2020 - IPPB - 561753 - 1 - RFP Document

RFP for Supply, Implementation and Maintenance of Aadhaar Data
Vault Solution
Request for Proposal (RFP) for

Supply, Implementation and Maintenance of
Aadhaar Data Vault Solution at DC & DR
India Post Payments Bank

Corporate Office, 2nd Floor Speed Post Center, Bhai Veer Singh Marg, Gole Market,
New Delhi- 110001
P a g e 1 | 136
Vault Solution
DISCLAIMER
The information contained in this Request for Proposal (RFP) is provided to the Bidder(s) on the terms
and conditions set out in this RFP document. The RFP document contains statements derived from
information that is believed to be true and reliable at the date obtained but does not purport to provide
all of the information that may be necessary or desirable to enable an intending contracting party to
determine whether or not to enter into a contract or arrangement with Bank in relation to the provision
of services.
The RFP document is not a recommendation, offer or invitation to enter into a contract, agreement or
any other arrangement, in respect of the services. The provision of the services is subject to observance
of selection process and appropriate documentation being agreed between the Bank and any successful
Bidder as identified by the Bank, after completion of the selection process as detailed in this document.
No contractual obligation whatsoever shall arise from the RFP process unless and until a formal contract
is signed and executed by duly authorized officers of India Post Payments Bank with the Bidder. The
purpose of this RFP is to provide the Bidder(s) with information to assist the formulation of their
proposals. This RFP does not claim to contain all the information each Bidder may require. Each Bidder
should conduct their own investigations and analysis and should check the accuracy, reliability and
completeness of the information in this RFP and where necessary obtain independent advice. India Post
Payments Bank makes no representation or warranty and shall incur no liability under any law, statute,
rules or regulations as to the accuracy, reliability or completeness of this RFP. India Post Payments Bank
may in its absolute discretion, but without being under any obligation to do so, update, amend or
supplement the information in this RFP.
GENERAL INSTRUCTIONS TO BIDDERS
All bidders must note that this being E-tender, bids received only through online on Central Public
Procurement Portal (www.eprocure.gov.in) (henceforth referred to as “CPP Portal”) shall be considered
as an offer. Any bid submitted in physical form will not be received or opened and shall be summarily
rejected.
NOTE: Submission of any bid document through offline mode will not be accepted. However, Bid
Security (EMD) signed by authorized signatory should be submitted through both online and offline
mode on or before last date & time of bid submission.
P a g e 2 | 136
Vault Solution
Invitation for Request for Proposal (RFP)

India Post Payments Bank (PPB) invites proposals for Supply, Implementation and Maintenance
of Aadhaar Data Vault Solution at DC and DR as per the details given in this document.
This RFP may be downloaded by the bidders free of cost from the e-procure website
(www.eprocure.gov.in) or from IPPB website (www.ippbonline.com).
RFP Summary Sheet
Name of the company India Post Payments Bank Limited

Procurement Reference Number IPPB/CO/IT/2020/05/CNS/09
Tender Cost Rs5,000/- (Rupees Five Thousand only)
Bidder can submit tender fee in the form of
DD/ NEFT/RTGS. in favour of “India Post
Payment Bank” payable at New Delhi.
RTGS/NEFT Details as under: -
India Post Payments Bank Limited
A/c No.: 36071473569
IFSC: SBIN0000691
Bank: State Bank of India, Parliament
Street, New Delhi.
(Exempt for MSE bidders, upon submission
of MSE certificate copy). Non submission of
tender fee will lead to disqualification of the
bidder.
Earnest Money Deposit (EMD) Rs. 40,00000/- (Rupees Forty lacs only)
Bank Account Details for NEFT/ RTGS of EMD Account No: 36071473569
to IPPB Account: IFSC Code: SBIN0000691
Bank: State Bank of India, New Delhi
Main Branch, Parliament Street, New
Delhi.
Date of issue of the RFP Date: 29/05/2020 Time: 04:00 PM
Last date to send Pre-Bid queries Date:05/06/2020 Time: 03:00 PM
Pre-bid meeting date Date: 12/06/2020 Time: 11:00 AM
Date and Time for RFP submission/ upload of Date: 29/06/2020 Time: 03:00 PM
bids
Date and time for opening of Technical offers Date: 30/06/2020 Time: 03:00 PM
Date and Time for Indicative Commercial bid To be communicated later
opening/Reverse Auction
Primary point of contact for RFP process and Name: Chaudhary Nishant Singh /Sachin
technical queries Kadam
P a g e 3 | 136
Vault Solution
Designation: Senior Manager

Email: nishant.c@ippbonline.in /
sachin.kadam@ippbonline.in
Place of Pre-bid meeting India Post Payments Bank Ltd.
2nd Floor, Speed Post Centre Building
Bhai Veer Singh Marg, Gole Market
New Delhi – 110001.
Place of Bid Opening of Bids India Post Payments Bank Ltd.
Address for Communication India Post Payments Bank Ltd.
The Bank reserves the right to change the schedule mentioned above or elsewhere mentioned
in the document, which will be communicated by placing the same as corrigendum on the Central
Public Procurement Portal (www.eprocure.gov.in) (hereon referred to as “CPP Portal”).
The copy of this document may be downloaded from the CPP Portal or IPPB website free of cost.
All bids must be accompanied by Earnest Money Deposit (EMD) of Rs. 40,00000/- (Rupees Forty
Lacs only) by way of NEFT/RTGS/ Bank Guarantee (BG) from Scheduled Commercial Banks
favoring “India Post Payments Bank Limited”. The EMD, if submitted in Bank Guarantee form,
should reach to above mentioned address of India Post Payments Bank Ltd on or before
29/06/2020, 03:00PM. This cover containing EMD in BG form shall be opened along with online
Technical Bids.
The Bank reserves the right to reject any or all offers without assigning any reason.
Tender offers will be opened in the presence of the bidder’s representatives who choose to
attend the opening of the tender on the above-specified date, time and place.
Technical Specifications, Terms and Conditions and various formats and pro forma for submitting
the tender offer are described in the tender document.
Common terms of reference / definition
P a g e 4 | 136
Vault Solution
Across the document the term

1) “Bank”, “Payments Bank”, “IPPB” refers to India Post Payments Bank.
2) “DoP” refers to Department of Post
3) “Bidder”, “Supplier”, “Vendor” refers to the applicants applying for this RFP and are
interested in Supply, Installation and Commissioning of Air Conditioners to the Bank
4) “Document” refers to this RFP document
5) “Tender”, “Tender offer”, “offer”, “bid”, “response” refers to the bid submitted by the
bidder in response to the RFP.
Note: Any bid received after scheduled date and time of the receipt of bids prescribed as mentioned
above, will not be accepted by the Bank. Bids once submitted will be treated as final and no further
correspondence will be entertained on this.
Abbreviations
The long form of some abbreviations commonly used in the document is given below:
Abbreviations Description
AES Advanced Encryption System
ADV Aadhaar Data Vault
API Application Program Interface
ASA Authentication Service Agency
DFS Department of Financial Services
DR Disaster Recovery
EMD Earnest Money Deposit
FIPS Federal Information Processing Standard
GUI Graphical User Interface
HA High Availability
HSM Hardware Security Module
IBA Indian Bank’s Association
P a g e 5 | 136
Vault Solution
IDRBT Institute of Development and Research in Banking
Technology
KSA KYC Service Agency
NABARD National Bank for Agriculture and Rural Development
NDA Non-Disclosure Agreement
NSIC National Small Industries Corporation
NPCI National Payments Corporation of India
PO Purchase Order
PSB Public Sector Bank
PSU Public Sector Undertaking
PBG Performance Bank Guarantee
PDF Portable Document Format
RPO Recovery Point Objective
RTO Recovery Time Objective
SLA Service Level Agreement
SOP Standard Operating Procedure
TB Terra Bytes
TCO Total Cost of Ownership
TO Technical Offer
TPS Transactions per Second
IPPB India Post Payments Bank
UID Unique Identification
UIDAI Unique Identification Authority of India
Table of Contents
1. Introduction .................................................................................................................................. 10
P a g e 6 | 136
Vault Solution
2. Integrity Pact (IP) .......................................................................................................................... 10

3. Objectives of the RFP .................................................................................................................... 11
4. Invitation of Tender Bids ............................................................................................................... 11
5. Eligibility Criteria ........................................................................................................................... 12
6. Broad Scope of Work ..................................................................................................................... 13
7. Disaster Recovery .......................................................................................................................... 19
8. Support ......................................................................................................................................... 19
9. Instructions for Bid Submission: .................................................................................................... 20
9.2. Performance Bank Guarantee .................................................................................................... 22
9.3. Language of Bid.......................................................................................................................... 22
9.4. Period of Validity of Bids ............................................................................................................ 23
9.5. Amendment of Bidding Documents ............................................................................................ 23
9.6. Authorization to Bid ................................................................................................................... 23
9.7. Two Part Bid............................................................................................................................... 24
9.8. Technical Bid.............................................................................................................................. 25
9.9. Indicative commercial offer........................................................................................................ 27
9.10. Technical Bid Evaluation ......................................................................................................... 27
9.11. Commercial Evaluation Process through Reverse Auction ....................................................... 28
9.12. RFP Clarifications.................................................................................................................... 29
9.13. Other Terms and Conditions of RFP ........................................................................................ 30
9.14. Award of contract .................................................................................................................. 35
9.15. Price Composition .................................................................................................................. 35
10. Taxes and Duties ........................................................................................................................ 36
11. Onsite development, support & maintenance Resource ........................................................... 37
12. Rejection of Bid ......................................................................................................................... 39
13. Pre-Bid Meeting ........................................................................................................................ 40
14. RFP Response ............................................................................................................................ 40
15. Modification and Withdrawals of Bid........................................................................................ 40
16. Liquidated Damage (LD) ............................................................................................................ 41
17. Warranty ................................................................................................................................... 41
P a g e 7 | 136
Vault Solution
18. Contract Period ......................................................................................................................... 42

19. AMC/ATS................................................................................................................................... 43
20. Adherence of cyber security policy............................................................................................ 44
21. Patent Rights ............................................................................................................................. 45
22. Price Validity ............................................................................................................................. 46
23. Payment Terms ......................................................................................................................... 46
24. Authorized Signatory................................................................................................................. 50
25. Limitation of liability ................................................................................................................. 50
26. Confidentiality........................................................................................................................... 50
27. Indemnity .................................................................................................................................. 51
28. Intellectual Property Rights ....................................................................................................... 53
29. Non-Transferable Offer ............................................................................................................. 54
30. Normalization of Bids ................................................................................................................ 54
31. Responsibility for Completeness ............................................................................................... 55
32. Customization Process .............................................................................................................. 55
33. Escrow Arrangement ................................................................................................................. 56
34. Ownership and Retention of Documents .................................................................................. 57
35. Penalty ...................................................................................................................................... 57
36. Service Level Agreement & Penalties ........................................................................................ 58
37. Documents and Manuals........................................................................................................... 60
38. Audit ......................................................................................................................................... 60
39. Force Majeure ........................................................................................................................... 61
40. Exit Clause ................................................................................................................................. 61
41. Termination of Contract ............................................................................................................ 62
42. Arbitration ................................................................................................................................ 63
43. Jurisdiction ................................................................................................................................ 64
44. Submission of Bids .................................................................................................................... 64
45. Annexure A – Letter of Acceptance ........................................................................................... 66
46. Annexure B - Bid Form .............................................................................................................. 69
47. Annexure C - Bidder’s Profile Format.......................................................................................... 71
P a g e 8 | 136
Vault Solution
48. Annexure D - Eligibility Criteria................................................................................................... 73

49. Annexure D (A) – Compliance to RFP terms & conditions ........................................................... 75
50. Annexure D (B) – Declaration for Compliance ............................................................................. 77
51. Annexure E –Technical Specifications........................................................................................ 78
52. Annexure E (A) – Hardware Specifications ................................................................................ 84
53. Annexure F – Unpriced Indicative Commercial Bid .................................................................... 84
54. Annexure F (A) - Indicative Commercial Bid .............................................................................. 88
55. Annexure G - Reference Site Details .......................................................................................... 90
56. Annexure H – Pre-Contract Integrity Pact. ................................................................................ 92
57. Annexure J – Format of Performance Bank Guarantee............................................................ 102
58. Annexure K – Format for Bank Guarantee for EMD ................................................................. 104
59. Annexure L - eReverse Auction Instructions for Bidders.......................................................... 107
60. Annexure L (A) - Compliance Statement – Reverse Auction .................................................... 114
61. Annexure M – Confidentiality / Non Disclosure Agreement .................................................... 116
62. Annexure N – Bid Query Format.............................................................................................. 127
63. Annexure O - Undertaking By Bidder ...................................................................................... 128
64. Annexure P - Undertaking of Information Security ................................................................. 128
65. Annexure Q - Letter for Refund of EMD .................................................................................. 129
66. Annexure R - Know Your Employee (KYE) ................................................................................. 130
67. Annexure S – Power of Attorney for signing of Application.................................................... 132
68. Annexure T Signed RFP Document .......................................................................................... 135
P a g e 9 | 136
Vault Solution
1. Introduction
India Post Payments Bank Limited (“IPPB”) is a company incorporated and registered under Companies
Act, 2013 and a payments banking company registered under section 22 (1) of the Banking Regulation
Act, 1949 duly licensed by RBI. IPPB is engaged in conducting banking and payments business providing
services to retail and corporate customers. IPPB has its Registered Office at Speed Post Center, Bhai
Veer Singh Marge, New Delhi – 110 001.
India Post Payments Bank (hereinafter called as “Bank” or “the Bank”) invites proposals from
experienced and eligible entities (hereinafter referred to as “Respondent” or “Bidder” or “Vendor”) for
Supply, Implementation and Maintenance of Aadhaar Data Vault Solution at DC & DR. The bidder shall
be OEM (Original Equipment Manufacturer) / OSD (Original Solution Developer) or authorized partner of
OSD meeting the UIDAI guidelines.
2. Integrity Pact (IP)

Venders/bidders/sellers, only those who commit themselves to Integrity Pact (IP) with the Bank, would
be considered competent to participate in the bidding process. In other words, entering into this pact
would be the preliminary qualification. In case of bids for value of Rs.1.00 Crore not accompanied with
signed IP by the bidders along with the technical bid, the offers shall be summarily rejected.
IP shall cover all phases of contract i.e. from the stage of Notice Inviting Tenders (NIT)/Request for
Proposals (RFP) till the conclusion of the contract i.e. final payment or the duration of
warrantee/guarantee. Format of IP is attached as Annexure H for strict compliance.
The following Independent External Monitors (IEMs) have been appointed by the Bank, who will review
independently and objectively, whether and to what extent parties have complied with their obligation
under the pact.
1. Mr. Ashok Vishwanath Subhedar
Email:-iem.ashok.vs@ippbonline.in
2. Mr. Pradeep Kumar Jajoria
Email:-iem.pradeep.kj@ippbonline.in
Integrity Pact (IP) should be deposited with IT Department, date at the address mentioned in place of
opening of bids.
P a g e 10 | 136
Vault Solution
3. Objectives of the RFP

