodicity of these audits
will be decided at the discretion of the Bank. These audit plan to include, but are not limited to, a review of:
access and authorization procedures, physical security controls, input/output controls, DB controls, backup
and recovery procedures, network security controls and program change controls. To the extent that the
Bank deems it necessary to carry out a program of inspection and audit to safeguard against threats and
hazards to the confidentiality, integrity, and availability of data, the Bidder shall afford the Bank’s
representative access to the Bidder’s facilities, installations, technical resources, operations,
documentation, records, databases and personnel. The Bidder must provide the Bank access to various
monitoring and performance measurement system (both manual and automated). The Bank has the right
to get the monitoring and performance measurement systems (both manual and automated) audited
without prior approval / notice to the bidder.
Compliance with security best practices may be monitored by periodic computer/information security audit
114 38 61 Please confirm who will be bearing the cost of these audits.
performed by or on behalf of the Bank.
Query Bank Response
The Bidder shall at all times whenever required furnish all information,
records, data stored in whatsoever form to internal, external, Bank
appointed and statutory/RBI inspecting auditors and extend full
cooperation in carrying out of such inspection. The Bidder will also
undertake to co- operate with the RBI to carry out its supervisory
functions and objectives and will furnish all records and other
information as RBI may call for to carry our inspection and/or other
functions. The Bidder is required to facilitate the same at no additional
cost and shall provide uninterrupted access to the documents required
by the auditors. The cost of the audit shall be borne by the Bank. Further
the Bidder has to ensure rectification of all the irregularities thus pointed
out by the auditor within a given time frame. Compliance with security
best practices may be monitored by periodic computer/information
security audit performed by or on behalf of the Bank. The periodicity of
these audits will be decided at the discretion of the Bankmutually by the
parties. These audit plan to include, but are not limited to, a review of:
Please be guided by the RFP
access and authorization procedures, physical security controls,
input/output controls, DB controls, backup and recovery procedures,
network security controls and program change controls. To the extent
that the Bank deems it necessary to carry out a program of inspection
and audit to safeguard against threats and hazards to the confidentiality,
integrity, and availability of data, the Bidder shall afford the Bank’s
representative access to the Bidder’s facilities, installations, technical
resources, operations, documentation, records, databases and
personnel. The Bidder must provide the Bank access to various
monitoring and performance measurement system (both manual and
automated). The Bank has the right to get the monitoring and
performance measurement systems (both manual and automated)
audited without prior approval / notice to the bidder. Any such
inspection/audit shall be conducted expeditiously, efficiently, and at
reasonable business hours after giving due notice to the Bidder which
shall not be less than 10 days. The audit will be at cost of Bank. The Bank
Audits shall be performed by the Bank

