S-1/A Table of Content& Indirect Regulatory Requirements A number of our clients are financial institutions that are directly subject to various regulations and compliance obligations issued by the CFPB, the Office of the Comptroller of the Currency and other agencies responsible for regulating financial institutions While these regulatory requirements and compliance obligations do not apply directly to us. many of these requirements materially affect the services we provide to our clients and us overall. To remain competitive, we expend significant resources to assist our clients in meeting their various compliance obligations. including the cost of updating our systems and services as newly to allow our clients to comply with applicable laws and regulations, and the cost of dedicating sufficient resources to assist our clients in meeting their new and enhanced oversight and audit requirements established by the CFPB, the Office of the Comptroller of the Currency and others. The banking agencies, including the Office of the Comptroller of the Currency. also have imposed requirements on regulated financial institutions to manage their third-party service providers. Among other things. these requirements include performing appropriate due diligence when selecting third-party service providers: evaluating the risk management. information security, and information management systems of third-party service providers: imposing contractual protections in agreements with third-party service providers (such as performance measures, audit and remediation rights, indemnification, compliance requirements. confidentiality and information security obligations, insurance requirements. and limits on liability): and conducting ongoing monitoring of the performance of third-party service providers. Accommodating these requirements applicable to our clients imposes additional costs and risks in connection with our financial institution relationships. We expect to expe