3.1. UIDAI is issuing a unique 12 digit random Aadhaar number to the residents of India after
verification of demographic and biometric information. As part of demographic information,
name, birth date, age, gender, address, mobile number, email id etc. are captured whereas
fingerprints, iris scans and photograph are captured as part of biometric information by
UIDAI for generation of Aadhaar number.
3.2. Aadhaar number, being unique and verifiable in an online and cost effective way, various
organizations like Banks, Telecoms, Govt. Department, Income Tax Department, Private
Sectors, etc. use Aadhaar number for eKYC, authentication and address proof to avail and
provide various benefits/services. Aadhaar number is also used for AEPS and APBS
transaction and various subsidy schemes for direct beneficiary transfers. All these
organizations store Aadhaar number to deliver and avail services. Aadhaar Number holder
has to share the Aadhaar Number to various entities and the entities store the Aadhaar
numbers as reference key to deliver their services/benefits.
3.3. UIDAI vide circular no. 11020/205/2017-UIDAI (Auth-I) dated 25-07-2017 has circulated
guidelines and directed all banks for mandatorily storing Aadhaar number and any
connected Aadhaar data on a separate secure database/vault/system. This system will be
termed as “Aadhaar Data Vault” and will be the only place where the Aadhaar number and
any connected Aadhaar data will be stored.
3.4. At present, Aadhaar number is stored in CBS, MATM, Mobile Banking, Merchant App etc. In
view of UIDAI notification, Bank need to setup Aadhaar Vault to store Aadhaar number and
reference key in secure and encrypted manner to comply with regulatory guidelines.
4. Invitation of Tender Bids

This RFP is an invitation for bidder responses. No contractual obligation on behalf of the Bank
whatsoever shall arise from the RFP process unless and until a formal contract is signed & executed by
duly authorized officers of the Bank and the successful bidder. However, until a formal contract is
prepared and executed, this offer together with Bank’s written acceptance & notification of award shall
constitute a binding contract with the successful bidder.
Bidders are expected to examine all instructions, forms, terms, specifications, and other information in
the RFP document. Failure to furnish any information required by the RFP document or to submit a bid
not substantially responsive to the RFP document in every respect will be at the Bidder’s risk and may
result in the rejection of its bid. The procedure and terms & conditions for submission of bid are
enumerated in this RFP.
All offers of the bidders shall be unconditional and once accepted whether with or without
modifications by the Bank shall be binding between the Bank and such Bidder.
P a g e 11 | 136
Vault Solution
The RFP Document can be downloaded from Bank’s Website www.ippbonline.com or from Government
portal eprocure.gov.in. The response should be uploaded online at the CPP Portal eprocure.gov.in.
5. Eligibility Criteria
Only those Bidders who fulfill the following criteria are eligible to respond to the RFP. Document/s in
support of all eligibility criteria are required to be submitted along with the Technical Bid. Offers
received from the bidders who do not fulfill any of the following eligibility criteria are liable to be
rejected.
5.1. The bidder has to submit Integrity Pact (IP) signed by authorized signatory as prescribed
format mentioned in Annexure H on plain paper in advance (not prior to issuance of RFP)
or at the time of bid submission. Bidder shall be liable for rejection in case of non-
submission of the same.
5.2. The bidder should be a registered/incorporated company in India as per Companies Act
1956/2013 and must have in existence for the last 5 years. Relevant Documents of
registration is to be submitted.
5.3. The Bidder must have minimum annual turnover of Rs. 4.00 crore each in last three
financial years (i.e. 2016-17, 2017-18 & 2018-19) from Indian operations. Audited financial
statements for FY2016-17, FY2017-18 & FY2018-19 are to be submitted. In case the
audited financials for the year 2018-19 is not available, CA Certificate should be submitted.
This must be the individual company turnover and not that of any group of companies.
5.4. Bidder should have positive operating Profit (as EBITDA i.e. Earnings Before Interest, Tax,
Depreciation & Amortization) in each of the last three financial years, (2015-16, 2016-17,
and 2017-18). In case the audited financials for the year 2018-19 is not available, CA
Certificate should be submitted.
5.5. The bidder should have implemented Aadhar Data Vault Solution with TPS of 500 and
above to any Banks / Insurance Company / Government Organizations / Financial
Institutions in India, during last three years as on date of RFP. The bidder has to submit
Purchase Order and Performance Certificate of solution.
5.6. OEM/Bidder should have implemented Aadhaar Data Vault/ in at least One PSU/
Government Organizations / BFSI in India, during last three years as on date of RFP. The
bidder has to submit Purchase Order / Performance Certificate of solution.
5.7. The Bidder should be OEM or Original Solution Developer (OSD) or their authorized
partners or Service Provider (SP) or System Integrator (SI) of OEM/OSD in India with an
authority to do customization/up-gradation during the period of contract with the Bank.
P a g e 12 | 136
Vault Solution
Bidder needs to provide Manufacturer Authorization Form (MAF) from OEM stating that
bidder is authorized partner of OEM and authorized to participate in this tender and in
case the bidder is not able to perform obligations as per contract during the contract
period, contracted services will be provided by OEM within the stipulated time. Both
OEM/OSD & their authorized partner cannot participate in the RFP. In case, both OEM &
his authorized partner participates, only bid of the OEM/OSD will be considered.
5.8. The Bidder should have not been black listed at any time by the Central / State
Governments/ PSUs/PSBs. In case, in the past, the name of their Company was black listed
by any of the Govt. Authority or PSUs/PSBs, the name of the company or organization
must have been removed from the said list as on date of submission of the RFP, otherwise
it will not be considered. Self-Declaration on Company’s letter Head signed by authorized
signatory of the bidder as per the Annexure O is required to be submitted.
The participating bidders are required to submit unambiguous documentary evidences, in support of
their meeting the above eligibility criteria. The Bidder must comply with all above mentioned criteria.
Noncompliance of any of the criteria will entail rejection of the Bid summarily.
Bank reserves the right to verify /evaluate the claims made by the Bidder independently. Any decision of
the Bank in this regard shall be final, conclusive and binding upon the bidder. The Bank may accept or
reject an offer without assigning any reason what so ever.
All documentary evidence/certificates confirming compliance to eligibility criteria should be part of

technical bid.
6. Broad Scope of Work

Bank is currently storing Aadhaar Number in CBS. UIDAI vide circular no. 11020/205/2017-UIDAI (Auth-I)
dated 25-07-2017 has directed all entities for mandatorily store Aadhaar number and any connected
Aadhaar data on a separate secure database/vault/system. This system will be termed as “Aadhaar Data
Vault” and will be the only place where the Aadhaar number and any connected Aadhaar data will be
stored. The scope of work includes following, but is not limited to:
6.1. The Bidder shall be responsible for Supply, Installation, Configuration, Integration,
customization, operationalization and Maintenance of Aadhaar Data Vault (ADV) Solution.
6.2. Provide complete solution with necessary hardware & software for implementing Aadhaar
Vault system in bank as per UIDAI guidelines. Each Aadhaar number is to be referred by an
additional key called as Reference Key. Mapping of reference key and Aadhaar number is to be
maintained in the Aadhaar Data Vault.
6.3. The Bidder is required to Supply all the required Hardware (including HSM) and Software
(OS/Application) with required licenses, install & deploy ,manage the solution at the Bank’s
P a g e 13 | 136
Vault Solution
Data Center at Mumbai and at DR Site Bangalore. The Hardware and Software licenses procured
should be in the name of India Post Payments Bank.
6.4. Bidder will have to configure and maintain the Database and Software provided by the
bidder during the contract period. Bidder would have to upgrade software version,
deploy/update patches as per Bank’s requirement. None of the hardware, software etc. should
be declared EOL/EOS by OEM. Bidder has to upgrade the hardware/software etc. if declared EOL
within the same cost during the tenure of the RFP.
6.5. The Bidder is required to integrate the proposed solution with CBS, MATM, Mobile Banking,
Merchant App, CKYC, ODS/SAS and any other applications, with other service providers as and
when required without any extra cost to the Bank.
6.6. The Solution should generate a unique Reference key for each Aadhaar Number being used/
captured through various applications of the Bank. Each Aadhaar number is to be referred by
Reference key. These keys will replace Aadhaar numbers in Bank’s ecosystem and mapping of
reference key and Aadhaar number is to be maintained in the Aadhaar Data Vault. The
reference key generated for the Aadhaar number is to be used in the CBS and other applications
of the Bank. Aadhaar number stored should not be accessible to the users as only the reference
key would be used in lieu of Aadhaar number.
6.7 The bidder will coordinate with the existing vendor and other vendor or NPCI or any other
Solution Provider that Bank may take in future to make devices compatible for such
applications. The bidder has to provide support and applicable patches as and when released.
6.8. Reference keys generated should be local to Bank and should be accessible from the
Aadhaar Data vault through APIs/secured file based/any middleware.
6.9. For Reference Key generation/encryption any appropriate industry standard may be utilized
as long as it meets the requirement of the latest UIDAI circulars/Regulatory compliance of
NPCI/RBI/DFS etc. on the topic of Aadhaar Vault. The chosen Reference Key generation method
should ensure that the recovery of the original Aadhaar number must not be computationally
feasible knowing only the reference key or number of reference keys. Algorithms used to
generate Reference keys must ensure that the Aadhaar number can neither be guessed nor be
reverse engineered.
6.10. Standards /specifications published by UIDAI to be referred for algorithm and key length
such as Auth API specifications or eKYC API specifications where it states RSA 2048 for Public key
encryption and AES 256 for symmetric encryption (this is as per mentioned in UIDAI Circular
dated 25.07.2017 and the standards may change with time).
6.11. The Aadhaar Data vault should ideally maintain the mapping of Aadhaar numbers and
corresponding reference numbers. Hence any access to data vault (except for maintenance
purposes / Administration purposes) should only be to refer this mapping.
P a g e 14 | 136
Vault Solution
6.12. The Aadhaar data vault solution should encompass the following events:
6.12.1. Aadhaar Data Vault shall store Aadhaar number in an encrypted format and the
encryption keys shall be stored within HSM to ensure security.
6.12.2. Each Aadhaar number shall be mapped to a unique reference key and encrypted
Aadhaar number shall be stored corresponding to the unique reference key.
6.12.3. The Reference Key generation mechanism (Tokenization) must be a secure solution and
the keys should be managed in FIPS compliant module.
6.12.4. The encryption solution is required to encrypt any other sensitive data that may contain
Aadhaar number.
6.12.5. The unique Reference key so generated shall be such that it wouldn’t be possible to re-
engineer the Aadhaar number using the key.
6.12.6. The following APIs shall be exposed by the Aadhaar Data Vault
6.12.6.1. Storing Aadhaar number with a reference key
6.12.6.2. Retrieving Aadhaar number based on reference key
6.12.6.3. Updating the status of Aadhaar number
6.12.7. Querying Reference Key, which accepts Aadhaar number as input and returns reference
key as output
6.12.8. Aadhaar Data Vault shall have functionality for first Time Migration Batch, which
migrates the existing Aadhaar details to vault in an efficient manner.
6.12.9. Aadhaar Data Vault shall have functionality for Bulk Aadhaar Query, which accepts list of
reference key as input and return its respective Aadhaar number as output.
6.12.10. Aadhaar Data Vault shall have functionality for Bulk Aadhaar Update, which updates
the status list of Aadhaar number in Aadhaar vault database.
6.12.11. Aadhaar Vault shall interface with HSM to perform encryption/decryption functions on
Aadhaar data with the mapped keys.
6.12.12. Aadhaar Vault shall have admin configuration module through which Users shall be able
to configure channel and services and channel authentication parameters.
6.12.13. Aadhaar Data Vault shall manage authentication of source to validate request
originated from proper channel.
P a g e 15 | 136
Vault Solution
6.13. Apart from meeting the functional requirements as set out by UIDAI, the Aadhaar Data
Vault also ensures the following
6.13.1. Application Security –Aadhaar Vault System shall ensure security of Aadhaar data. Access
to database system that stores the encrypted Aadhaar information shall be strictly controlled
and only authorized persons shall be allowed to access it. Keys used to encrypt Aadhaar
number/data shall be stored only in the HSM to ensure tamper proof security.
6.13.2. Performance –Since Aadhaar number is basis of multiple business transactions which
happen in real time, Aadhaar Data Vault system shall respond fast enough to allow other
systems to complete real time transactions without any noticeable time lag/delay.
6.13.3. High Availability –Aadhaar Vault System shall be scalable enough to support clustered
deployment for high availability.
6.14. During implementation period, Bidder is required to generate Reference keys of all the
existing Aadhaar numbers in the Bank’s environment through the solution. Signoff of the
complete implementation will be given only after mapping of all the existing Aadhaar numbers.
The implementation shall be considered formally accepted after signing the acceptance
document jointly by Bank Team and representative from the bidder.
6.15. Hardware for the Solution must be capable enough to handle 1100 TPS and should be
scalable so as to handle transactions and cater Aadhaar numbers during the contract period of 5
years as provided below
Peak Business Transactions Per Second (TPS) Projections
2019-20 2020-21 2021-22 2022-23 2023-24
1100 1400 1700 2000 2300
. The hardware sizing must be done accordingly by the bidder. At no instance, during the contract
period, the solution/servers utilization should exceed 75%. In case the performance is adversely
affected or the utilization of any server or any peripheral, exceeds the threshold of 75%, more
than 3 times in a quarter, the vendor is required to upgrade the hardware, within one month
without any extra cost to the Bank.
6.16. The Vendor should maintain Uptime of 99.95% of the Solution both at DC & DR during
contract period.
6.17. Regulatory Compliance- The Bidder should comply with UIDAI and ASA/KSA guidelines
specified by UIDAI/NPCI for the proposed solution and must comply to Aadhaar Act 2016 and the
subsequent amendments. The Aadhaar Vault solution (including all Hardware, Software etc)
P a g e 16 | 136
Vault Solution
should at all time be compliant with current standards / guidelines issued by Government / RBI/
IBA/IDRBT/NPCI/NABARD/UIDAI/DFS authorities and/or other statutory authorities with regard
to Aadhaar Act and Regulations, 2016. In case of any change in the guidelines (by any of the above
mentioned authorities) throughout the contract period, the bidder would have to comply with
the same. Bank will not pay the charges for minor customization (efforts required up to 10 Man
days). For major customization (efforts required more than 10 man days), Bank will pay the
charges as per customization charge discovered. Bidder has to customize/modify the solution to
meet the requirement as per RBI/IBA/IDRBT/NPCI/NABARD /UIDAI/DFS etc requirement within a
maximum period of 1 month from the date of issuance of such customization / modifications or
earlier, depending upon the level of customization/modification prescribed by the said
authorities.
6.18. The proposed Aadhaar Vault Solution must comply with UIDAI Circular
No.K11020/205/2017 (Auth I) dated 25.07.2017, Circular no.4 of 2018 dated 01.05.2018, circular
no.5 of 2018 dated 16.05.2018 and circular no.6 of 2018 dated 04.06.2018 on implementation
of Virtual ID, UID Token & limited KYC and other guidelines issued by UIDAI/other regulators
from time to time during the tenure of the RFP. Bidder must submit proper documentation
along with the technical bid to demonstrate that the implementation meets the requirement of
UIDAI circular, which could be subjected to internal audit or external audit from an independent
team or confirmation on the points of the circular by the internal technology or security team
(independent). The Solution may also be subjected to any audit by any of the regulatory
authorities also. Bidder will have to address the deficiency/deviation observed in the audits
without any extra cost to the Bank and within the timelines as stipulated by the regulatory
authorities.
6.19. The reporting and logging system of the Aadhaar Data Vault shall integrate seamlessly with
existing SIEM Solution. The Solution is also required to be integrated with Bank’s existing
Privileged Identity Management (PIM) Solution. As required by Bank the Bidder shall provide all
the required information and data for integrating with SIEM & PIM Solution. Integration with
Bank’s existing information security tools is responsibility of the Bidder.
6.20. The bidder is required to maintain the RTO of 120 minutes and zero RPO as per the Bank’s
Business Continuity Policy.
6.21. UAT – User Acceptance Test- The Bidder should setup the UAT environment for testing of
the solution before implementation of the solution in the production environment. The UAT
setup shall be used for the customization of any changes before movement in production. The
setup would be kept available at all times during the contract period. The Solution will be
deemed accepted only when all the functionalities as per the Scope are provided, commissioned
and accepted by the Bank or the Bank Appointed Consultant. The UAT shall be signed off
between the Bank and the Successful Bidder.
P a g e 17 | 136
Vault Solution
6.22. Aadhaar Data Vault solution should support the features and functionalities as mentioned
in the Annexure- E, Technical Specification of the Solution. The bidder is responsible for
Primitive maintenance of proposed solution and share the report with the Bank for every
quarter. Vendor should provide all feature upgrades or version upgrades during contract period
without any cost.
6.23. Bank conducts the audit of all IT systems on yearly basis. Bidder will be responsible for
complying with all the audit observations in all respect including OS, application, database, etc
at Data Centre, Mumbai as well as DR site, Bengaluru within 15 days after receiving the report.
6.24. Bank conducts the VA/PT of all IT systems on quarterly basis. Bidder will be responsible for
complying with all the audit observations in all respect including OS, application, database, etc
at Data Centre, Mumbai as well as DR site, Bengaluru within 15 days after receiving the report.
6.25. Any observation raised by Regulators from time to time should be rectified and fixed by
the bidder within a reasonable period as mutually agreed. Bank will not pay the charges for
minor customization (efforts required up to 10 Man days). For major customization (efforts
required more than 10 man days), Bank will pay the charges as per customization charge
discovered.
6.26. Training- Vendor is required to impart mandatory training of at least One week to Bank
Nominated Officials (10 officials) twice in the first year of Contract (at a minimum gap of 6
months) and once every year from second year onwards, with complete knowledge transfer for
handling the application or regarding any new feature/update etc, at no extra cost to the Bank.
6.27. The number of resources deployed during the implementation period is as per bidder’s
discretion. The resources deployed should have requisite knowledge and experience required
for management and monitoring of the overall operations of Aadhaar Data Vault Solution.
Onsite engineer should be able to perform the maintenance activity. If onsite engineer is not
able to perform the maintenance activity, bidder need make the necessary arrangement
without any cost to Bank. Detailed scope of onsite resource is provided in clause 11
6.28. The bidder will be responsible for hardening of the OS for Aadhaar Data Vault Solution as
per the Bank’s IT security policy. During the contract period, the bidder will apply patches and
upgrade of OS, database, application, etc from time to time without any additional cost to the
Bank.
6.29. All hardware and software provided under this tender should support for IPv4 and IPv6
from day one.
6.30. The vendor will provide services for implementation / rolling-out /support / maintenance
of proposed solution (including hardware) for a minimum period of 5 years (3 years warranty + 2
years AMC) from Go Live date. Bank reserves right to cancel the contract at any time in case
system fails to meet any of the requirements as mentioned in the RFP.
P a g e 18 | 136
Vault Solution
7. Disaster Recovery
The proposed system must be capable and compatible for Disaster Recovery Implementation. The
successful bidder should describe the provisions and setup required for disaster recovery. The
successful bidder should replicate the whole setup for all modules with customization in DR.
8. Support
8.1. Maintenance Support
8.1.1. The Bidder must provide uninterrupted availability of the solution and ensure that
the problem is resolved within the time schedule as prescribed in the Service Level
agreement (SLA). The support includes, inter alia, maintenance, patch
management, upgrades and troubleshooting, audit closures, DR Drills etc.
8.1.2. The bidder shall propose Support & Subscription services from the OEM with
unlimited number of support requests, remote support, access to product
updates/upgrades and 24x7 supports as per response time matrix.
8.1.3. The bidder shall propose Plan & Design/Architecture services from the OEM. The
OEM/Bidder should conduct a health-check of the deployed solution including
hardware in every quarter and submit a report indicating compliance to reference
architecture and best practices.
8.2. Project Management
8.2.1. Successful bidder must appoint a Support Coordination Manager dedicated to the
Bank account only, immediately after receiving the work order/ letter of intent. The
Coordination Manager should have direct experience of successful end to end
implementation/management of the entire project. The Coordination Manager
should be directly and easily accessible to the Bank officials through convenient
communication channels like phone/e- mail.
8.2.2. Detailed Project review must be conducted during project execution at no additional
cost. These reviews are required weekly/fortnightly/monthly (frequency will be
decided by the Bank) with the project leaders/ project manager or steering
Committee level (of successful bidder and the Bank) respectively. The review will be
in order to monitor progress of the project and take necessary corrective action, if
required. The successful bidder will submit weekly reports regarding the progress of
work along with the corrective actions/ suggestions and risk management plan. Any
document submitted by the successful bidder should be properly backed up by
P a g e 19 | 136
Vault Solution
quality review documents. Extension of contract for support however shall be at the
discretion of the bank.
8.3. Implementation Plan and Schedule
The Bidder shall provide all services specified hereunder and in the Technical,
Operational and Functional specifications. If the Bank finds that any of the staff of
the Bidder assigned to work at onsite is not responsive then the Bidder will be
notified, the Bidder should resolve the issue to the satisfaction of the Bank. Bidders
should give detailed implementation plan.
The project should be completed within 16 weeks from date of placing of purchase
order as under:
Sr.No Activities Duration
Delivery and installation of Hardware at DC and DR site.