Force Majeure is herein defined as any cause, which is beyond the control of
the selected Bidder or the Bank as the case may be which they could not
foresee or with a reasonable amount of diligence could not have foreseen
and which substantially affect the performance of the Contract, such as:
39.1. Natural phenomena, including but not limited to floods, droughts,
Force Majeure is herein defined as any cause, which is beyond the control of the selected Bidder or the earthquakes, epidemics, pandemics etc. 39.2. Acts of any Government,
Bank as the case may be which they could not foresee or with a reasonable amount of diligence could not including but not limited to war, declared or undeclared, priorities,
have foreseen and which substantially affect the performance of the Contract, such as: 39.1. Natural quarantines, embargoes, 39.3. Terrorist attacks, public unrest in work area;
phenomena, including but not limited to floods, droughts, earthquakes, epidemics, 39.2. Acts of any 39.4 fire Provided either party shall within ten (10) days from the
115 39. Force Majeure 61 Government, including but not limited to war, declared or undeclared, priorities, quarantines, embargoes, occurrence of such a cause notify the other in writing of such causes. The Please be guided by the RFP
39.3. Terrorist attacks, public unrest in work area; Provided either party shall within ten (10) days from the Bidder or the Bank shall not be liable for delay in performing his/her
occurrence of such a cause notify the other in writing of such causes. The Bidder or the Bank shall not be obligations resulting from any Force Majeure cause as referred to and/or
liable for delay in performing his/her obligations resulting from any Force Majeure cause as referred to defined above. In such a case the time for performance shall be extended by
and/or defined above. a period not less than duration of such delay. If the duration of delay
continues beyond a period of one month, then either party may at any time
thereafter while such performance continues to be excused, terminate this
Agreement without liability, by notice in writing to the other party. However
Bidder shall be entitled to receive payments for all services rendered by it
under this Contract.
SI No Clause No Page No Clause
The Bank reserves the right to cancel the contract in the event of happening one or more of the following mplementation/customization and acceptance tests/ checks beyond the
conditions: 40.1. Failure of the successful bidder to accept the contract and furnish the Performance Bank specified periods provided the delay is for the reasons which are solely and
Guarantee equivalent to 15% of the project cost within 30 days from receipt of purchase contract. 40.2.
Delay in delivery beyond the specified period. 40.3. Delay in completing implementation/customization
and acceptance tests/ checks beyond the specified periods; 40.4. Serious discrepancy in functionality to be Serious discrepancy in functionality to be provided or the performance
116 40. Exit Clause 61-62
provided or the performance levels which have an impact on the functioning of the solution. 40.5.
Reputation/financial loss to bank In addition to the cancellation of contract, Bank reserves the right to
appropriate the damages through encashment of Bid Security /Performance Guarantee given by the
Bidder. Bank reserves right to exit at any time after giving notice period of one month during the contract with a written notice of 30 days to cure any breach of the Contract. The
period.
If the Termination is on account of failure of the successful bidder to perform any of the obligations under
this RFP contract, the Bank shall have the right to invoke the Performance Bank Guarantee(s) given by the
selected bidder. The Bank will be entitled to terminate this Contract, without any cost to the Bank and
recover expenditure incurred by Bank, on the happening of any one or more of the following: 41.1. The
selected bidder commits a breach of any of the terms and conditions of the bid. 41.2. The Successful
bidder goes into liquidation voluntarily or otherwise. 41.3. An attachment is levied or continues to be
levied for a period of 7 days upon effects of the Agreement. 41.4. The progress regarding the execution of
the order accepted by the selected bidder is found to be unsatisfactory or delay in execution of the
contract, the Bank reserves the right to get the balance contract executed by the another party of its choice
by giving one month’s notice for the same. In this event, the selected bidder is bound to make good the
117 41. Termination of Contract 62-63 additional expenditure, which Bank may have to incur in executing the balance contract. This clause is
applicable, if for any reason, the contract is cancelled. 41.5. If deductions on account of liquidated
damages exceeds more than 10%. 41.6. Non-satisfactory performance of the selected bidder during
implementation and operation. 41.7. An act of omission by the Bidder, its employees, its agents, or
employees of the consortium in the performance of the services provided by this contract. 41.8. Failure to
integrate/implement the Project as per the requirements of the Bank as stated in this RFP. 41.9. Material
discrepancies in the Deliverables and Services noted in the implementation of the Project. Bank reserves
the right to procure the same or similar product from the alternate sources at the risk, cost and
responsibility of the selected bidder. 41.10. Selected bidder is found to be indulging in frauds. 41.11. The
Bank suffers a reputation loss on account of any activity of Successful bidder. 41.12. In the event of sub
contract or assignment contrary to the terms of agreement and without Bank’s permission.
Query Bank Response
The Bank reserves the right to cancel the contract by providing prior notice
of 30 days in the event of happening of one or more of the following
conditions: 40.1. Failure of the successful bidder to accept the contract and
furnish the Performance Bank Guarantee equivalent to 15% of the project
cost within 30 days from receipt of purchase contract. 40.2. Substantial
Ddelay in delivery beyond the specified period provided the delay is for the
reasons which are solely and entirely attributable to the Bidder and not due
to reasons attributable to Bank and/or its other vendors or due to reasons
of Force Majeure. 40.3. Substantial Ddelay in completing
entirely attributable to the Bidder and not due to reasons attributable to
Bank and/or its other vendors or due to reasons of Force Majeure.; 40.4.
Please be guided by the RFP
levels which have an impact on the functioning of the solution. 40.5.
Reputation/financial loss to bank Prior to providing a written notice of
cancellation to the Selected Bidder, Bank shall provide the selected bidder
decision to terminate the contract shall be taken only if the breach
continues or remains unrectified, for reasons within the control of Bidder,
even after the expiry of the cure period. Bidder shall also have the right to
terminate the agreement if the Bank commits a breach of the terms and
conditions of the agreement and, where such breach is curable, fails to cure
the same within 15 days provided for curing such breach. In case the
contract is terminated, then all payment for the services delivered till the
date of termination will be given to bidder. In addition to the cancellation
of contract, Bank reserves the right to appropriate the damages through
encashment
If of BidisSecurity
the Termination /Performance
on account Guarantee
of failure of given bidder
the successful by the to
Bidder.
perform any of the material obligations under this RFP contract, the Bank
shall have the right to invoke the Performance Bank Guarantee(s) given by
the selected bidder provided the delay is for the reasons which are solely
and entirely attributable to the Bidder and not due to reasons attributable
to Bank and/or its other vendors or due to reasons of Force Majeure. The
Bank will be entitled to terminate this Contract, without any cost to the
Bank and recover expenditure incurred by Bank, on the happening of any
one or more of the following: 41.1. The selected bidder commits a breach
of any of the material terms and conditions of the bid provided the breach is
for the reasons which are solely and entirely attributable to the Bidder and
not due to reasons attributable to Bank and/or its other vendors or due to
reasons of Force Majeure. 41.2. The Successful bidder goes into liquidation
voluntarily or otherwise. 41.3. An attachment is levied or continues to be
Please be guided by the RFP
levied for a period of 7 days upon effects of the Agreement. 41.4. The
progress regarding the execution of the order accepted by the selected
bidder is found to be unsatisfactorynot as per the agreed timelines or delay
in execution of the contract, the Bank reserves the right to get the balance
contract executed by the another party of its choice by giving one month’s
notice for the same. In this event, the selected bidder is bound to make
good the additional expenditure, which Bank may have to incur in executing
the balance contract subject to maximum of 5% of the value of undelivered
goods or services. This clause is applicable, if for any reason, the contract is
cancelled due to any material breach of the contract. 41.5. If deductions on
account of liquidated damages exceeds more than 10%. 41.6. Non-
satisfactory pPerformance of the selected bidder during implementation
and operation is not as per agreed scope. 41.7. An act of omission by the
Bidder, its employees, its agents, or employees of the consortium in the
SI No Clause No Page No Clause Query Bank Response

We further confirm that the offer is in conformity with the terms and conditions as mentioned in the RFP
and all required information as mentioned is enclosed We understand that b. If our Bid for the above job is
accepted, we undertake to enter into and execute at our cost, when called upon by the purchaser to do so,
45. Annexure A – Letter of a contract in the prescribed form. Unless and until a formal contract is prepared and executed, this bid
118 66-68
Acceptance together with your written acceptance thereof shall constitute a binding contract between us. We hereby
declare that all the information & Statements made in this RFP are true and accept that any
misinterpretation contained in it may lead to our disqualification. We agree to all terms & conditions of the
RFP.
Subject to the deviations submitted along with the bid proposal, Wwe
further confirm that the offer is in conformity with the terms and conditions
as mentioned in the RFP and all required information as mentioned is
enclosed We understand that b. If our Bid for the above job is accepted, we
undertake to enter into and execute at our cost, when called upon by the
purchaser to do so, a contract in the prescribed formon mutually agreed
terms and conditions. Unless and until a formal contract is prepared and Please be guided by the RFP
executed, this bid together with your written acceptance thereof shall
constitute a binding contract between us. We hereby declare that all the
information & Statements made in this RFP are true and accept that any
misinterpretation contained in it may lead to our disqualification. Subject to
the deviations submitted along with the bid proposal, Wwe agree to all
terms & conditions of the RFP.

Request the bank to allow bidder to submit the proposal with legal
(Any deviation may result in disqualification of bids).
119 Annexure D(B) 77 deviations. These can be discussed and mutually agreed with final selected Please be guided by the RFP
List of deviations
bidder.
Subject to the deviations submitted along with the bid proposal, Wwe
50. Annexure D (B) – We hereby undertake and agree to abide by all the terms and conditions stipulated by the Bank in this RFP hereby undertake and agree to abide by all the terms and conditions
120 77-78 Please be guided by the RFP
Declaration for Compliance including all addendum, corrigendum etc. (Any deviation may result in disqualification of bids). stipulated by the Bank in this RFP including all addendum, corrigendum etc.
(Any deviation may result in disqualification of bids).