1. 8 Weeks
Installation, Customization, if any & Implementation of

2. Solution at DC and DR Site 4 Weeks
3. User Acceptance Test, Migration of data, if any and

2 Week
Pilot Run
4. Full Project implementation/documentation/ training and

Go-live 2 Week
Total 16 Weeks
9. Instructions for Bid Submission:

9.1. Bid Security/EMD
9.1.1. The bidder should deposit bid security of Rs.40,00000/- (Rupees Forty
Lakhs) in the form of a demand draft/Pay Order favoring India Post
Payments Bank, payable at Delhi or Bank Guarantee from any Scheduled
Commercial Bank. Bank Guarantee should be valid for minimum 6
months and with claim period of 45 days.
9.1.2. EMD should be deposited at the address mentioned in place of opening

of bids.
P a g e 20 | 136
Vault Solution
9.1.3. No interest will be payable on the Bid Security amount.
9.1.4. Unsuccessful Bidders’ Bid security with no interest earned will be

returned after completion of tender process. Unsuccessful Bidders
should submit the Letter for Refund of EMD/Bid Security for returning
of the bid security amount as per Annexure Q.
9.1.5. Bid security of successful bidder will be released after submission of

Performance Bank Guarantee within six months from the date of receipt
of purchase order or before expiry of EMD for an amount equivalent to
15% of the project cost valid till contract period of 5 years plus three
months beyond the date of completion of all contractual obligations and
such other extended period as the Bank may decide for due
performance of the project obligations.
9.1.6. Bid Security will be forfeited in the following cases:

9.1.6.1. If a bidder withdraws its bid during the period of bid validity;
or
9.1.6.2. If a Bidder makes any statement or encloses any form which

turns out to be false / incorrect at any time prior to
signing of Contract or refuses to correct the errors found in
the bid.
9.1.6.3. In case of any technical issues during reverse auction, if

Bank decides to re-conduct reverse auction and any of the
shortlisted bidder does not participate in the re-reverse
auction at least by way of log in.
9.1.6.4. In case of a successful Bidder, if the Bidder fails:

a. To execute Contract within the stipulated time:
b. To respond to the Purchase order within the stipulated

time, Or
c. To furnish Performance Bank Guarantee as

mentioned in Performance Bank Guarantee herein
P a g e 21 | 136
Vault Solution
The successful Bidders Bid security will be discharged without interest upon
the Bidder signing the Contract and furnishing the performance bank
guarantee as per the format mentioned in Annexure J, Performance Bank
Guarantee.
9.2. Performance Bank Guarantee

The successful bidder shall provide a Performance Bank Guarantee within 30
days from the date of receipt of the order or signing of the contract whichever
is earlier in the format as provided in Annexure J, to the extent of 15% of the
total contract value for the entire period of the contract plus 3 months and
such other extended period as the Bank may decide for due performance of
the project obligations. The guarantee should be of that of a nationalized Bank
only, other than India Post Payments Bank.
In the event of non-performance of obligation or failure to meet terms of this

tender the Bank shall be entitled to invoke the performance guarantee
without notice or right of demur to the successful bidder. Any amount
pending for payment due to non achieving of milestone/s set under the
agreement or any other reason solely attributable to the successful bidder
should be included in the remaining amount of the contract value.
The Bank reserves the right to recover any dues payable by the selected bidder
from any amount outstanding to the credit of the selected bidder, including
the pending bills and/or invoking Performance Guarantee, if any, under this
contract.
If the Performance guarantee is not submitted within the stipulated time, the
Bank reserves the right to cancel the order / contract and the earnest money
deposit taken from the successful bidder, will be forfeited.
9.3. Language of Bid

The language of the bid response and any communication with the Bank must
be in written English only. Supporting documents provided with the RFP
response can be in another language so long as it is accompanied by an
attested translation in English, in which case, for purpose of evaluation of the
bids, the English translation will govern.
P a g e 22 | 136
Vault Solution
9.4. Period of Validity of Bids

Bids should remain valid for the period of at least 180 days from the last date
for submission of bid prescribed by the Bank. In case the last date of
submission of bids is extended, the Bidder shall ensure that validity of bid is
reckoned from modified date for submission. Further extension of the validity
of the bid will be decided by the bank in case of need. The price quoted in
Final Commercial Offer will be valid for at least 180 days from the date of
offer.
9.5. Amendment of Bidding Documents

Prior to the last date for bid‐submission, the Bank may, for any reason,
whether at its own initiative or in response to clarification(s) sought from the
prospective Bidders, modify the RFP contents/ covenants by amendment.
Clarification /amendment, if any, will be notified on Bank’s website. No
individual communication would be made in this respect.
9.6. Authorization to Bid

The proposal/ bid being submitted would be binding on the Bidder. As such, it
is necessary that authorized personnel of the firm or organization sign the bid
documents. The designated personnel should be authorized by a senior official
of the organization having authority or Board and produce such documents
acceptable to bank evidencing his authorization.
9.6.1. All pages of the bid, shall be initialed by the person or persons signing
the bid
9.6.2. Bid form shall be signed in full & official seal affixed.
9.6.3. Any inter‐lineation, erasure or overwriting shall be valid only if they are
initialed by the person or persons signing the Bid.
9.6.4. All such initials shall be supported by a rubber stamp impression of the
Bidder’s firm.
9.6.5. The proposal must be accompanied with an undertaking letter duly

signed by the designated personnel providing a bid commitment. The
P a g e 23 | 136
Vault Solution
letter should also indicate the complete name and designation of the
designated personnel.
9.7. Two Part Bid

The Bid should be submitted online at the CPP portal website
https://eprocure.gov.in/ by the Bidder. It should comprise the following
components:
9.7.1. Technical bid – Part I: “Technical Bid for Supply, Implementation and
Maintenance of Aadhaar Data Vault Solution at DC & DR”.
9.7.2. Commercial bid – Part II: “Indicative Commercial Bid for Supply,
Implementation and Maintenance of Aadhaar Data Vault Solution at
DC & DR”.
9.7.3. Any bid document not conforming to any one of the above terms will
be rejected.
9.7.4. In the first stage, Integrity Pact (IP) signed by authorized signatory
submitted by bidder will be reviewed and if it is as per prescribed
format then only TECHNICAL BID will be opened and evaluated.
Bidders satisfying the technical requirements as determined by the
Bank and accepting the terms and conditions of this document shall be
short-listed for commercial evaluation. Under the second stage, the
INDICATIVE COMMERCIAL BID of only those bidders, whose technical
bids are qualified, will be opened.
9.7.5. As a part of technical evaluation, the bidders may be required to give

complete presentation of their offer solution. The presentation may
also include details of customization required if any and the time
period for its complete implementation.
9.7.6. After evaluation of indicative commercial bids, the L1 bidder will be

selected using Reverse Auction process. Reverse Auction Rules are
given in Annexure L.
P a g e 24 | 136
Vault Solution
9.7.7. The indicative commercial bid will be used for finalizing the starting bid
for reverse auction. After completion of the reverse auction, selected
bidder should submit the price break-up as per the Annexure F (A).
9.8. Technical Bid

9.8.1. The Technical Bid - Part I should be complete in all respects and contain all
information asked for in this document. It should not contain any price
information.
9.8.2. The Technical Bid - Part I must be submitted online.

9.8.3. The following two original documents are to be submitted to the bank
physically as well as online mode on or before last date & time of bid
submission:
9.8.3.1. Bid security of Rs.40,00,000/-(Rupees Forty Lac Only) in the form of

a demand draft/pay order issued by a scheduled commercial bank
favoring India Post Payments Bank, payable at New Delhi or Bank
Guarantee from any scheduled commercial Bank other than India
Post Payments Bank.
9.8.3.2. Integrity Pact (IP) as provided in Annexure H is to be submitted

physically. It should be on plain paper duly signed by authorized
signatories.
9.8.4. The following documents are to be submitted online at the e- procurement

site https://www.eprocure.gov.in
9.8.4.1. Annexure A - Letter Of Acceptance

9.8.4.2. Annexure B - Bid Form
9.8.4.3. Annexure C - Bidder's Profile Format
9.8.4.4. Annexure D - Eligibility Criteria
9.8.4.5. Annexure D (A) - Compliance To RFP Terms & Conditions
9.8.4.6. Annexure D (B) – Declaration for Compliance

9.8.4.7. Annexure E - Technical Specifications
P a g e 25 | 136
Vault Solution
9.8.4.8. Annexure E (A) – Hardware Specifications

9.8.4.9. Annexure F – Unpriced Indicative Commercial Bid
9.8.4.10. Annexure G - Reference Site Details
9.8.4.11. Annexure L - Business Rules for Reverse Auction
9.8.4.12. Annexure L (A) - Compliance Statement - Reverse Auction
9.8.4.13. Annexure L (B) - Letter Of Authority For Participation In Reverse

Auction
9.8.4.14. Annexure L (C) - Undertaking of Process Compliance Statement

for Reverse Auction
9.8.4.15. Annexure M - Confidentiality / Non Disclosure Agreement

9.8.4.16. Annexure O - Undertaking By Bidder
9.8.4.17. Annexure P - Undertaking of information security (to be submitted
by both Bidder and OSD)
9.8.4.18. Annexure R – Know Your Employee (KYE)

9.8.4.19. Photocopies of relevant documents / certificates as proof in
support of various information submitted online in aforesaid
annexure and other claims made by the bidder.
9.8.4.20. Detailed Architecture of the proposed solution with various

features/functions of the system/sub-system including fail-over
methodology/strategy at both Primary & DR Site.
9.8.4.21. Documents and brochures pertaining to product that will be

deployed in the proposed solution.
9.8.4.22. Signed & Sealed copy of all the pages of RFP along with
corrigendum if any, is to be submitted along with the technical bid.
9.8.5. The Bank reserves the right to resort to re-tendering without providing any
reason whatsoever. The Bank shall not incur any liability on account of such
rejection.
P a g e 26 | 136
Vault Solution
9.8.6. The Bank reserves the right to disqualify the bidder/(s) if bidder/(s) have not
completed any project/previous assignment successfully in India Post
Payments Bank in stipulated time i.e. supply, installation, implementation
etc.
9.8.7. The Bank further reserves the right to reject any or all offers based on its
own evaluation of the offers received, or on the basis of stability,
capabilities, track records, reputation among users and other similar
features of a bidder.
9.8.8. The Bank reserves the right to modify any terms, conditions or
specifications of RFP before date of submission of bids. Bidder has to submit
bid documents as per the changes/modifications while submitting the bid.
Notification of amendments/corrigendum will be made available on the
Bank’s website (www.Ippbonline.com ) and will be binding on all bidders and
no separate communication will be issued. In order to allow prospective
bidders reasonable time in which to take the amendment into account in
preparing their bids, the Bank, at its discretion, may extend the deadline for
a reasonable period as decided by the Bank for the submission of bids. No
post bid clarification of the bidder shall be entertained.
9.9. Indicative commercial offer