1.5 Demographic match from the Aadhaar Data Vault should be Please elaborate the requirement of demo graphic match in case of Vault /
121 Annexure-E 78 Please be guided by the RFP
done using the reference key. Aadhaar number should not be used in such cases. reference key

Request IPPB to clarify on the requirement for maintaining integrity of

The solution should be capable of maintaining the integrity of encrypted Aadhaar number associated with
122 2.4 79 encrypted Aadhaar number associated with reference key. Is bidder Clause self explanatory, Please be guided by the RFP
reference key.
supposed to propose a separate security solution for maintain integrity.

The ADV solution provided by the bidder shall support encryption and storage of scanned Aadhaar Card As per RFP, there is a requirement of File encryption solution. Request
123 5 79 PDF / Image file and any other document / images as per the data encryption and storage guidelines issued inputs on number of Aadhaar Card PDF / Image file that will be stored IPPB Details shall be provided to sucessful bidder
by UIDAI in a separate File Server. ADV over 5 years to size file encryption solution.

ADV platform provided by the bidder shall support Non repudiation of stored data in database or storage As per RFP requirement, Bidder need to propose Non-repudiation solution.
124 9.1 80 and should not permit any user to replace the encrypted Aadhaar number / data associated with Reference Please confirm whether Bidder can consider audit logging mechanism to Please be guided by the RFP
number value with another encrypted Aadhaar number / data. ensure non-repudiation of stored data in database or storage.
Auditing and Logging: The Aadhaar Data Vault Solution should have the capability of detailed logging and
Request clarification on log retention policy for storage of logging and audit
audit tracking of all key state changes, administrator access and policy changes. The Audit trails should be Details shall be provided to sucessful bidder to
125 15 81 tracking activities of all key state changes, administrator access and policy
securely stored and signed for non- repudiation. The logs should be integrated with the Bank’s SIEM tool comply with log retention policy of bank
changes.
for monitoring and alerting.
As per requirement, ADV shall integrate with existing PIM Solution. Request
Bank will share the detail of PIM product with
126 23 82 The ADV platform should have the ability to integrate in the existing PIM solution for authentication. to share Make, model and version of existing PIM solution with which ADV
selected bidder
shall be integrated.
Bidder assumes that the license will be for one legal entity IPPB. Hardware
127 Annexure F 88 Perpetual License cost with required TPS needs to be proposed for existing branches of IPPB and Please be guided by the RFP
Aadhar numbers for the contract period. Is bidder understanding is correct?
SI No Clause No Page No Clause
Article 3: Consequences of Breach Without prejudice to any rights that may be available to the
Principal/Owner under law or the Contract or its established policies and laid down procedures, the
Principal/Owner shall have the following rights in case of breach of this Integrity Pact by the Vendor(s)/ and
the Vendor accepts and undertakes to respect and uphold the Principal/Owner’s absolute right: 1. If the
Vendor(s)/, either before award or during execution of Contract has committed a transgression through a
violation of Article 2 above or in any other form, such as to put his reliability or credibility in question, the
Principal/Owner after giving 14 days’ notice to the Vendor shall have powers to disqualify the Vendor(s)/
from the Tender process or terminate/determine the Contract, if already executed or exclude the Vendor
from future contract award processes. The imposition and duration of the exclusion will be determined by
the severity of transgression and determined by the Principal/Owner. Such exclusion may be forever or for
a limited period as decided by the Principal/Owner. 2. To immediately call off the pre contract negotiations
without assigning any reason or giving any compensation to the VENDOR. However, the proceedings with
the other VENDOR(s) would continue. III. To recover all sums already paid by the BUYER, and in case of an
Indian VENDOR with interest thereon at 2% higher than the prevailing Prime Lending Rate of State Bank of
India, while in case of a VENDOR from a country other than India with interest thereon at 2% higher than
the LIBOR. If any outstanding payment is due to the VENDOR from the BUYER in connection with any other
56. Annexure H – Pre- contract for any other stores, such outstanding payment could also be utilized to recover the aforesaid sum
128 92-101
Contract Integrity Pact and interest. IV. To encash the advance bank guarantee and performance bond/warranty bond, if
furnished by the VENDOR, in order to recover the payments, already made by the BUYER, along with
interest. V. To cancel all or any other Contracts with the VENDOR. The VENDOR shall be liable to pay
compensation for any loss or damage to the BUYER resulting from such cancellation / rescission and the
BUYER shall be entitled to deduct the amount so payable from the money(s) due to the VENDOR. VI. To
debar the VENDOR from participating in future bidding processes of the Government of India for a
minimum period of five years, which may be further extended at the discretion of the BUYER. 4.3 The
decision of the BUYER to the effect that a breach of the provisions of this Pact has been committed by the
VENDOR shall be final and conclusive on the VENDOR. However, the VENDOR can approach the
Independent Monitor(s) appointed for the purposes of this Pact Article 6: Duration of the Pact This Pact
begins when both the parties have legally signed it. It expires for the Vendor/Vendor 12 months after the
completion of work under the contract or till the continuation of defect liability period, whichever is more
and for all other Vendors, till the Contract has been awarded. Article 10: Validity a. The validity of this
Integrity Pact shall be from date of its signing and extend up to a period of contract and any extended
period notified by BUYER. b. The complete execution of the contract to the satisfaction of both the BUYER
and the VENDOR/Seller, including warranty period, whichever is later, in case VENDOR is unsuccessful, this
integrity Pact shall expire after six months from the date of the signing of the contract.
57. Annexure J – Format of
129 Performance Bank 102-104 PBG FORMAT IS PROVIDED
Guarantee.
Query Bank Response
Article 3: Consequences of Breach Without prejudice to any rights that may
be available to the Principal/Owner under law or the Contract or its
established policies and laid down procedures, the Principal/Owner shall
have the following rights in case of breach of this Integrity Pact by the
Vendor(s)/ and the Vendor accepts and undertakes to respect and uphold
the Principal/Owner’s absolute right: 1. If the Vendor(s)/, either before
award or during execution of Contract has committed a transgression
through a violation of Article 2 above or in any other form, such as to put his
reliability or credibility in question, the Principal/Owner after giving 14 days’
notice to the Vendor shall have powers to disqualify the Vendor(s)/ from
the Tender process or terminate/determine the Contract, if already
executed or exclude the Vendor from future contract award processes. The
imposition and duration of the exclusion will be determined by the severity
of transgression and determined by the Principal/Owner. Such exclusion
may be forever or for a limited period as decided by the Principal/Owner. 2.
To immediately call off the pre contract negotiations without assigning any
reason or giving any compensation to the VENDOR. However, the
proceedings with the other VENDOR(s) would continue. III. To recover all
sums already paid by the BUYER under the Contract resulting from the RFP,
and in case of an Indian VENDOR with interest thereon at 2% higher than
the prevailing Prime Lending Rate of State Bank of India, while in case of a
VENDOR from a country other than India with interest thereon at 2% higher Please be guided by the RFP
than the LIBOR. If any outstanding payment is due to the VENDOR from the
BUYER in connection with any other contract for any other stores, such
outstanding payment could also be utilized to recover the aforesaid sum
and interest. IV. To encash the advance bank guarantee and performance
bond/warranty bond, if furnished by the VENDOR, in order to recover the
payments, already made by the BUYER, along with interest. V. To cancel
the contract resulting with the RFPall or any other Contracts with the
VENDOR. The VENDOR shall be liable to pay compensation for any loss or
damage to the BUYER resulting from such cancellation / rescission and the
BUYER shall be entitled to deduct the amount so payable from the money(s)
due to the VENDOR. VI. To debar the VENDOR from participating in future
bidding processes of the Government of India for a minimum period of five
years, which may be further extended at the discretion of the BUYER. 4.3
The decision of the BUYER to the effect that a breach of the provisions of
this Pact has been committed by the VENDOR shall be final and conclusive
on the VENDOR. However, the The VENDOR can approach the Independent
Monitor(s) appointed for the purposes of this Pact Article 6: Duration of
the Pact This Pact begins when both the parties have legally signed it. It
expires for the Vendor/Vendor 6 12 months after the completion of work
under the contract or till the continuation of defect liability period,
whichever is more and for all other Vendors, till the Contract has been
Please add: Kindly add the following: This Bank Guarantee issued by
____________________Bank, on behalf of the Bidder/Contractor in favor of
IPPB is in respect of the Contract/agreement dated________________. As
communicated by Bidder/Contractor on the date of execution of this Bank
Guarantee an amount of Rupees ______________ (Rupees
______________________________ only) is outstanding and payable to Please be guided by the RFP
Bidder/Contractor by IPPB, in respect of pervious contracts between
Bidder/Contractor and IPPB. As communicated by Bidder/Contractor on
the date of execution of this Bank Guarantee, there are no outstanding
disputes related to any pervious contracts between Bidder/Contractor and
IPPB.
SI No Clause No
58. Annexure K – Format for
130
Bank Guarantee for EMD
60. Annexure L (A) -
131 Compliance Statement –
Reverse Auction
61. Annexure M –
132 Confidentiality / Non
Disclosure Agreement
Page No Clause Query Bank Response
2. We, the …………………. Bank at ……………… (local address) having our Head
office at ……………………….., guarantee and undertake to pay immediately on
demand by India Post Payments Bank, the amount of Rs.
2. We, the …………………. Bank at ……………… (local address) having our Head office at ……………………….., ……………………………………………………………………………………
guarantee and undertake to pay immediately on demand by India Post Payments Bank, the amount of Rs. …………………………………………………….. (in words & figures) without any
…………………………………………………………………………………… …………………………………………………….. (in words & reservation, protest, demur and recourse. Any such demand made by the
105-106 Please be guided by the RFP
figures) without any reservation, protest, demur and recourse. Any such demand made by the valid holder valid holder of this Guarantee shall be conclusive and binding on us
of this Guarantee shall be conclusive and binding on us irrespective of any dispute or difference raised by irrespective of any dispute or difference raised by the Bidder. The EMD will
the Bidder. be forfeited: if the Bidder fails: a. To execute Contract on mutually agreed
terms and conditions within the stipulated time: b. To respond to the
Purchase order within the stipulated time, Or c. To furnish Performance
Bank Guarantee as mentioned in Performance Bank Guarantee herein
3. Subject to the deviations submitted along with the bid proposal, Wwe
hereby undertake and agree to abide by all the terms and conditions
3. We hereby undertake and agree to abide by all the terms and conditions stipulated by India Post
stipulated by India Post Payments Bank in the RFP document including all
Payments Bank in the RFP document including all annexure and the Business Rules for Reverse Auction. 5.
114-115 annexure and the Business Rules for Reverse Auction. 5. We, hereby Please be guided by the RFP
We, hereby confirm that we will honor the Bids placed by us during the auction process, failing which we
confirm that we will honor the Bids placed by us during the auction process,
shall forfeit the EMD. We also understand that the bank may debar us from participating in future tenders
failing which we shall forfeit the EMD. We also understand that the bank
may debar us from participating in future tenders
c) “Confidential Information” shall mean and includes, without limitation,
any and all information, data, knowledge, and know-how, whether
pertaining to commercial, technical, scientific, operational, administrative,
financial, marketing or business affairs, or intellectual property, or
otherwise (in whatever form and however communicated) relating, directly
c) “Confidential Information” shall mean and includes, without limitation, any and all information, data,
or indirectly, to the Provider, which the Provider or its employees, directors,
knowledge, and know-how, whether pertaining to commercial, technical, scientific, operational,
officers, agents, consultants etc., would have disclosed or delivered prior to
administrative, financial, marketing or business affairs, or intellectual property, or otherwise (in whatever
the date of this Agreement, or is disclosed or delivered after the date of this
form and however communicated) relating, directly or indirectly, to the Provider, which the Provider or its
Agreement, to the Recipient or to any third party on the request of the
employees, directors, officers, agents, consultants etc., would have disclosed or delivered prior to the date
Recipient, in writing, electronically, verbally, or through visual means, either
of this Agreement, or is disclosed or delivered after the date of this Agreement, to the Recipient or to any
with the disclaimer of confidentiality or not, or which the Recipient (or such
third party on the request of the Recipient, in writing, electronically, verbally, or through visual means,
third party) learns, obtains or derives, orally, through observation or
either with the disclaimer of confidentiality or not, or which the Recipient (or such third party) learns,
through analysis, interpretations, compilations, studies, or evaluations of
obtains or derives, orally, through observation or through analysis, interpretations, compilations, studies,
such information, data, knowledge, or know-how; for clarity, the
or evaluations of such information, data, knowledge, or know-how; for clarity, the information, data,
information, data, knowledge, and know-how includes, without limitation,
knowledge, and know-how includes, without limitation, those in the nature of, or pertaining to, business
those in the nature of, or pertaining to, business plans, marketing and
plans, marketing and financial plans, strategy, projections, policy details, client details, various products,
financial plans, strategy, projections, policy details, client details, various
details regarding pricing, technical know-how etc. in respect of such products, and also the documents,
products, details regarding pricing, technical know-how etc. in respect of
registers, books, photographs, notes, renderings, journals, notebooks, computer programs, computer
such products, and also the documents, registers, books, photographs,
readable video, audio or sound files, and samples relating thereto;; 2. TERM This Agreement will remain in
notes, renderings, journals, notebooks, computer programs, computer
effect for ………….. years from the date of the last disclosure of Confidential Information (“Term”), at which
readable video, audio or sound files, and samples relating thereto;; The
time it will terminate, unless extended by the provider of information in writing. 3. USE OF THE
verbal information should be confirmed as “confidential” within 5 days of
CONFIDENTIAL INFORMATION; NON-DISCLOSURE The Recipient hereby agrees that it shall use the
such disclosure. 2. TERM This Agreement will remain in effect for …………..
Confidential Information only for the Agreed Purpose. Further, the Recipient shall not, except with the prior
116-126 years from the date of the last disclosure of Confidential Information______ Please be guided by the RFP
written consent of the Provider or in accordance with this Agreement disclose, transfer, or use, to its
(“Term”), at which time it will terminate, unless extended by the provider of
financial or monetary advantage, any such Confidential Information. The obligation of the Recipient
information in writingparties. 3. USE OF THE CONFIDENTIAL INFORMATION;
contained in this Clause 3 shall not be limited in point in time save and except at such time as the exclusions
NON-DISCLOSURE The Recipient hereby agrees that it shall use the
contained hereof become applicable in respect thereof as per Clause 2 hereof. Also, the Recipient and its
Confidential Information only for the Agreed Purpose. Further, the Recipient
SI No Clause No Page No Clause
contained hereof become applicable in respect thereof as per Clause 2 hereof. Also, the Recipient and its Query Bank Response
Confidential Information only for the Agreed Purpose. Further, the Recipient
Representatives will not disclose to any person the fact that the Confidential Information has been made
shall not, except with the prior written consent of the Provider or in
available to it or its Representatives or that Confidential Information has been provided by Provider to the
accordance with this Agreement disclose, transfer, or use, to its financial or
Recipient and/or its representatives. 6. OWNERSHIP OF THE CONFIDENTIAL INFORMATION (b) By
monetary advantage, any such Confidential Information. The obligation of
disclosing the Confidential Information or executing this Agreement, the Provider does not grant any
the Recipient contained in this Clause 3 shall survive for a period of 2 years
license, explicitly or implicitly, under any trademark, patent, copyright, mask work protection right, trade
after the termination or expiry of the Agreement not be limited in point in
secret or any other intellectual property right. The Provider disclaims all warranties regarding the
time save and except at such time as the exclusions contained hereof
information, including all warranties with respect to infringement of intellectual property rights and all
become applicable in respect thereof as per Clause 2 hereof. Also, the
warranties as to the accuracy or utility of such information 20. DAMAGES: b) The provisions of this
Recipient and its Representatives will not disclose to any person the fact
Agreement are necessary for the protection of the business goodwill of the parties and are considered by
that the Confidential Information has been made available to it or its
the parties to be reasonable for such purposes. Both the parties agree that any breach of this Agreement
Representatives or that Confidential Information has been provided by
will cause substantial and irreparable damages to the other party and, therefore, in the event of such
Provider to the Recipient and/or its representatives. 6. OWNERSHIP OF THE
breach, in addition to other remedies, which may be available, the party violating the terms of Agreement
CONFIDENTIAL INFORMATION (b) By disclosing the Confidential
shall be liable for the entire loss and damages on account of such disclosure. c) Each party agrees to
Information or executing this Agreement, the Provider does not grant any
indemnify the other against loss suffered due to breach of contract and undertakes to make good the
license, explicitly or implicitly, under any trademark, patent, copyright, mask
financial loss caused directly or indirectly by claims brought about by its customers or by third parties.
work protection right, trade secret or any other intellectual property right.
The Provider disclaims all warranties regarding the information, including all
warranties with respect to infringement of intellectual property rights and
all warranties as to the accuracy or utility of such information except
warranty with respect to infringement of intellectual property rights. 20.