The Indicative commercial offer must not contradict the Technical offer in any
way and should include the indicative cost of all the items offered. The
suggested directive for Commercial offer is as follows:
9.9.1. The Indicative Commercial Offer should be submitted online at the e-

Procurement site https:// www.eprocure.gov.in as per Annexure F(A) by
way of entering the values at the site. This must contain all prices.
9.9.2. The vendors should not offer any options or any conditional offers to
the Bank while giving the price information. The offer should strictly be
in conformity with the items as specified by the Bank. No additions or
deletions to the Annexure are allowed. Any deviations may lead to
disqualification of the bid.
9.10. Technical Bid Evaluation

P a g e 27 | 136
Vault Solution
9.10.1. During the period of evaluation, bidders may be asked to provide more
details and explanations about information provided in the proposals.
Bidders should respond to such requests within the time frame
indicated in the letter/e-mail seeking explanation. If any part of the
technical specification offered by the bidder is different from the
specifications sought in our RFP, the bidder has to substantiate the same
in detail the reason of their quoting a different specification than what
is sought for, like higher version or non-availability of the specifications
quoted by us, invariably to process the technical offer.
9.10.2. Setting of evaluation criteria for selection purposes shall be entirely at

the discretion of the Bank. The decision of the bank in this regard shall
be final and no correspondence shall be entertained in this regard.
9.10.3. The Bank may, at its discretion, waive any minor informality,
nonconformity, or irregularity in a bid which does not constitute a
material deviation and financial impact, provided such waiver does not
prejudice or affect the relative ranking of any bidder. Wherever
necessary, observations on such “minor” issues (as mentioned above)
Bank may be conveyed to the bidder, asking them to respond by a
specified date also mentioning therein that, if the bidder does not
respond by the specified date, their bid will be liable to be rejected.
On the basis of technical evaluation, the Bank shall take a decision for short
listing of the bidders for Commercial Evaluation. If the technical evaluation is
not found to be satisfactory, further evaluation will not be done. No separate
information will be sent to the disqualified bidders. Any decision of the BANK
in this regard shall be final, conclusive and binding on the bidder.
9.11. Commercial Evaluation Process through Reverse Auction

9.11.1. For finalization of the most competitive offer, the Bank will conduct
“Reverse auction”. The detailed procedure and Business rules for the
Reverse auction is given as per Annexure-L .
P a g e 28 | 136
Vault Solution
9.11.2. The technically qualified bidders will participate in the Reverse auction
process that will be conducted on CPP portal.
9.11.3. The lowest Indicative commercial offers (total cost) may be taken as the
starting bid of the Reverse Auction and not for deciding the L-1 status.
Bidders should note that the indicative commercial bid is considered for
the purpose of conducting Reverse auction process only. The L-1 bidder
will be decided only later, on finalization of prices through Reverse
auction.
9.11.4. The L-1 bidder emerging at the end of the Reverse Auction process shall
be required to submit the break-up of Final price (last bid price) again as
per Annexure-L Guidelines. Failure or refusal to offer the services/goods
at the price committed through Reverse Auction shall result in forfeit of
the EMD to Bank, which please be noted.
9.11.5. The final decision on the bidder will be taken by India Post Payments
Bank. IPPB reserves the right to reject any or all proposals. Similarly, it
reserves the right not to include any bidder in the final short-list.
9.11.6. The Bank shall follow all the guidelines/notifications for public
procurement.
9.12. RFP Clarifications

Queries/clarifications will not be entertained over the phone. All queries and
clarifications must be sought in writing or sent to nishant.c@ippbonline.in
with subject “RFP for Supply, Implementation and Maintenance of Aadhaar
Data Vault Solution at DC & DR.” as per the date given in the schedule of
events of this RFP document.
The Bidder is requested to collate and submit queries together to seek

clarifications / responses from Bank. The Bidder should ensure that all the
queries and clarifications are communicated in writing on or before the date
given in the schedule of events of this RFP document. Bidders are requested
to visit our Banks website/e-Procurement site for clarifications and other
communications.
P a g e 29 | 136
Vault Solution
9.13. Other Terms and Conditions of RFP

9.13.1. The solution will be deemed accepted only after successful pilot run and
sign off from Bank’s identified Project Manager. Responses to this RFP
should not be construed as an obligation on the part of the Bank to award
a purchase contract for any services or combination of services. Failure of
the Bank to select a bidder shall not result in any claim whatsoever against
the Bank. The Bank reserves the right to reject any or all bids in part or in
full, without assigning any reason whatsoever.
9.13.2. By submitting a proposal, the successful bidder agrees to promptly

contract with the Bank for any work awarded to the successful bidder.
Failure on the part of the awarded bidder to execute a valid contract with
the Bank will relieve the Bank of any obligation to the bidder, and a
different bidder may be selected based on the selection process.
9.13.3. The terms and conditions as specified in the RFP and corrigendum (if any)
thereafter are final and binding on the bidders. In the event the bidder is
not willing to accept the terms and conditions of the Bank, the bidder may
be disqualified. Any additional or different terms and conditions
proposed by the bidder would be rejected unless expressly agreed to in
writing to the Bank and accepted by the Bank in writing.
9.13.4. The successful bidder must strictly adhere to the delivery dates or lead
times identified in their proposal. Failure to meet these delivery dates,
unless it is due to reasons entirely attributable to the Bank, may
constitute a material breach of the successful bidder’s performance and
to recover liquidated damages /forfeit the bid security. In the event that
the Bank is forced to cancel an awarded contract (relative to this tender
document) due to the successful bidder’s inability tomeet the established
delivery dates or any other reasons attributing to successful bidder then,
that bidder will be responsible for any re- procurement costs suffered by the
Bank. The liability in such an event could be limited to the differential excess
amount spent by the Bank for procuring similar deliverables and services.
9.13.5. The bidder shall represent and acknowledge to the Bank that it possesses
necessary experience, expertise and ability to undertake and fulfill its
P a g e 30 | 136
Vault Solution
obligations, involved in the performance of the provisions of this RFP. The

bidder represents that the solution to be supplied in response to this RFP
shall meet the proposed bidders requirement. If any services, functions
or responsibilities not specifically described in this RFP are an inherent,
necessary or customary part of the deliverables or services and are
required for proper performance or provision of the deliverables or
services in accordance with this RFP, they shall be deemed to be included
within the scope of the deliverables or services, as if such services,
functions or responsibilities were specifically required and described in
this RFP and shall be provided by the bidder at no additional cost to the
Bank. The bidder also acknowledges that the Bank relies on this
statement of fact, therefore neither accepting responsibility for, nor
relieving the bidder of responsibility for the performance of all provisions
and terms and conditions of this RFP, the Bank expects the bidder to fulfill
all the terms and conditions of this RFP. The modifications, which are
accepted by the Bank, shall form a part of the final contract.
9.13.6. All terms and conditions, payments schedules, time frame for expected
service levels as per this tender will remain unchanged unless explicitly
communicated by the Bank in writing to the bidder. The Bank shall not be
responsible for any judgments made by the bidder with respect to any
aspect of the Service. The bidder shall at no point be entitled to excuse
themselves from any claims by the Bank whatsoever for their deviations
in confirming to the terms and conditions, payments schedules, expected
service levels etc. as mentioned in this tender document.
9.13.7. The Bank and the bidder covenants and represents to the other Party the
following:
9.13.7.1. It is duly incorporated, validly existing and in good standing under

as per the laws of the state in which such Party is incorporated.
9.13.7.2. It has the corporate power and authority to enter into Agreements
and perform its obligations there under. The execution, delivery and
P a g e 31 | 136
Vault Solution
performance of terms and conditions under Agreements by such

Party and the performance of its obligations there under are duly
authorized and approved by all necessary action and no other action
on the part of such Party is necessary to authorize the execution,
delivery and performance under an Agreement.
9.13.7.3. The execution, delivery and performance under an Agreement by

such Party:
9.13.7.3.1. Will not violate or contravene any provision of its documents

of incorporation;
9.13.7.3.2. Will not violate or contravene any law, statute, rule,

regulation, licensing requirement, order, writ, injunction or
decree of any court, governmental instrumentality or other
regulatory, governmental or public body, agency or authority
by which it is bound or by which any of its properties or assets
are bound;
9.13.7.3.3. Except to the extent that the same have been duly and
properly completed or obtained, will not require any filing
with, or permit, consent or approval of or license from, or the
giving of any notice to, any court, governmental
instrumentality or other regulatory, governmental or public
body, agency or authority, joint venture party, or any other
entity or person whatsoever;
9.13.8. To the best of its knowledge, after reasonable investigation, no

representation or warranty by such Party in this Agreement, and no
document furnished or to be furnished to the other Party to this
Agreement, or in connection herewith or with the transactions
contemplated hereby, contains or will contain any untrue or misleading
statement or omits or will omit any fact necessary to make the
statements contained herein or therein, in light of the circumstances
under which made, not misleading. There have been no events or
transactions, or facts or information which has come to, or upon
reasonable diligence, should have come to the attention of such Party and
P a g e 32 | 136
Vault Solution
which have not been disclosed herein or in a schedule hereto, having a

direct impact on the transactions contemplated hereunder.
9.13.9. The Bank would not assume any expenses incurred by the bidder in
preparation of the response to this RFP and also would not return the bid
documents to the Bidders.
9.13.10. The Bank will not bear any costs incurred by the bidder for any
discussion, presentation, demonstrations etc. on proposals or proposed
contract or for any work performed in connection therewith.
9.13.11. This tender document may undergo change by either additions or

deletions or modifications before the last date and time of submission
by the Bank. The Bank also reserves the right to change any terms and
conditions including eligibility criteria of the tender document and its
subsequent addendums as it deems necessary at its sole discretion. The
addendums, if any, shall be published on Bank’s website only.
9.13.12. The Bank reserves the right to extend the dates for submission of
responses to this document.
9.13.13. Bidders shall have the opportunity to clarify doubts pertaining to the
tender document, prior to finalizing their responses. All responses to be
submitted as per Bid query format in Annexure N. Responses to inquiries
and any other corrections and amendments will be published on Bank’s
website in the form of corrigendum to tender document. The bidder, who
posed the question, will remain anonymous.
9.13.14. Preliminary Scrutiny – The Bank will scrutinize the offers to determine
whether they are complete, whether any errors have been made in the
offer, whether required technical documentation has been furnished,
whether the documents have been properly signed, and whether items
are quoted as per the schedule. The Bank may, at its discretion, waive
any minor non-conformity or any minor deficiency in an offer. This shall
be binding on all bidders and the Bank reserves the right for such
waivers and the Bank’s decision in the matter will befinal.
P a g e 33 | 136
Vault Solution
9.13.15. No Commitment to Accept Lowest bid or Any Tender – The Bank shall
be under no obligation to accept the lowest price bid or any other offer
received in response to this Tender notice and shall be entitled to reject
any or all offers including those received late or incomplete offers
without assigning any reason whatsoever. The Bank reserves the right
to make any changes in the terms and conditions of purchase. The Bank
will not be obliged to meet and have discussions with any Bidder, and /
or to listen to any representations unless there is change in the terms
and conditions of purchase.
9.13.16. Erasures or Alterations – The offers containing erasures or alterations

will not be considered. There should be no hand-written material,
corrections or alterations in the offer. Technical details must be
completely filled up. Correct technical information of the product being
offered must be filled in. Filling up of the information using terms such
as “OK”, “accepted”, “noted”, “as given in brochure/manual” is not
acceptable. The Bank may treat the offers not adhering to these
guidelines as unacceptable.
9.13.17. If the Bank is not satisfied with the technical specifications as specified
in the tender document and observes major deviations, the technical
bids of such bidders will not be short-listed for further evaluation. No
further discussions shall be entertained with such bidders in respect of
the subject technical bid.
9.13.18. There will be an acceptance test by the Bank or its nominated

consultants after implementation of the solution. In case of discrepancy
in solution implemented, the Bank reserves the right to cancel the entire
purchase contract and the bidder should take back their deliverables at
their costs and risks. The test will be arranged by the bidder at the sites
in the presence of the officials of the Bank and/ or its consultants.
9.13.19. Undertaking on Information Security (Annexure P) - The Bidder should

furnish a letter both from the Original Solution Developer / Original
Equipment Manufacturer (wherever applicable) and also from the
Bidder’s end providing an undertaking on Information Security of
P a g e 34 | 136
Vault Solution
Authenticity and also the solution supplied. This undertaking from OSD/
OEM and the bidder is on Information security as per regulatory requirement.
9.13.20. The Bidder shall solely be responsible for all payments (including any
statutory payments) to its employees and shall ensure that at no time
shall its employees, personnel or agents hold themselves out as
employees or agents of the Bank, nor seek to be treated as employees
of the Bank for any purpose, including claims of entitlement to fringe
benefits provided by the Bank, or for any kind of income or benefits. The
Bidder alone shall file all applicable tax returns for all of its personnel
assigned hereunder in a manner consistent with its status as an
independent contractor of services; and the Bidder will make all
required payments and deposits of taxes in a timely manner.
9.13.21. The price payable to the Bidder shall be inclusive of carrying out any
modifications / changes / upgrades to the application and other
software that is required to be made in order to comply with any
statutory or regulatory requirements or any industry-wide changes
arising during the subsistence of the contract/ agreement, and the Bank
shall not pay any additional cost for the same. The Bidder needs to
provide with the details about all such items considered in the RFP.
9.14. Award of contract

On completion of evaluation of commercial bids, Bank will determine the L1
bidder and contract will be awarded to lowest bidder after reverse auction
process as per Annexure L.
9.15. Price Composition
9.15.1. The price quoted should be inclusive of Cost of deliverables, Enterprise

License, installation, customization, resource cost, maintenance and
support of Software & Hardware for Implementation of Aadhaar Data Vault
Solution.
9.15.2. TCO is for five years including one year warranty, four years ATS from
the date of go-live for software components and three years warranty,
two years AMC for hardware components.
P a g e 35 | 136
Vault Solution
9.15.3. The commercial bid should be quoted in the indicative commercial bid
as per Annexure F (A) attached to this bid.
9.15.4. Bank will not pay any Labour charges for transportation, Lodging, Road
Permit, incidental services, installation & commissioning separately. All
such costs, if any, should be absorbed in the TCO.
9.15.5. The prices should be firm and not dependent on any variable factors and
expressed in Indian Rupees.
9.15.6. The Total cost should be exclusive of all applicable taxes and duties, GST
(SGST, CGST & IGST) and will be payable in actual on the date of
invoicing.
If the cost for any line item is indicated as zero/nil/blank then it will be assumed by
the Bank that the said item is provided to the Bank without any cost.
10. Taxes and Duties