1. We (name of the company) hereby confirm that all the resource (both on-
site and off-site) deployed/to be deployed on Bank’s project for (Name of
1. We (name of the company) hereby confirm that all the resource (both on-site and off-site) deployed/to
the RFP) have undergone KYE (Know Your Employee) process and requisite
be deployed on Bank’s project for (Name of the RFP) have undergone KYE (Know Your Employee) process
checks have been performed prior to employment of said employees as per
and requisite checks have been performed prior to employment of said employees as per our policy. 2.
our policy. 2. We further undertake and agree to save defend and keep
We further undertake and agree to save defend and keep harmless and indemnified the Bank against all
harmless and indemnified the Bank against all loss, cost, damages, claim
133 130-132 loss, cost, damages, claim penalties expenses, legal liability because of non compliance of KYE and of Please be guided by the RFP
penalties expenses, legal liability because of non compliance of KYE and of
misconduct of the employee deployed by us to the Bank. 3. We further agree to submit the required
misconduct of the employee deployed by us to the Bank. 3. We further
supporting documents (Process of screening, Background verification report, police verification report,
agree to submit the required supporting documents (Process of screening,
character certificate, ID card copy, Educational document, etc) to Bank before deploying officials in Bank
Background verification report, police verification report, character
premises for (Name of the RFP).”
certificate, ID card copy, Educational document, etc) to Bank before
deploying officials in Bank premises for (Name of the RFP).”

how many Aadhar no will be stored in Vault and what is YoY growth
expected

How many transactions related to aadhar no will be done and what is YoY
134 Generic NA Detailed Volumetrics for Infra sizing are required Details shall be provided to sucessful bidder.
growth envisaged.

Apart from DC, DR and UAT does the bidder needs to provide any other non
production environment
Clause 5.5 and 5.6 for Eligibilty Criteria stands
clubbed together.Read Clubbed Clause as " The
OEM/Bidder should have implemented Aadhar Data
Vault Solution with TPS of 500 and above to any
The bidder should have implemented Aadhaar Data Vault Solution with TPS of 500 and above to any Banks
Banks / Insurance Company / Government
135 48.5 74 / Insurance Company / Government Organizations / Financial Institutions in India, during last three years as Bidder would request Bank to relax the clause
Organizations / Financial Institutions in India, during
on date of RFP
last three years as on date of RFP. The bidder has to
submit Purchase Order and Performance Certificate
of solution"

Clause 5.5 and 5.6 for Eligibilty Criteria stands

clubbed together.Read Clubbed Clause as " The
OEM/Bidder should have implemented Aadhar Data
Vault Solution with TPS of 500 and above to any
OEM/ Bidder should have implemented of Data Vault/Data repository/ Secured Data base/ Similar Solution
Banks / Insurance Company / Government
136 48.6 74 (being quoted) in at least One PSU/ Government Organizations / BFSI in India, during last three years as on Bidder would request Bank to relax the clause
Organizations / Financial Institutions in India, during
date of RFP
last three years as on date of RFP. The bidder has to
submit Purchase Order and Performance Certificate
of solution"
SI No Clause No Page No Clause Query Bank Response
Bidder would like to know the details of current Core Banking System used
137 General Details shall be provided to the sucessful bidder
by the Bank
Which Other Products are Currently Used by the Bank? Specify Vendor
Details for each
a. Mobile Banking Solution
b. Internet Banking Solution
c. Anti Money Laundering Solution
138 General Details shall be provided to the sucessful bidder
d. Loan Origination System
e. Legal Recovery Solution
f. Agent Banking Solution
g. Mobile Wallet Solution
h. Any other product/solution/middleware used by Bank

139 General Total Customer Base & Projected Growth Rate Details shall be provided to the sucessful bidder

140 General Total Number of Accounts & Projected Growth Rate Details shall be provided to the sucessful bidder

141 General Total Number of Transactions & Projected Growth Rate Details shall be provided to the sucessful bidder

Projected Transactions per Day per Solution required & Projected Growth
142 General Details shall be provided to the sucessful bidder
Rate

Projected Transactions per Second per Solution required & Projected

143 General Details shall be provided to the sucessful bidder
Growth Rate

144 General Average Transactions per Day per Branch & Projected Growth Rate NA

145 General Minimum/Maximum Bandwidth Available per Branch NA

The Bidder is required to integrate the proposed solution with CBS, MATM, Mobile Banking, Merchant App, The exact count of Business Applications help us determine the BOM and
146 6.5 14 CKYC, ODS/SAS and any other applications, with other service providers as and when required without any appropriate hardware sizing. Kindly provide us the total number of Details shall be provided to succesful bidder.
extra cost to the Bank. connecting Business Applications.
Aadhaar Data vault solution designed under the guidelines proposed by
UIDAI for storing of Aadhaar. The solution basically offers tokenization
The bidder will coordinate with the existing vendor and other vendor or NPCI or any other Solution Provider through external API interfaces, hence the need for integration with
147 6.7 14 that Bank may take in future to make devices compatible for such applications. The bidder has to provide external devices does not arise as per the given guidelines of UIDAI. Clause self explanatory, Please be guided by RFP
support and applicable patches as and when released. Furthermore the need for NPCI or other vendor compatibility does not arise
since it is purely API based service. Hence we would request to remove this
clause.
The reporting and logging system of the Aadhaar Data Vault shall integrate seamlessly with existing SIEM
Solution. The Solution is also required to be integrated with Bank’s existing Privileged Identity Management Being deployed in a sensitve & Militarized zone, ADV solution is equipped
148 6.19 17 (PIM) Solution. As required by Bank the Bidder shall provide all the required information and data for with its own authentication mechanism , so we request you to relax this Please be guided by RFP
integrating with SIEM & PIM Solution. Integration with Bank’s existing information security tools is clause.
responsibility of the Bidder.
Minimum 2 Resources – 1 L1 Resource for 24 *7 and 1 L2 resource from 08:00 AM to 10:00 PM should be
available at Bank’s Corporate Office site on 7 Days a week working basis. In addition, 1 L1 Resource should
be available at Bank’s DC and DRC site each for 24*7 Infra support on 7 days a week working basis.
However, in case of business requirements, vendor may be asked to depute the resources beyond the Our assumption for the number of resources is a total of 4, 2 for Bank's
Please refer to revised clause 11.1 and 11.11 in the
149 11.11 39 above stipulated time. The timing may be changed at Bank’s discretion. However, during the Corporate Office, 1 for DC and 1 for DR. IS our assumption correct? Kindly
corrigendum.
implementation phase, testing, planned activity and emergency period, resources may have to work 24x7 confirm.
depending upon the Bank requirement. Payment will be released monthly basis in arrears against invoice
raised and after verification with attendance register maintained in Bank.
register maintained in Bank.
The Offered ADV solution is a standard OEM product designed as per the
Bidder has to agree to keep source code of proposed solution with approved / recognized escrow agency guidelines released by UIDAI for data vault. The product does not have any
under escrow arrangements mutually acceptable to the bank and Bidder for entire project period. Cost of modules that offers customization.
150 33.1 56 Please be guided by RFP
the escrow arrangement to be borne by Bidder. Contract will be signed on mutually acceptable terms with Morover our ADV solution has been deployed and has completed all the
bank and escrow agent. necessary audit.
Considering these points we request to relax the clause.
SI No Clause No Page No Clause Query Bank Response
Demographic data can only be verified by UIDAI using UID token and user
Demographic match from the Aadhaar Data Vault should be done using the reference key. Aadhaar number
151 1.5 78 authentication. ADV is not responsible for demographic data matching or Please be guided by RFP
should not be used in such cases.
verification. Request to remove this clause.
The Auth API or eKYC API specification applies only to the
solutions that needs to directly commuicated with the UIDAI / KSA services.
ADV solution per se do not communicate with UIDAI / KSA service directly.
152 1.6 79 The platform should be compliant / support API 2.5 and above as designed by UIDAI Please be guided by RFP
The solution is deployed in-house and interacts only with the in-house
applications.
Hence requirst to remove this clause.