The Bidder shall solely be responsible for all payments (including any statutory
payments) to its employees and shall ensure that at no time shall its employees,
personnel or agents hold themselves out as employees or agents of the Bank, nor seek
to be treated as employees of the Bank for any purpose, including claims of
entitlement to fringe benefits provided by the Bank, or for any kind of income or
benefits. The Bidder alone shall file all applicable tax returns for all of its personnel
assigned hereunder in a manner consistent with its status as an independent
contractor of services; and the Bidder will make all required payments and deposits
of taxes in a timely manner.
The Bidder shall be liable to pay all applicable corporate taxes and income tax that
shall be levied according to the laws and regulations applicable from time to time in
India.
Wherever the laws and regulations require deduction of such taxes at the source of
payment, Purchaser shall effect such deductions from the payment due to the Bidder.
P a g e 36 | 136
Vault Solution
The remittance of amounts so deducted and issuance of certificate for such

deductions shall be made by Purchaser as per the laws and regulations in force.
Nothing in the Contract shall relieve the Bidder from his responsibility to pay any
tax that may be levied in India on income and profits made by the Bidder in respect of
this Contract.
11. Onsite development, support & maintenance Resource

11.1. The bidder has to provide onsite technical resource as desired by bank for a
period of five years. Bank reserves the right to engage one or more number of
onsite technical resources as per Bank’s requirement at the cost discovered and
purchase order will be issued based on the requirement of the Bank.
11.2. During the assignment substitution of resources shall not be allowed unless
such substitution becomes unavoidable to overcome the undue delay or that
such changes are critical to meet obligation. In such circumstances vendor can
do so only with the concurrence of the bank by giving sufficient intimation /
notice and by providing alternate staff of equivalent/higher competency. If
bank is not satisfied with substitution, bank reserve the right to terminate the
onsite contract and recover whatever payments made by the bank to the
vendor during the course of the assignment besides claiming an amount, equal
to onsite contract value as liquidated damages.
11.3. Bank may take additional resource/s as per frozen price through this tender
process.
11.4. The technical resources should be competent to handle/ develop/ Integrate/

Implement/ Test/ Go Live with the Apps on the proposed platform within
Bank’s stipulated time. Onsite resources are expected to perform development,
testing, UAT, User management, preparation of test cases, support, monitoring,
certification, implementation, reporting, coordination with banks team/s, Audit
compliance, IT industry best practices/VAPT closures, vulnerability assessment
, any other statutory compliance, Patch Installation, fixes, analytics, fraud
risk/rule management & monitoring, day to day MIS reports, Regulatory
reports, conducting DR Drill, Database support, backup/restore, online
replication with zero lag and post Go-live support. These activities are
illustrative and the details will be shared with successful bidder. Bank reserves
P a g e 37 | 136
Vault Solution
the right to claim change in resource based on the performance of the

resources.
11.5. Implementation team of the bidder should be well versed with the product
features and functionalities available in the product. All the available
functionalities should be properly demonstrated to the Bank’s team and
configured in such a manner so as to ensure optimal utilization of all the
available product features.
11.6. Detailed process documentation, SOP (Standard operating procedure) and

management of solution should be created and submitted before project
signoff.
11.7. The onsite resources must have degree and with minimum 1 year experience
for L1 Support and 3 Years’ experience for L2 support on the solution/product
provided to Bank under this RFP.
11.8. Selected bidder is expected to deploy academically good, technically sound and
competent personnel to ensure smooth operations at Bank’s site. The deputed
personnel will be employed by the selected bidder on their payrolls/contracts
without having any employment right with the bank. Moreover, deployed
personnel will not have any right whatsoever to lodge claim of any nature
directly or indirectly with the bank and it would be responsibility of selected
bidder to address such issues without involving the bank. The deputed persons
have to maintain the utmost secrecy & confidentiality of the Bank’s data
including process performed at the Bank premises. At any time, if it comes to
the notice of the bank that data has been compromised/ disclosed/ misused/
misappropriated then bank would take suitable action as deemed fit and
selected vendor would be required to compensate the bank to the fullest extent
of loss incurred by the bank. Bidder is expected to adhere Bank’s request for
removal of any personnel, if bank notices any negligence/gross
misconduct/violation of trade secret/disclosure of Bank’s data to third party
and any decision of the bank in this regard would be final and binding upon the
selected vendor.
11.9. Bidder has to agree and provide undertaking not to disclose any Bank
information and will maintain confidentiality of Bank information as per policy
P a g e 38 | 136
Vault Solution
of the Bank and will sign “Non Disclosure Agreement” document provided in
Annexure – M.
11.10. The Bidder also has to agree and submit an undertaking that during the
subsistence of this agreement it will not employ any personnel/individual
below the Minimum Wages fixed by appropriate Government on this behalf
from time to time, as per the provision of Minimum Wages Act 1948.
11.11. Minimum 2 Resources – 1 L1 Resource for 24 *7 and 1 L2 resource from 08:00 AM

to 10:00 PM should be available at Bank’s Corporate Office site on 7 Days a week
working basis. In addition, 1 L1 Resource should be available at Bank’s DC and DRC
site each for 24*7 Infra support on 7 days a week working basis. However, in case
of business requirements, vendor may be asked to depute the resources beyond
the above stipulated time. The timing may be changed at Bank’s discretion.
However, during the implementation phase, testing, planned activity and
emergency period, resources may have to work 24x7 depending upon the Bank
requirement. Payment will be released monthly basis in arrears against invoice
raised and after verification with attendance register maintained in Bank.
register maintained in Bank.
12. Rejection of Bid

The Bid is liable to be rejected if:
12.1. The document does not bear signature of authorized person in each page and duly
stamp.
12.2. It is received through Fax/E-mail/dropped in tender box.

12.3. Incomplete Bids, including non-submission or non-furnishing of requisite
documents / Conditional Bids / Bids not conforming to the terms and conditions
stipulated in this Request for proposal (RFP) are liable for rejection by the Bank.
12.4. It is evasive or contains incorrect information.

12.5. Any form of canvassing / lobbying /influence/ query regarding short listing, status
etc. will be a disqualification.
12.6. Bidder should comply with all the points mentioned in the scope of work.
Noncompliance of any point will lead to rejection of the bid.
P a g e 39 | 136
Vault Solution
12.7. Non submission of RFP cost, bid security/EMD and Integrity Pact signed by
authorized signatory in physical form.
13. Pre-Bid Meeting

For the purpose of clarifications of doubts of the bidders on issues related to
the RFP, Bank intends to hold a pre bid meeting on the date & time as indicated in
the RFP. It may be noted that no query of any bidder shall be entertained / received
after the mentioned date. Queries raised by the prospective bidders and the Bank’s
response will be available at Bank’s website. Only authorized representative of
bidder (maximum two) will be allowed to attend the Pre-bid meeting.
Non- attendance at the Pre-bid Meeting will not be a cause for disqualification of
a bidder.
Any modification of the RFP, which may become necessary as a result of the Pre-
bid Meeting, shall be made available by the Bank exclusively through the issue of
an Corrigendum on Bank’s website www.ippbonline.com, or government portal
www.eprocure.gov.in
14. RFP Response

All submissions will become the property of Bank. Recipients shall be deemed to
license, and grant all rights to, Bank to reproduce the whole or any portion of their
submission for the purpose of evaluation, to disclose the contents of the
submission to other Recipients who have registered a submission and to disclose
and/or use the contents of the submission as the basis for any resulting RFP
process, notwithstanding any copyright or other intellectual property right that
may subsist in the submission or Banking documents. Bid properly documented
should be submitted by uploading at https://eprocure.gov.in on or before
stipulated date & time mentioned in the RFP.
15. Modification and Withdrawals of Bid

No bid can be modified or withdrawn by the bidder subsequent to the last date
and time for submission of bids. In the event of withdrawal of the bid by bidders,
the EMD will not be refunded by the Bank.
P a g e 40 | 136
Vault Solution
16. Liquidated Damage (LD)

If Successful bidder fails to deliver any or all of the Service(s) / Systems or perform the
Services within the time period(s) specified in the RFP/Contract / Agreement, Bank
shall, without prejudice to its other rights and remedies under and in accordance with
the RFP/Contract / Agreement, levy Liquidated Damages (LD) from payments due to
the Successful bidder.
For calculation of LD:
16.1. The contract price for calculation of LD is TCO excluding ATS charges and onsite
support charges.
16.2. Should be able to deliver hardware and implement the software solution within
16 weeks from the date of purchase order. For late delivery the LD clause would
be applicable @1 % of the value of purchase order exclusive of ATS and onsite
support charges per week or part thereof subject to a maximum of 10%. In case
of undue delay beyond a period of 15 days after attaining the maximum penalty
of 10% during implementation, Bank may consider termination of the contract or
purchase order.
16.3. Part of week will be considered as full week.

16.4. Bank will deduct the amount of liquidated damages from the payment due of the
same project from the Successful bidder. Bank may also withhold the amount to
be recovered from the payment due from other projects held by the same bidder.
16.5. Any such recovery or liquidated damages shall not in any way relieve the
Successful bidder from any of its obligations to complete the works / service(s) or
from any other obligations and liabilities under the Contract/Agreement/
Purchase Order.
16.6. Bank reserves the right to condone the delay, if it is not attributable to the
Successful bidder.
17. Warranty
17.1. All support & services required for implementation, customization, smooth
operation and maintenance of proposed Solution, as described in RFP, will
P a g e 41 | 136
Vault Solution
be the part of the project deliverables during the contract period (under
warranty or post warranty).
17.2. The warranty would be on-site and comprehensive in nature. Warranty will
start from the date of full go- live/implementation and will be valid for a
period of one year. The successful bidder shall provide maintenance and
support under warranty, without any extra cost. Warranty for software will start from
the date of final signoff (go-live) of the Bank. Bank will not pay any charges during
warranty period.
17.3. Any corruption in the software or media or any services shall be rectified
during the full period of the contract including warranty, if contracted, at no
extra cost to the Bank.
17.4. The executions of the service(s) herein is and shall be strictly in accordance
and in compliance with all Applicable Laws, as amended from time to time,
the regulatory framework governing the same and the Good Industry Practice.
It has all permissions, consents, approvals and license from all authorities,
regulatory /statutory and non-regulatory, for executing the Service(s).
17.5. The successful bidder warrants that Deliverables and the Services provided by
the successful bidder shall be as per the terms of this Agreement. The
successful bidder should guarantee that the software supplied to the Bank is
licensed and legally obtained and confirm information/cyber security.
Software must be supplied with their original and complete printed
documentation. The successful bidder shall be fully responsible for warranty
of all the system components in respect of proper design, quality, material
and workmanship of the software, accessories etc. covered by the offer.
18. Contract Period

The contract period for Implementation of required solution will be initially for a
period of 5 years support from the date of go-live/implementation with the selected
bidder including one-year warranty and 4 years Annual Technical Support post
warranty for software solution and 3 years warranty and 2 years Annual Maintenance
Contract post warranty for hardware/Server. However, if the Bank desires, it must be
P a g e 42 | 136
Vault Solution
agreeable to the selected bidder to provide Annual Technical Support for Application
software for the next two years after expiry of the contract period on mutually agreed
terms and will be renewed on yearly basis. Bank reserves the right to extend the
contract for further period of two years at mutually agreed terms.
The successful bidder shall execute (a) a Service Level Agreement (SLA), which
would include all the services and terms and conditions of the services to be
extended as detailed herein and any other conditions as may be prescribed by the
Bank; and (b) Non-disclosure Agreement (NDA). The bidder shall execute the SLA
and NDA within one month/within the date specified by bank , from the date of
issuance of purchase order. The contract shall be executed by the authorized
signatory of the bidder. A power of attorney to that effect shall be submitted by the
successful bidders as per Annexure S.
SLA will cover performance and availability of the solution deployed. The Bidder shall bear
entirely and exclusively all costs (whether in term of time or money) associated with the
preparation and submission of its Bid and the Bank will in no case be held responsible or
liable for these costs regardless of the conduct or outcome of the bid process including
but not limited to cancellation/ abandonment/annulment of the bidding process.
19. AMC/ATS
The successful bidder must undertake to provide support for the software for
minimum post warranty period of four (4) years and AMC of Hardware for a period
of 2 years after expiry of warranty period of 3 years.
Bidder should make available the spare parts for the systems for at least two years
after the expiry of warranty period. If any of the peripherals, components etc. are not
available or difficult to procure or if the procurement is likely to be delayed, the
replacement shall be carried out with equipment of equivalent capacity or higher
capacity at no additional charges to the Bank, during the currency of warranty period
and AMC.
The ATS charges shall be released to the vendor half-yearly subject to timely
submission of applicable documents like invoice, performance availability reports etc.
AMC charges shall be released to the vendor half-yearly in arrears subject to timely
submission of applicable documents like invoice, performance availability reports etc.
P a g e 43 | 136
Vault Solution
Any regulatory /statutory changes or updates or guidelines as required under the

directive of Government of India, Reserve Bank of India or any other
regulatory/statutory authority must be provided/ upgraded to the Bank free of cost
by Bidder during warranty or ATS tenure.
The Bank reserves the right to enter into Technical Support (ATS) with the selected
bidder for four years or more subject to renewal of every year.
The Bank reserves the right to terminate the ATS (if contracted) by giving Successful
Bidder, a prior and written notice of one month indicating its intention to terminate
the Contract, if the services rendered by the vendor(s) are not satisfactory. In that
case, the vendor(s) will refund the proportionate amount of ATS for the rest of the
period of the ATS, if any.
Not following all that is mentioned above, the Bank reserves the right to outsource
the software maintenance work to a third party or the bank may decide to perform
the same through its internal resources. Whatever the case may be (either third-
party maintenance or maintenance through internal resources), the vendor(s) shall
provide requisite maintenance training, technical know-how, and expert assistance
to the persons and/or agencies, duly authorized by the Bank for this purpose with no
extra cost to bank.
Any decision in this regard by the Bank shall be final, conclusive and binding on the
selected Bidder and shall not be questioned/ challenged by the selected Bidder.
The ATS charges per annum should be between 16 to 22% of the cost of software
components. In case the rate of ATS is not within the range of 16 to 22%, Bank
reserves the right to calculate the ATS charges at the rate of 22% of software
solution’s cost after the final cost derived through Reverse Auction.
The AMC charges per annum should be between 8 to 10% of the cost of hardware
equipment. In case the rate of AMC is not within the range of 8 to 10%, Bank reserves
the right to calculate the Maintenance charges at the rate of 10% of hardware
equipment's cost after the final cost derived through Reverse Auction.
20. Adherence of cyber security policy

Bidders are liable for not meeting the security standards or desired security aspects
of all the ICT resources as per Bank’s IT/Information Security / Cyber Security Policy.
P a g e 44 | 136
Vault Solution
The IT /Information Security/ Cyber Security Policy will be shared with successful
bidder. Bidders should ensure Data Security and protection of facilities/application
managed by them.
The deputed persons should aware about Bank’s IT/IS/Cyber security policy andhave
to maintain the utmost secrecy & confidentiality of the Bank’s data including process
performed at the Bank premises. At any time, if it comes to the notice of the bank
that data has been compromised/disclosed/misused/misappropriated then bank
would take suitable action as deemed fit and selected vendor would be required to
compensate the bank to the fullest extent of loss incurred by the bank.
Bidder has to agree and provide undertaking not to disclose any Bank information
and will maintain confidentiality of Bank information as per policy of the Bank and
will sign “Non-Disclosure Agreement” document provided by Bank.
The legal and regulatory requirements, including data protection, intellectual

property rights, copy right, all the relevant regulations for sub-contracting; including
the controls that need to be implemented shall be included in the supplier
agreement.
All information resources (online/in-person) of the vendors and its partners shall be
made accessible to Reserve Bank of India as and when sought.
Credentials of vendor/third party personnel accessing and managing the Bank’s

critical assets shall be maintained and shall be accordance with Bank’s policy.
The Bank shall evaluate, assess, approve, review, control and monitor the risks and
materiality of vendor/outsourcing activities and bidder shall ensure to support
baseline system security configuration standards. The Bank shall also conduct
effective due diligence, oversight and management of third party vendors/service
providers & partners.
Vendor criticality assessment shall be conducted for all partners & vendors.
Appropriate management and assurance on security risks in outsources and partner
arrangements shall be ensured.
21. Patent Rights
P a g e 45 | 136
Vault Solution
In the event of any claim asserted by a third party of infringement of copyright,

patent, trademark, industrial design rights, etc. arising from the use of the
procurement of this RFP or any part/component thereof in India, the supplier shall
act expeditiously to extinguish such claim. If the Supplier fails to comply and the
Bank is required to pay compensation to a third party resulting from such
infringement, the supplier shall be responsible for the compensation including all
expenses, court costs and lawyer fees. Bank will give notice to the supplier of such
claim, if it is made, without any delay.
22. Price Validity

Prices payable to the successful bidder as stated in the Contract shall be firm and
not subject to any changes at any circumstances during the contract period of five
years. The Total cost should be exclusive of all applicable taxes, GST (SGST, CGST
& IGST) and will be payable in actual on the date of invoicing.
23. Payment Terms

23.1. The terms of payment will be as follows:
a. No advance payment against purchase order.
b. Payment will be made on the following basis:
Sr. Project Milestones Hardware Hardware Aadhaar Vault

No & & solution
implementation
System System
Cost
Software Software
cost (DC) cost (DR)
1 Delivery of Hardware, Software &

Other infrastructure components
50% - -
(after due inspection) at DC location
2 Installation of Hardware,Software
20% - -
& Other infrastructure components
3 UAT sign off for Aadhaar Vault - - 30%
Solution
P a g e 46 | 136
Vault Solution
4 Implementation of Aadhaar Vault

15% - 40%
Solution at DC and GO Live
5 Delivery of Hardware, Software &

Other infrastructure components
- 50% -
(after due inspection) at DR Site
6 Installation of Hardware, Software
& Other infrastructure components
- 20% -
and Successful Implementation of
Aadhaar Vault solution at DR Site
7 After submission of BG * 15% 15% 15%
8 Successful DR Drill of Aadhaar Vault - 15% 15%

solution and after submission of BG
TOTAL 100% 100% 100%
Note: Bidder has to submit Performance Bank Guarantee (BG) for 15% of order value (excluding on site
support & AMC/ATS amount) valid till contract period of five years 3 months (the format of BG will be
given by the Bank) from the date of go-live. In case of non submission of BG Bank will withhold 15% of
order value till contract period of five years.
23.2. TDS on payments will be deducted as applicable.

23.3. All the payments will be made to bidder electronically in Indian Rupees only.
Payment will be made against delivery invoices and challans duly
acknowledged by Bank officials.
23.4. Bank will make this payment on site-by-site basis (i.e. Primary Site and DR Site)
against installation reports of each site.
23.5. AMC for hardware will be paid on half-yearly basis in arrears against
submission of invoices. ATS for software will be paid on half-yearly basis
against submission of invoices. Onsite resources charges will be paid monthly
in arrears.
P a g e 47 | 136
Vault Solution
23.6. Payment to onsite resources will be released monthly in arrears whenever

deployed by bank as per requirement of bank.
23.7. The Bidder’s request(s) for payment shall be made to Bank in writing (Invoice)
accompanied by the daily/weekly/monthly reports for which payment is
being claimed.
23.8. All the payments to the Bidder shall be subject to the report of satisfactory
accomplishment of the concerned task / performance/ delivery of the Services
to the satisfaction of Bank for this purpose.
23.9. Penalties if any, on account of non-compliance of Service Requirements/

liquidated damages, if any, shall be deducted from the invoice value/ EMD
amount.
23.10. Under no circumstances Bank shall be liable to the Successful Bidder and/or
its employees/personnel/representatives/agent etc. for direct, indirect,
incidental, consequential, special or exemplary damages arising from
termination of the Contract.
23.11. Bank shall not have any liability whatsoever in case of any third party claims,
demands, suit, actions or other proceedings against the Successful Bidder or
any other person engaged by the Successful Bidder in the course of
performance of the Service.
23.12. Bank reserves the rights to dispute/deduct payment/withhold

payments/further payment due to the Successful Bidder under the Contract,
if the Successful Bidder has not performed or rendered the Services in
accordance with the provisions of the Contract which the Bank at its sole
discretion adjudge.
23.13. Successful Bidder shall permit Bank to hold or deduct the amount from
invoices, for non-performance or part performance or failure to discharge
obligations under the Contract.
23.14. It is clarified that any payments of the charges made to and received by
Successful Bidder personnel shall be considered as a full discharge of Bank’s
obligations for payment under the Agreement.
P a g e 48 | 136
Vault Solution
23.15. All out of pocket expenses, travelling, boarding and lodging expenses for the
entire Term of this RFP and subsequent agreement is included in the amounts
quoted in TCO and the Bidder shall not be entitled to charge any additional
costs on account of any items or services or by way of any out of pocket
expenses, including travel, boarding and lodging.
23.16. Penalties / liquidated damages, if any, shall be deducted from the invoice
value.
P a g e 49 | 136
Vault Solution
24. Authorized Signatory

The selected bidder shall indicate the authorized signatories who can discuss and
correspond with the BANK, with regard to the obligations under the contract. The
selected bidder shall submit at the time of signing the contract a certified copy of the
resolution of their board, authenticated by the company secretary, authorizing an
official or officials of the bidder to discuss, sign agreements/contracts with the BANK,
raise invoice and accept payments and also to correspond. The bidder shall provide
proof of signature identification for the above purposes as required by the BANK.
25. Limitation of liability

Vendor’s aggregate liability for actual direct damages shall be limited to amaximum
of the Contract Value, provided that this limit shall not apply to following:
25.1. The infringement indemnity; or

25.2. Bodily injury (including death) and damage to real property and tangible
personal property caused by Vendor’s negligence
25.3. Financial loss due to delay in service/delivery or claim for damages due to
breach of contract.
25.4. Due to any wrong coding / breach of system / bugs in customization/configuration

/ development /testing & lapses in support, the selected bidder is liable to pay the
financial losses incurred to the Bank.
For the purposes of this Section, “Contract Value” at any given point in time,
means the aggregate value of purchase orders placed by Bank on the Vendor
under this project.
26. Confidentiality
The bidder must undertake that they shall hold in trust any Information received
by them, under the Contract/Agreement, and the strictest of confidence shall be
maintained in respect of such Information. The bidder has also to agree:
26.1. To maintain and use the Information only for the purposes of the
Contract/Agreement and only as permitted by the BANK;
P a g e 50 | 136
Vault Solution
26.2. To only make copies as specifically authorized by the prior written consent
of the Bank and with the same confidential or proprietary notices as may be
printed or displayed on the original;
26.3. To restrict access and disclosure of Information to such of their employees,

agents, strictly on a "need to know" basis, to maintain confidentiality of the
Information disclosed to them in accordance with this Clause and
26.4. To treat all Information as Confidential Information.
26.5. The Selected Bidder shall be required to sign a Non Disclosure Agreement
(NDA) with Bank as per prescribed format provided in Annexure M within
thirty days of issuing the order/letter of intent.
27. Indemnity
27.1. Bidder on submission of proposal indemnifies to protect and save the Bank
and hold the Bank harmless from and against all claims, losses, costs,
damages, expenses, action suits and other proceedings, (including reasonable
attorney fees), relating to or resulting directly or indirectly from
27.1.1. An act or omission of the Bidder, its employees, its agents, or employees
of the consortium in the performance of the services provided by this
contract,
27.1.2. Breach of any of the terms of this RFP or breach of any representation
or warranty by the Bidder,
27.1.3. Use of the deliverables and or services provided by the Bidder,
27.1.4. Infringement of any patent trademarks copyrights etc. or such other

statutory infringements in respect of all components provided to fulfill
the scope of this project. Bidder shall further indemnify the Bank against
any loss or damage to the Bank’s premises or property, Bank’s data,
direct financial loss, loss of life, etc., due to the acts of the Bidder's
employees or representatives. The Bidder shall further indemnify the
Bank against any loss or damage arising out of loss of data, claims of
infringement of third- party copyright, patents, or other intellectual
property, and third-party claims on the Bank for malfunctioning of the
P a g e 51 | 136
Vault Solution
equipment or software or deliverables at all points of time, provided

however,
27.1.4.1. The Bank notifies the bidder in writing in a reasonable time frame on
being aware of such claim,
27.1.4.2. The Bidder has sole control of defense and all related settlement
negotiations,
27.1.4.3. The Bank provides the Bidder with the assistance, information and
authority as it deems fit to perform the above.
27.2. It is clarified that the bidder shall in no event enter into a settlement,
compromise or makes any statement (including failure to take appropriate
steps) that may be detrimental to the Bank’s (and/or its customers, users and
service providers) rights, interest and reputation.
27.3. Bidder shall solely be responsible for any loss of data, loss of life, etc., due to
acts of Bidder's representatives, and not just arising out of gross negligence or
misconduct, etc., as such liabilities pose significant risk.
27.4. Bidder should take full responsibility for its and its employee's actions and
there is no employer employee relationship between bank and the bidder/or
his employees/representatives. Further, since the Bank’s data could be
integrated / used under Bidder provided software, the Bidder should be
responsible for loss/compromise or damage to Bank’s data and for causing
reputation risk to bank.
27.5. The bidders should indemnify the Bank (including its employees, directors or
representatives) from and against claims, losses, liabilities, penalties, fines
and suits arising from:
27.5.1. Non-compliance of the bidder with Laws/Governmental/regulatory

Requirements
27.5.2. IP infringement under any laws including Copyrights Act 1957 & IT Act
2000 and such other statutory acts and amendments thereto and
violation of Cyber Laws.
27.5.3. Negligence and misconduct of the Bidder, its employees, and agents.
P a g e 52 | 136
Vault Solution
27.5.4. Breach of any terms of RFP, Representation or Warranty.

27.5.5. Act or omission in performance of service.
27.5.6. Loss of data due to any of the reasons mentioned above.
27.5.7. Loss of reputation /financial loss to bank arising from the breach of
contract by the bidder.
27.6. In the event that the Bank is called as a defendant for IPR infringement of
patent, trademark or industrial design rights arising from use of any of the
components of the supplied solution, the Bidder on its own expense will
undertake to defend the Bank.
27.7. It will be the Bidder's responsibility to rapidly do away with such third-party
claims. The Bidder will also pay any compensation arising from the
infringement claims and the Bank will in no manner be responsible for such
payments. In addition, the Bidder will bear all the related expenses and legal
fees.
27.8. On its part, the Bank will immediately relay to the Bidder any such claims and
offer assistance within reasonable limits to rid the claim.
27.9. The Bidder must undertake to indemnify that all the components
delivered are free of defects, are brand new and original. If at some stage it is
discovered that the components do not meet these criteria, the Bank has the
right to cancel the order and the Bidder will have to refund the total amount
received from the Bank along with the interest and separate penalties. Similar
conditions apply to software; as well the system software must be licensed
and original.
28. Intellectual Property Rights

The Bidde r claims and represents that it has obtained appropriate rights to
provide the Deliverables and Services upon the terms and conditions contained in
this RFP.
28.1. The Bidder shall be responsible at its own cost for obtaining all necessary
authorizations and consents from third party licensors of Software used by
Bidder in performing its obligations under this Project.
P a g e 53 | 136
Vault Solution
28.2. If a third party's claim endangers or disrupts the Bank’s use of theDeliverables,
the Bidder shall at no further expense, charge, fee or cost to the Bank, (i) obtain
a license so that the Bank may continue use of the Deliverables in accordance
with the terms of this RFP.
28.3. Bidder shall indemnify and keep fully and effectively indemnified the Bank
from all legal actions, claims, or damages from third parties arising out of use
of software, designs or processes used by Bidder or in respect of any other
services rendered under this RFP.
29. Non-Transferable Offer

This Request for Proposal (RFP) is not transferable. Only the bidder who has
submitted the bid will be eligible for participation in the evaluation process
30. Normalization of Bids

If required, Bank may go through a process of technical evaluation and
normalization of the bids to the extent possible and feasible to ensure that,
shortlisted bidders are more or less on the same technical ground. After the
normalization process, if the Bank feels that, any of the Bids needs to be
normalized and that such normalization has a bearing on the commercial bids; the
Bank may at its discretion ask all the technically shortlisted bidders to re-submit
the technical and commercial bids once again for scrutiny. The resubmissions can
be requested by the Bank in the following two manners:
- Incremental bid submission in part of the requested clarification by

the bank or
- Revised submissions of the entire bid in the whole.
The Bank can repeat this normalization process at every stage of bid submission
till Bank is satisfied. The shortlisted bidders agree that, they have no reservation
or objection to the normalization process and all the technically shortlisted bidders
will, by responding to this RFP, agree to participate in the normalization process
and extend their co-operation to the Bank during this process. The shortlisted
bidders, by submitting the response to this RFP, agree to the process and condition
of the normalization process.
P a g e 54 | 136
Vault Solution
31. Responsibility for Completeness

Any supplies and services, which might not have been specifically mentioned in
this tender but, are necessary for the installation, Configuration, testing,
commissioning, performance or completeness of the order, shall be provided/
made available as per the time schedule for smooth and efficient operation and
maintenance of the system under Indian conditions.
The bidder shall be responsible for any discrepancies, errors and omissions in the
technical details submitted by him/them, irrespective of whether these have been
approved, reviewed or otherwise, accepted by the Bank or not. The Bidder shall
take all corrective measures arising out of discrepancies, errors and omissions in
drawing and other information as mentioned above within the time schedule and
without extra cost to the Bank.
32. Customization Process

The Successful bidder shall ensure that the software supplied meets all the
functional and performance requirements as given in the RFP. The successful
bidders shall submit individual time frames, within overall time frame stipulated
as per this RFP, required to change / modify / customize each part of the functional
requirements which needs such change / modification /customization.
Any customization done by the Successful bidder to provide the functionality

already available in the functional requirements of the RFP shall be at no extra cost
to the Bank, whatsoever.
In case of any additional functionality/new functionality in the software is

requested by the Bank subsequent to completion of contract, which are not part of
the functional requirements as given in the Contract document, the Bank shall
place such a request in writing giving the required details. The selected successful
bidder shall submit their commercial terms and shall carry out the desired change
on mutually agreed terms. The cost agreed shall be a lump sum amount which shall
include all expenses to be incurred for delivering such modifications / changes.
Any gaps identified during product demonstration, functional requirements

specifications study, system testing, user acceptance testing, and pilot
implementation should be included by the Successful bidder as Implementation
P a g e 55 | 136
Vault Solution
efforts. The Bank will not pay the Successful bidder any additional charges for all
such customizations. The Successful bidder shall take up all such functionality as
required by the Bank on a priority basis.
The Successful bidder shall provide all solutions, testing instruments, drivers,
consumables, etc. required to install and customize and test the software free of
any fees or charges or any expenses. The Successful bidder shall document and
submit to the Bank all the testing activities, procedures and results. The Successful
bidder shall provide the Bank weekly progress report on the bugs/problems
reported/ points taken up with schedule of date of reporting, date of resolving,
and status for all kind of bugs and problems as and when reported by the Bank.
33. Escrow Arrangement