As ADV is proposed to be used for storing Aadhaar Numbers and other

related data pertaining to Aadhaar, please provide us the volume details to
help us determine the hardware sizing necessary to deploy ADV solution
- Total No of Aadhaar records present (on day 1)
The ADV solution provided by the bidder shall support encryption and storage of scanned Aadhaar Card - Year on Year Aadhaar addition
Details shall be provided to sucessful bidder.
153 5 79 PDF / Image file and any other document / images as per the data encryption and storage guidelines issued - No of applications to be connected with Aadhaar Data Vault
by UIDAI in a separate File Server. - Estimated Growth of Aadhaar Number YOY
- No of Per day requests to retrieve EKYC / Scanned Aadhaar card data
- TPS (Transaction Per Second) to be considered

Being deployed in a sensitve & Militarized zone, ADV solution is equipped

154 23 82 The ADV platform should have the ability to integrate in the existing PIM solution for authentication. with its own authentication mechanism , so we request you to relax this Please be guided by RFP
clause.
Bidder shall abide by the ISMS framework of the Bank which includes Incident Management, Change
155 33 83 Please share a copy of ISMS framework to abide by it Details shall be provided to succesful bidder.
Management and Capacity management etc.
what is the integration mechanism to integrate all application with point to
The Bidder is required to integrate the proposed solution with CBS, MATM, Mobile Banking, Merchant App,
point connectivity or SOA approach.
156 Broad scope of work 14 CKYC, ODS/SAS and any other applications, with other service providers as and when required without any Please be guided by RFP
Integration tool are you using or bidder has to include in this. Please provide
extra cost to the Bank.
some guidelines to the integration mechanism.
The Solution is also required to be integrated with
Bank’s existing Privileged Identity Management
ADV platform offered by the bidder should be capable of providing a GUI for enabling creation of multiple (PIM) Solution. As required by Bank the Bidder shall
Point no.8 User management Is that application has to integrate with existing Identity Access
157 80 API / Admin users. Authorized Bank Officials should be able to login to this web based platform and should provide all the required information and data for
Functionality management tool are you using or bidder has to include in this. Please
be to create multiple Admin / API users. This should be through maker checker facility with logging. integrating with SIEM & PIM Solution. Integration
provide some guidelines to it.
with Bank’s existing information security tools is
responsibility of the Bidder
Please direct a guideline/specification for High Availibility of data at each
tier. I could be as: A tool should have capability to:
· support for central storage of data with multiple instances of database in a
clustered environment access the single database.
· Should be an enterprise class database with the ability to support
The ADV solution provided by the bidder should be configured in HA mode at Bank’s Data Center. The connection pooling, load sharing and load balancing when the load on the
Point no.6 Technical Please be guided by RFP as clause is self
158 80 Solution shall be highly scalable to meet the future requirements of the Bank. The Solution should have application increases.
Specification explanatory.
capabilities for Auto Sync for the DC and DR Location with same level of security. · Database should have native, active-active clustering with objectives of
scalability and high availability. The solution should provide single image
database concurrently accessed by multiple database servers, without
repartitioning or changes to the database objects or 3rd party transaction
routing mechanisms.
This will help SI's to quantify the implementation boundries.
It is suggested that solution to have a capability of "Provision to create
The Aadhaar number and any connected data maintained on the Aadhaar Data Vault (ADV) should be kept certificates and implement Public Key Infrastructure (PKI) while sending
159 Point No 1.1 78 Please be guided by the RFP
encrypted and access to it is strictly controlled only for authorized systems. encrypted data over a network to ensure that data is not tampered with and
sent only by the intended sender by verifying signatures."
It is suggested that solution to have a capability of "The Encryption solution
The Aadhaar number and any connected data maintained on the Aadhaar Data Vault (ADV) should be kept should be able to protect data-at-rest, data-in-motion, classified data
160 Point No 1.1 79 Please be guided by the RFP
encrypted and access to it is strictly controlled only for authorized systems. against root privileged user account access. It should also protect file, folder
level encryption."
The ADV solution provided by the bidder shall support encryption and storage of scanned Aadhaar Card It is suggested that solution to have a capability of "The encrytion platform
Please be guided by RFP as clause is self
161 pointno-5 79 PDF / Image file and any other document / images as per the data encryption and storage guidelines issued Should support for encryption for objects like LOB, Streams and Standby
explanatory.
by UIDAI in a separate File Server. databases"
SI No Clause No Page No Clause Query Bank Response
ADV platform offered by the bidder should be capable of providing a GUI for enabling creation of multiple
It is suggested that proposed solution to have a capability of "Audit system Please be guided by RFP as clause is self
162 Point no 8.1 80 API / Admin users. Authorized Bank Officials should be able to login to this web based platform and should
should enforce separation of duties between auditors and administrator." explanatory.
be to create multiple Admin / API users. This should be through maker checker facility with logging.
It is suggested that solution to have a capability of "Auditor's should have
This web based interface should also support Edit / Delete / Please be guided by RFP as clause is self
163 Point no 8.2 80 direct access to the audit system to view audit reports and should be able
Modify user/reset password functionality. .This should be through maker checker facility with logging. explanatory.
create custom reports."
Not only roles solution to have "It should support the separation of
Please be guided by RFP as clause is self
164 Point no 25 82 The admin and user roles should be segregated. security functionality from application functionality and database
explanatory.
administration functionality."
It is suggested "Solution should support fine-grained policy to enable
Please be guided by RFP as clause is self
165 Point no 25 82 The admin and user roles should be segregated. administrator to perform activity like file archive and backup, without
explanatory.
access to the data content itself."
It is suggested to have a capability "The Tool should enforce access control
Please be guided by RFP as clause is self
166 Point no 25 82 The admin and user roles should be segregated. by comparing the data label with the label or security clearance of the user
explanatory.
requesting access"
Clause 5.5 and 5.6 for Eligibilty Criteria stands
clubbed together.Read Clubbed Clause as " The
The bidder should have implemented State Resident Data Hub and OEM/Bidder should have implemented Aadhar Data
Authentication Framework for any Banks / Insurance Company / Vault Solution with TPS of 500 and above to any
The bidder should have implemented Aadhar Data Vault Solution with TPS of 500 and above to any Banks /
Clause: 5 Eligibility Criteria, Pg. no. Government Organizations / Financial Institutions in India with the project Banks / Insurance Company / Government
167 Insurance Company / Government Organizations / Financial Institutions in India,during last three years as
5.5 15 value more than Rs 4 Crores during last five years as on date of RFP. The Organizations / Financial Institutions in India, during
on date of RFP. The bidder has to submit Purchase Order and Performance Certificate of solution.
bidder has to submit Purchase Order/ Agreement/ Performance Certificate last three years as on date of RFP. The bidder has to
of solution. submit Purchase Order and Performance Certificate
of solution"