33.1. Bidder has to agree to keep source code of proposed solution with approved /
recognized escrow agency under escrow arrangements mutually acceptable to the bank and
Bidder for entire project period. Cost of the escrow arrangement to be borne by Bidder.
Contract will be signed on mutually acceptable terms with bank and escrow agent.
33.2. The application software should mitigate Application Security Risks; at a

minimum those discussed in OWASP top 10 (Open Web Application Security
Project).
33.3. The Bank has right to Audit the Application / Source Code by suitable Security
Auditor.
33.4. The Bidder shall provide complete and legal documentation of all subsystems,
licensed operating systems, licensed system software, and licensed utility
software and other licensed software. The Bidder shall also provide licensed
software for all software products whether developed by it or acquired from
others. The Bidder shall also indemnify the Bank against any levies / penalties
on account of any default in this regard.
33.5. In case the Bidder is coming with software which is not its proprietary
software, then the Bidder must submit evidence to the satisfaction of Bank in
the form of agreement it has entered into with the software vendor which
includes support from the software vendor for the proposed software for the
full period required by the Bank.
P a g e 56 | 136
Vault Solution
34. Ownership and Retention of Documents

34.1. All information processed, stored, or transmitted by successful Bidder
application belongs to the Bank. By having the responsibility to maintain the
application, the Bidder does not acquire implicit access rights to the
information or rights to redistribute the information. The Bidder understands
that civil, criminal, or administrative penalties may apply for failure to protect
information appropriately. Any information considered sensitive by the bank
must be protected by the successful Bidder from unauthorized disclosure,
modification or access. The Bank’s decision will be final.
34.2. Types of sensitive information that will be found on Bank system’s which the
Bidder plans to support or have access to include, but are not limited to
Information subject to special statutory protection, legal actions, disciplinary
actions, complaints, IT security, pending cases, civil and criminal
investigations, etc.
34.3. The successful Bidder shall not publish or disclose in any manner, without the
Bank’s prior written consent, the details of any security safeguards designed,
developed, or implemented by the Bidder or existing at any of the Bank
location. The Bidder will have to develop procedures and implementation
plans to ensure that IT resources leaving the control of the assigned user (such
as being reassigned, removed for repair, replaced, or upgraded) are cleared of
all Bank data and sensitive application software.
35. Penalty
The Bidder shall perform its obligations under the agreement entered into with
the Bank, in a professional manner.
If any act or failure by the bidder under the agreement results in failure or
inoperability of systems and if the Bank has to take corrective actions to ensure
functionality of its property, the Bank reserves the right to impose penalty, which
may be equal to the cost it incurs or the loss it suffers for such failures.
If the Bidder fails to complete the due performance of the contract in accordance
with the specification and conditions of the offer document, the Bank reserves the
P a g e 57 | 136
Vault Solution
right either to cancel the order or to recover a suitable amount as deemed

reasonable as Penalty / Liquidated Damage for non- performance.
Any financial loss to the Bank on account of fraud taking place due to Successful
Bidder, its employee or their services provider’s negligence shall be recoverable
from the Successful Bidder along with damages if any with regard to the Bank’s
reputation and goodwill.
Bank may impose penalty to the extent of damage to its any equipment, if the damage was
due to the actions directly attributable to the staff of the Bidder.
36. Service Level Agreement & Penalties

36.1. Bidder shall be bound by the Service Levels described in this document.
36.2. The Bidder shall have to enter into “Service Levels Agreement” with Bank
covering all terms and conditions of this tender while providing the service
support and onsite support. Once go live of application, Aadhaar Data Vault
Solutions should be available on 24x7 basis and hence any technical problem
should be resolved as per the response Time Matrix given below :-
Sr.No Severity Severity Description Support for Response Resolution

Software solution Time Time
1 Severity 1 If the call is pertaining to production and Within 30 Within 2 Hrs
there is complete disruption of services Min of call of call
resulting in non-functioning of business/ reported. reported.
application operations. The operation is
mission critical due to major disruption
of business continuity.
2 Severity 2 The issue is severe in nature but Within30 Within 3 Hrs

services are available with restricted Min of call of call
operations and some manageable reported. reported.
workarounds.
3 Severity 3 Minor loss of service and the impact of Within 1 Within 4 Hrs
the issue could be minor in nature which hour of call of call
may require some workaround to bring reported. reported.
the normal functioning.
P a g e 58 | 136
Vault Solution
Bidder should response and resolve issue within prescribed time frame based on the severity description
mentioned above and needs to strictly adhere to Server Level Agreement (SLA).
36.3. The Bank would expect the bidder to commit to the service level assurances.
The Bidder shall commit to maintain uptime of 99.95% and above per month.
36.4. The SLA will be reviewed on a monthly basis. Penalties will be applicable due
to downtime of software application and hardware.
36.5. The bidder shall guarantee 99.95% uptime. The Bidder shall be liable for
penalties for uptime maintained below 99.95% in a month. Penalties for
downtime of the application will be as per below mentioned table:
Uptime (U) per Month Penalty Charges
U >=99.95 No Penalty
99.50<=U< 99.95 0.1 % of (A+B)
99.00<=U< 99.50 0.2 % of (A+B)
98.50<=U< 99.00 0.3 % of (A+B)
98.00<=U< 98.50 0.4 % of (A+B)
And so on For every 0.5 % drop in the Uptime, Penalty
@ 0.1% of (A+B)
Max. Limit 10% of (A+B), beyond which Bank may
terminate the contract.
A – Hardware cost, B- Software cost
36.6. SLA will be monitored on Monthly basis. Penalty due to downtime, during
three years of warranty period will be deducted from any subsequent
payment to be made to the Vendor. Penalty due to downtime, during AMC
period will be deducted from AMC/ATS payment.
36.7. Downtime due to schedule activity and Bank issues will be exempted.
P a g e 59 | 136
Vault Solution
36.8. If the solution or any of its components behaves erroneously which results in
monetary or business loss to the Bank, then the entire amount of such loss
shall be recovered from the bidder on actual basis.
36.9. In case of absence of the FM engineer during the contract period, there will
be a penalty of Rs 1000/- per day besides deducting prorate charges from
agreed FM charges.
37. Documents and Manuals

Two set of manual with screen shot and Frequent Asked Question (FAQ) to be
provided with each supplied item/product in soft and hard copy.
38. Audit
The Bidder shall at all times whenever required furnish all information, records,
data stored in whatsoever form to internal, external, Bank appointed and
statutory/RBI inspecting auditors and extend full cooperation in carrying out of
such inspection. The Bidder will also undertake to co- operate with the RBI to carry
out its supervisory functions and objectives and will furnish all records and other
information as RBI may call for to carry our inspection and/or other functions. The
Bidder is required to facilitate the same at no additional cost and shall provide
uninterrupted access to the documents required by the auditors. Further the
Bidder has to ensure rectification of all the irregularities thus pointed out by the
auditor within a given time frame.
The Bank has right to audit the Application /Source Code by the suitable Security
Auditor.
The bidder has to ensure compliance of Information Security according to policy of

the Bank and mitigate the risk, if any, within the stipulated time without any
additional cost to Bank.
In line of above, the selected bidder shall ensure that all regulatory, Statutory,
Local Administration requirements are adhered to subsequently while
undertaking deliverable and services over the period of contract without any
additional cost to Bank.
P a g e 60 | 136
Vault Solution
Compliance with security best practices may be monitored by periodic

computer/information security audit performed by or on behalf of the Bank. The
periodicity of these audits will be decided at the discretion of the Bank. These audit
plan to include, but are not limited to, a review of: access and authorization
procedures, physical security controls, input/output controls, DB controls, backup
and recovery procedures, network security controls and program change controls.
To the extent that the Bank deems it necessary to carry out a program of
inspection and audit to safeguard against threats and hazards to the
confidentiality, integrity, and availability of data, the Bidder shall afford the Bank’s
representative access to the Bidder’s facilities, installations, technical resources,
operations, documentation, records, databases and personnel. The Bidder must
provide the Bank access to various monitoring and performance measurement
system (both manual and automated). The Bank has the right to get the monitoring
and performance measurement systems (both manual and automated) audited
without prior approval / notice to the bidder.
39. Force Majeure

Force Majeure is herein defined as any cause, which is beyond the control of the
selected Bidder or the Bank as the case may be which they could not foresee or
with a reasonable amount of diligence could not have foreseen and which
substantially affect the performance of the Contract, such as:
39.1. Natural phenomena, including but not limited to floods, droughts, earthquakes,
epidemics,
39.2. Acts of any Government, including but not limited to war, declared or
undeclared, priorities, quarantines, embargoes,
39.3. Terrorist attacks, public unrest in work area;

Provided either party shall within ten (10) days from the occurrence of such a
cause notify the other in writing of such causes. The Bidder or the Bank shall not
be liable for delay in performing his/her obligations resulting from any Force
Majeure cause as referred to and/or defined above.
40. Exit Clause

P a g e 61 | 136
Vault Solution
The Bank reserves the right to cancel the contract in the event of happening one
or more of the following conditions:
40.1. Failure of the successful bidder to accept the contract and furnish the
Performance Bank Guarantee equivalent to 15% of the project cost within 30
days from receipt of purchase contract.
40.2. Delay in delivery beyond the specified period.

40.3. Delay in completing implementation/customization and acceptance tests/
checks beyond the specified periods;
40.4. Serious discrepancy in functionality to be provided or the performance levels

which have an impact on the functioning of the solution.
40.5. Reputation/financial loss to bank

In addition to the cancellation of contract, Bank reserves the right to appropriate the
damages through encashment of Bid Security /Performance Guarantee given by the
Bidder. Bank reserves right to exit at any time after giving notice period of one month
during the contract period.
41. Termination of Contract

If the Termination is on account of failure of the successful bidder to perform any
of the obligations under this RFP contract, the Bank shall have the right to invoke
the Performance Bank Guarantee(s) given by the selected bidder.
The Bank will be entitled to terminate this Contract, without any cost to the Bank
and recover expenditure incurred by Bank, on the happening of any one or more
of the following:
41.1. The selected bidder commits a breach of any of the terms and conditions of the
bid.
41.2. The Successful bidder goes into liquidation voluntarily or otherwise.

41.3. An attachment is levied or continues to be levied for a period of 7 days upon
effects of the Agreement.
P a g e 62 | 136
Vault Solution
41.4. The progress regarding the execution of the order accepted by the selected
bidder is found to be unsatisfactory or delay in execution of the contract, the Bank
reserves the right to get the balance contract executed by the another party of its
choice by giving one month’s notice for the same. In this event, theselected bidder
is bound to make good the additional expenditure, which Bank may have to incur
in executing the balance contract. This clause is applicable, if for any reason, the
contract is cancelled.
41.5. If deductions on account of liquidated damages exceeds more than 10%.

41.6. Non-satisfactory performance of the selected bidder during implementation
and operation.
41.7. An act of omission by the Bidder, its employees, its agents, or employees of
the consortium in the performance of the services provided by this contract.
41.8. Failure to integrate/implement the Project as per the requirements of the

Bank as stated in this RFP.
41.9. Material discrepancies in the Deliverables and Services noted in the

implementation of the Project. Bank reserves the right to procure the same or
similar product from the alternate sources at the risk, cost and responsibility of the
selected bidder.
41.10. Selected bidder is found to be indulging in frauds.

41.11. The Bank suffers a reputation loss on account of any activity of Successful
bidder.
41.12. In the event of sub contract or assignment contrary to the terms of agreement
and without Bank’s permission.
42. Arbitration
1. All disputes or differences arising out of or in connection with the present Agreement
including the one connected with the validity of the present Agreement or any part
thereof, should be settled by bilateral discussions.
2. Any dispute, disagreement of question arising out of or relating to the Agreement
or relating to construction or performance (except as to any matter the decision or
determination whereof is provided for by these conditions), which cannot be settled
P a g e 63 | 136
Vault Solution
amicably, shall within sixty (60) days or such longer period as may be mutually agreed
upon, from the date on which either party informs the other in writing by a notice that
such dispute, disagreement or question exists, will be referred to a sole Arbitrator as
acceptable to both the parties concerned.
3. Within sixty (60) days of the receipt of the said notice, an arbitrator shall be nominated
in writing by the authority agreed upon by the parties.
4. The sole Arbitrator shall have its seat in New Delhi or such other place in India as may be
mutually agreed to between the parties.
5. The arbitration proceedings shall be conducted under the Indian Arbitration and
Conciliation Act, 1996 and the award of such Arbitration Tribunal shall be enforceable in
Indian Courts only.
6. Each party shall bear its own cost of preparing and presenting its case. The cost of
arbitration including the fees and expenses shall be shared equally by the parties, unless
otherwise awarded by the sole arbitrator.
43. Jurisdiction
Notwithstanding anything contained herein above, in case of any dispute, claim
and legal action arising out of this RFP, the parties shall be subject to the
jurisdiction of courts at New Delhi, India only.
44. Submission of Bids

The bidders have to submit bid (all documents) through online submission as per
requirement of CPP portal website https://eprocure.gov.in. In addition to bid
online submission, Original DD/BG for Bid security/EMD & Integrity Pact (IP) must
be submitted physically in a sealed cover at the following address on or before
scheduled date and time.
The AGM -IT,
2nd Floor, Bhai Veer Singh Marg
New Delhi-110001
Bank may, at its discretion, extend this deadline for submission of bids by releasing
corrigendum to this tender document.
P a g e 64 | 136
Vault Solution
P a g e 65 | 136
Vault Solution
45. Annexure A – Letter of Acceptance