Clause 5.5 and 5.6 for Eligibilty Criteria stands

clubbed together.Read Clubbed Clause as " The
OEM/Bidder should have implemented Aadhar Data
The Bidder should have the experience of implementing Aadhaar based
Vault Solution with TPS of 500 and above to any
OEM/Bidder should have implemented Aadhaar Data Vault/ in at least One PSU/ Government authentication framework with the operation and maintenance phase for at
Clause: 5 Eligibility Criteria, Pg. no. Banks / Insurance Company / Government
168 Organizations / BFSI in India, during last three years as on date of RFP. The bidder has to submit Purchase least 2 years on the date of RFP for any PSU/ Government Organizations in
5.6 15 Organizations / Financial Institutions in India, during
Order / Performance Certificate of solution. India. The bidder has to submit Purchase Order/ Agreement / Performance
last three years as on date of RFP. The bidder has to
Certificate of solution.
submit Purchase Order and Performance Certificate
of solution"

All HSMs do not support scheduling policy for Key rotation. However Key
The Application should have the capabilities for updating / retrieving the Aadhaar Number or related data
rotation can be performed by application and zero downtime can be
169 14 81 from Aadhaar Data Vault, during the Key Rotation of the HSM Keys to be done automatically by HSM itself Please be guided by RFP
achieved. Hence request you to remove "to be done automatically by HSM
using a scheduling policy. The Activity should not require any Downtime.
itself using a scheduling policy" to be vendor neutral.
The Bidder must have minimum annual turnover of Rs. 4.00 crore each in last three financial years (i.e.
2016-17, 2017-18 & 2018-19) from Indian operations. Audited financial statements for FY2016-17, FY2017- Our submission is that please increase the bidder turnover to accommodate
170 5.3 Eligibility Criteria 12 18 & FY2018-19 are to be submitted. In case the audited financials for the year 2018-19 is not available, CA the right bidders to participate. Also, In the overall turnover, appropriate Please be guided by RFP
Certificate should be submitted. This must be the individual company turnover and not that of any group of consolidated IT / Cyber Security turnover is recommended to be included
companies
Both criteria are on similar lines and hence can be clubbed together. Also,
we request to please accept ADV solution of 200 TPS and above, as an
Clause 5.5 and 5.6 for Eligibilty Criteria stands
implementation reference.
The bidder should have implemented Aadhar Data Vault Solution with TPS of 500 and above to any Banks / clubbed together.Read Clubbed Clause as " The
Insurance Company / Government Organizations / Financial Institutions in India, during last three years as OEM/Bidder should have implemented Aadhar Data
OEM/Bidder should have implemented Aadhar Data Vault Solution with TPS
on date of RFP. The bidder has to submit Purchase Order and Performance Certificate of solution Vault Solution with TPS of 500 and above to any
of 200 and above to any PSU/ Banks / Insurance Company / Government
Banks / Insurance Company / Government
171 5.5 & 5.6 12 Organizations / Financial Institutions in India, during last three years as on
Organizations / Financial Institutions in India, during
date of RFP.
OEM/Bidder should have implemented Aadhaar Data Vault/ in at least One PSU/ Government last three years as on date of RFP. The bidder has to
Organizations / BFSI in India, during last three years as on date of RFP. The bidder has to submit Purchase submit Purchase Order and Performance Certificate
The bidder has to submit Purchase Order and Performance Certificate of
Order / Performance Certificate of solution of solution"
solution - As most of the govt. organization does NDA with successful bidder
hence submitting certificate/reference letter might not be feasible. Can the
same be submitted over OEM's letterhead with client details.
6.5. The Bidder is required to integrate the proposed solution with CBS, MATM, Mobile Banking, Merchant We recommend for major customization (efforts required more than 10
172 6.5 App, CKYC, ODS/SAS and any other applications, with other service providers as and when required without man days), Bank will pay the charges as per customization charge Please be guided by RFP
any extra cost to the Bank discovered.
SI No Clause No Page No Clause Query Bank Response

Bidder requests following payment terms as bidder will have to make 100%
payment upfront to the 3rd party HW and license vendors
HW & software licenses (inclusive of 5 year warranty) - 100% on delivery
173 23. Payment Terms 46 Please be guided by RFP
Bidder requests milestone payment terms for installation and
implementation services as below:
50% on delivery, 20% on installation, 30% on Acceptance by customer

Bidder on submission of proposal indemnifies to protect and save the Bank and hold the Bank harmless
174 27. Indemnity 51 from and against all claims, losses, costs, damages, expenses, action suits and other proceedings, (including No Query raised by the Bidder on the Clause
reasonable attorney fees), relating to or resulting directly or indirectly from
51. Annexure E –Technical 17. The solution must be able to support storage of the root of trust master Key on a FIPS 140-2, minimum As per the current best practice, it is recommended to use FIPS 140-2 Level
175 81 Please be guided by RFP
Specifications Level 2 certified HSM device. 3 certified HSM
51. Annexure E –Technical 18. Aadhaar Data Vault solution should be scaled to higher TPS on the same HSM, solution should be field
176 81 “Scaled to Higher TPS” should be capped at 5 years projection of 2300 TPS. Please be guided by RFP
Specifications upgradable and should not involve additional procurement of hardware post solution is implemented.
How many Aadhaar numbers have to be considered for the storage
51. Annexure E –Technical 18. Aadhaar Data Vault solution should be scaled to higher TPS on the same HSM, solution should be field
177 81 calculation? How many users/accounts will be registered with the solution Details shall be provided to sucessful bidder.
Specifications upgradable and should not involve additional procurement of hardware post solution is implemented.
over a period of 5 years?
Technical specification to include:
51. Annexure E –Technical 1.Build-in API Gateway for be er API management.
178 81 Additional technical specification recommened Please be guided by RFP
Specifications 2.PKI based Authen ca on – PKI enabled API authen ca on for calling
applications in order to have secured communication
51. Annexure E –Technical 19. The Aadhaar Data Vault solution should be designed to achieve 1100 TPS with a 5-year projection of Its recommended to have design specification of 3000 TPS if 2300 TPS is
179 82 Please be guided by RFP
Specifications 2300 TPS. required