Date:
Letter to the bank on the bidder’s company letterhead
To:
The AGM -IT,
India Post Payments Bank,
Corporate Office,
2nd Floor Speed Post Center,
Bhai Veer Singh Marg, Gole Market,
New Delhi- 110001
Dear Sir,
Subject: Our bid for Request for Proposal (RFP) for Supply, Implementation and
Maintenance of Aadhaar Data Vault Solution at DC & DR.
With reference to the above subject, having examined and understood the instructions,
terms and conditions forming part of it, we hereby enclose our offer for the desired
solution as detailed in your above referred RFP.
We further confirm that the offer is in conformity with the terms and conditions as
mentioned in the RFP and all required information as mentioned is enclosed.
We also confirm that the offer shall remain valid for 180 days from the date of the offer.
We hereby undertake that supporting software supplied, if required will be licensed,
legally obtained and with latest version.
We understand that the Bank is not bound to accept the RFP either in part or in full and
that the Bank has right to reject the RFP in full or in part without assigning any reasons
whatsoever.
We understand that
P a g e 66 | 136
Vault Solution
a. You are not bound to accept the lowest or any bid received by you, and you may
reject all or any bid.
b. If our Bid for the above job is accepted, we undertake to enter into and execute
at our cost, when called upon by the purchaser to do so, a contract in the
prescribed form. Unless and until a formal contract is prepared and executed, this
bid together with your written acceptance thereof shall constitute a binding
contract between us.
c. If our bid is accepted, we are to be responsible for the due performance of the
contract.
d. You may accept or entrust the entire work to one Bidder or divide the work to
more than one Bidder without assigning any reason or giving any explanation
whatsoever.
e. Bidder means the bidder who is decided and declared so after examination of
commercial bids.
f. We enclose Demand Draft/Bank Guarantee for Rs./- (Rupees XXX Lac Only)
favoring India Post Payments Bank and payable at New Delhi, towards bid security,
details of the same is as under:
No. :
Date :
Name of Issuing Bank :
Dated at this _ day of 2018
We hereby declare that all the information & Statements made in this RFP are true and
accept that any misinterpretation contained in it may lead to our disqualification. We
agree to all terms & conditions of the RFP.
Yours faithfully,
P a g e 67 | 136
Vault Solution
Date: For
Signature
Name
Authorized Signatories
(Name & Designation, seal of the firm)
P a g e 68 | 136
Vault Solution
46. Annexure B - Bid Form
Ref No………………… Place: Date:
To:
The AGM -IT,
Corporate Office,
New Delhi- 110001
Dear Sir,
Having examined the Request for Proposal (RFP) Ref No. the
receipt of which is hereby duly acknowledged, we, the undersigned, offer to supply,
deliver, implement, customize and commission the various requirements in conformity
with the said RFP for the sum mentioned in the Price Bid or such other sums as may be
ascertained in accordance with the Schedule of Prices attached and made part of this Bid.
We undertake, if our Bid is accepted, to deliver the goods/ provide the services in
accordance with the Delivery Schedule / implementation schedule specified.
We agree to abide by this bid for a period of 180 days from the last date of submission of
Bid and shall remain binding upon us and may be accepted at any time before the
expiration of that period.
We further confirm that, in case we offer system and/or other software manufactured by
another company, such software operates effectively on the system offered by us and we
are willing to accept responsibility for its successful operations.
Until a formal contract is prepared and executed, this bid, together with your written
acceptance thereof and your Notification of Award, shall constitute a binding Contract
between us.
P a g e 69 | 136
Vault Solution
We undertake that, in competing for (and, if the award is made to us, in executing) the
above contract, we will strictly observe the laws against fraud and corruption in force in
India namely “Prevention of Corruption Act 1988”.
Commissions or gratuities, if any paid or to be paid by us to agents relating to this Bid,
and to contract execution if we are awarded the contract, are listed below:
Name & address of agent Amount & currency Purpose of commission or gratuity
*(If none, state none)
We understand that you are not bound to accept the lowest or any bid you may
receive.
Dated this........ Day of ............................. 2020
(Signature)
(In the capacity of)
Duly authorized to sign bid with seal for & on behalf of (Name & Address of the Bidder)
P a g e 70 | 136
Vault Solution
47. Annexure C - Bidder’s Profile Format
Serial
Parameters Response
No.
1 Name of the Firm/Company
2 Year of Incorporation in India
3 Names of the Partners/Directors

Name and Address of the Principal
4
Banker
Addresses of Firm/Company
5 a) Head Office
b) Local Office in Mumbai(if any)
Authorized Contact person
a) Name and Designation
6 b) Telephone number
c) E-mail ID.
Financial parameters
Annual Turnover Operating Profit
Business Results (last three years)
(Rs. in Crores) (EBITDA in Rs.)
2016-17
2017-18
7
2018-19
P a g e 71 | 136
Vault Solution
(Only company figures need to be (Mention the above amount in INR

mentioned. Not to include only)
group/subsidiary Company figures)
Bidder’s experience in
implementation of proposed
solution (in years)
8 a)Experience in India
b)Global Experience
Name of No. of Years in
Details of project executed with
Customer Use
9.
N.B. Enclose copies of Audited Balance Sheet along with enclosures
Place:
Date:
Signature:
Name & Designation:
Business Address:
P a g e 72 | 136
Vault Solution
48. Annexure D - Eligibility Criteria

S.
Eligibility Criteria Documents to be Compliance
No. submitted (Yes/No)
1 The bidder has to submit Integrity Pact (IP) signed Annexure H is to be
by authorized signatory as prescribed format submitted.
mentioned in Annexure H on plain paper in
advance(not prior to issuance of RFP) or at the
time of bid submission. Bidder shall be liable for
rejection in case of non-submission of the same.
The bidder should be a registered/incorporated Relevant Documents of
2 company in India as per Companies Act registration is to be
1956/2013 and must have in existence for the submitted.
last 5 years.
The Bidder must have minimum annual turnover Copies of Audited
of Rs.4.00 crore each in last three financial years financial statements for
3 (i.e. 2016-17, 2017-18 & 2018-19) from Indian FY2016-17, FY 2017-18
operations. Audited financial statements for & FY2018-19 years are
FY2016-17, FY2017-18 & FY2018-19 are to be to be submitted.
submitted. In case the audited financials for the
year 2018-19 is not available, CA Certificate
should be submitted. This must be the individual
company turnover and not that of any group of
companies.
Bidder should have positive operating Profit (as Copies of the audited
EBITDA i.e. Earnings Before Interest, Tax, balance sheet of the
Depreciation & Amortization) in each of the last company for FY2016-
three financial years, (2016-17, 2017-18, and 17, FY2017-18 &
4
2018-19). In case the audited financials for the FY2018-19 years are to
year 2018-19 is not available, CA Certificate be submitted.
should be submitted.
P a g e 73 | 136
Vault Solution
The bidder should have implemented Aadhaar

Data Vault Solution with TPS of 500 and above The bidder has to
5
to any Banks / Insurance Company / submit Purchase Order
Government Organizations / Financial / performance
Institutions in India, during last three years as on certificate of solution
date of RFP.
OEM/ Bidder should have implemented of Data The bidder has to
Vault/Data repository/ Secured Data base/ Similar submit Purchase Order/
6 Solution (being quoted) in at least One PSU/ performance Certificate of
Government Organizations / BFSI in India, during solution
last three years as on date of RFP
The Bidder should be OEM or Original Solution
Developer (OSD) or their authorized partners or Bidder has to submit
Service Provider (SP) or System Integrator (SI) of authorization letter
OEM/OSD in India with an authority to do from the proposed OSD
7
customization/up-gradation during the period of
contract with the Bank. Bidder needs to provide
Manufacturer Authorization Form (MAF) from
OEM stating that bidder is authorized partner of
OEM and authorized to participate in this tender
and in case the bidder is not able to perform
obligations as per contract during the contract
period, contracted services will be provided by
OEM. Both OEM/OSD & their authorized partner
cannot participate in the RFP. In case, both OEM &
his authorized partner participate, only bid of the
OEM/OSD will be considered.
The Bidder should have not been black listed at Self Declaration on
any time by the Central / State Governments/ Company’s letter Head
PSUs/PSBs. In case, in the past, the name of their signed by authorized
Company was black listed by any of the Govt. person as per the
Authority or PSUs/PSBs, the name of the company Annexure R is required to
or organization must have been removed from the be submitted.
8
said list as on date of submission of the RFP,
otherwise it will not be considered. Self
Declaration on Company’s letter Head signed by
P a g e 74 | 136
Vault Solution
authorized personas as per the Annexure R is

required to be submitted.
Authorized Signatory:
Place: Name & Designation:
Date: Business Address & email id:
49. Annexure D (A) – Compliance to RFP terms & conditions

S. Clause Details Bidder's
No. Compliance
(Yes/No)
1 Introduction
2 Integrity Pact (IP)
3 Objectives of the RFP
4 Invitation of Tender Bids
5 Eligibility Criteria
6 Broad Scope of Work
7 Disaster Recovery
8 Support
9 Instructions for Bid Submission
Onsite development, support & maintenance
10 Resource
P a g e 75 | 136
Vault Solution
11 Taxes and Duties

12 Rejection of Bid
13 Pre-bid Meeting
14 RFP Response
15 Modification and Withdrawals of Bid
16 Liquidated Damage (LD)
17 Warranty
18 Contract Period
19 ATS/AMC
20 Adherence of Cyber Security Policy
21 Patent Rights
22 Price Validity
23 Payment Terms
24 Authorized Signatory
25 Limitation of Liability
26 Confidentiality
27 Indemnity
28 Intellectual Property Rights
29 Non-transferable Offer
30 Normalization of Bids
31 Responsibility for Completeness
32 Customization Process
33 Escrow Arrangement
34 Ownership and Retention of Documents
35 Penalty
P a g e 76 | 136
Vault Solution
36 Service Level Agreements & Penalties

37 Documents and Manuals
38 Audit
39 Force Majeure
40 Exit Clause
41 Termination of Contract
42 Arbitration
43 Jurisdiction
44 Submission of Bids
Place:
Date: Signature:
Name & Designation: Business Address:
50. Annexure D (B) – Declaration for Compliance

All Terms and Conditions including scope of work except technical specifications.
We hereby undertake and agree to abide by all the terms and conditions stipulated by
the Bank in this RFP including all addendum, corrigendum etc. (Any deviation may result
in disqualification of bids).
Signature:
Seal of company
Technical Specification
We certify that the services offered by us for tender confirms to the specifications
stipulated by you with the following deviations.
P a g e 77 | 136
Vault Solution
List of deviations
1)
2)
Signature:
Seal of company
(If left blank it will be construed that there is no deviation from the specifications given
above)
51. Annexure E –Technical Specifications.

Sr. Comply
Technical Requirements
(Y/N) Remark
No.
1 Encryption of Aadhaar Number and any connected Aadhaar Data
1.1 The Aadhaar number and any connected data maintained on the
Aadhaar Data Vault (ADV) should be kept encrypted and access to it is
strictly controlled only for authorized systems.
1.2 The platform needs to comply with the data encryption standards and
storage policies requirements as mentioned by UIDAI.
1.3 All encryption keys should only be stored in HSM infrastructure

as mandated by UIDAI.
1.4 UID Token should be stored as a mandatory part of solution.
1.5 Demographic match from the Aadhaar Data Vault should be

done using the reference key. Aadhaar number should not be used
in such cases.
P a g e 78 | 136
Vault Solution
1.6 The platform should be compliant / support API 2.5 and above
as designed by UIDAI
2 Generation of Reference Number
2.1 Each Aadhaar number is to be referred by an additional key called as

Reference key. The proposed solution should have the ability to
generate a reference value (key) which should get automatically
associated with the Aadhaar Number or any other data stored in the
vault.
2.2 Mapping of the reference key and Aadhaar number is to be

maintained in the Aadhaar Data Vault in encrypted format.
2.3 The reference number generated as such should be unique for each
Aadhaar number. The chosen reference key method should ensure
that the recovery of the associated Aadhaar Number must not be
computationally feasible knowing only the reference keys or number
of reference keys. Reverse engineering of the reference key or a series
of reference keys to compute the Aadhaar number should not be
technically possible as mandated by UIDAI.
2.4 The solution should be capable of maintaining the integrity of

encrypted Aadhaar number associated with reference key.
3 Retrieval of reference number
3.1 ADV should search for existence of encrypted Aadhaar Number in the
storage during every call to store Aadhaar Number in ADV. If the
encrypted value of the Aadhaar number being stored already exists in
the ADV storage, then the same associated reference number should
be returned back.
4 The ADV solution provided by the bidder shall support storage

of 72 digit UID token.
5 The ADV solution provided by the bidder shall support encryption and
storage of scanned Aadhaar Card PDF / Image file and any other
document / images as per the data encryption and storage guidelines
issued by UIDAI in a separate File Server.
P a g e 79 | 136
Vault Solution
6 The ADV solution provided by the bidder should be configured in HA

mode at Bank’s Data Center. The Solution shall be highly scalable to
meet the future requirements of the Bank. The Solution should have
capabilities for Auto Sync for the DC and DR Location with same level
of security.
7 The bidder should assist Bank team for implementation of the Aadhaar
Data Vault Solution in a highly restricted network zone. The storage of
Aadhaar number / data along with the referencing system should be
isolated from any untrusted zone and other internal network zones as
mandated by UIDAI.
User Management Functionality
8
8.1 ADV platform offered by the bidder should be capable of providing a

GUI for enabling creation of multiple API / Admin users. Authorized
Bank Officials should be able to login to this web based platform and
should be to create multiple Admin / API users. This should be through
maker checker facility with logging.
8.2 This web based interface should also support Edit / Delete /
Modify user/reset password functionality. .This should be through
maker checker facility with logging.
9 Non Repudiation of Stored Data
9.1 ADV platform provided by the bidder shall support Non repudiation of
stored data in database or storage and should not permit any user to
replace the encrypted Aadhaar number / data associated with
Reference number value with another
encrypted Aadhaar number / data.
10 API’s for interfacing with ADV platform
10.1 Only trusted communications must be permitted in and out of the

vault. This should be ideally be done via API / Micro Service dedicated
to get the mapping and controlling access to the API/ Micro-Service at
application level. Any authorised users needing to access this mapping
must access via applications allowing them to view / access data with
appropriate user authentication.
P a g e 80 | 136
Vault Solution
10.2 ADV platform provided by the bidder shall support at least Java as well
as .NET based API’s or web services for Integration. The Aadhaar Data
Vault Solution should be capable to interface with the Bank’s
applications and the Client API should be made available for accessing
Aadhaar Data Vault as a part of the
solution. The bidder should provide sub system integration with

Aadhaar Data Vault with the Web Services / APIs.
11 The Platform should support user management integration with
Active Directory for validate user credentials
12 The solution should be capable of Supporting Encryption
Algorithms such as AES-256 & RSA-2048 or latest standard
algorithms used for encrypting Aadhaar Number and Aadhaar
related data.
13 The Aadhaar Data Vault solution should support the automatic
key rotation.
The Application should have the capabilities for updating /
retrieving the Aadhaar Number or related data from Aadhaar Data
14 Vault, during the Key Rotation of the HSM Keys to be done
automatically by HSM itself using a scheduling policy. The Activity
should not require any Downtime.
Auditing and Logging: The Aadhaar Data Vault Solution should have the
capability of detailed logging and audit tracking of all key state
changes, administrator access and policy changes. The Audit trails
should be securely stored and signed for non- repudiation. The logs
15 should be integrated with the Bank’s SIEM tool for monitoring and
alerting.
16 Aadhaar Data Vault solution should support User Access
restrictions with various access rights
17 The solution must be able to support storage of the root of trust
master Key on a FIPS 140-2, minimum Level 2 certified HSM device.
18 Aadhaar Data Vault solution should be scaled to higher TPS on the

same HSM, solution should be field upgradable and should not involve
additional procurement of hardware post solution is implemented.
P a g e 81 | 136
Vault Solution
19 The Aadhaar Data Vault solution should be designed to achieve 1100

TPS with a 5-year projection of 2300 TPS.
20 Aadhaar Data Vault solution should have the capability to support

the Bulk Insertion of records with Unique Token for each Aadhaar
Number.
21 The software should be able to tokenize numeric / alpha numeric
and special character other than Aadhaar numbers in its current
version.
23 The ADV platform should have the ability to integrate in the

existing PIM solution for authentication.
24 The ADV platform provided by the bidder must implement strong
access controls and authentication measures. It should have ability
to provision granular access control and shall support monitoring
and logging of access.
25 The admin and user roles should be segregated.
26 User access should be locked in case of 3 unsuccessful login attempts.

Audit log of all the activities carried out in Aadhaar data vault should
be maintained as per the policies mandated
by UIDAI.
27 The ADV platform provided by the bidder shall support highly
secured communication between the internal business applications
of the Bank and ADV platform.
28 The Security between Client Application consuming API / web
service and Aadhaar Data vault shall be permitted only after
successful validation of the below mentioned parameters : IP
Validation, User ID and Password
29 The offered Aadhaar Data Vault solution should support IPV 6
30 Platform should meet all Aadhaar Data Vault guidelines issued

by UIDAI from time to time.
31 Security : The ADV Solution should support and adhere to:
31.1 Security framework for AUA/ASA/AKA's
P a g e 82 | 136
Vault Solution
31.2 Security framework for authentication devices
31.3 Support for Security audit by UIDAI security consultant or Bank

appointed consultant.
32 Following guidelines (issued by UIDAI) are required to be
followed. domains will be covered to achieve the above
objectives
32.1 Aadhaar Act (2016),
32.2 Aadhaar (Authentication) Regulations 2016,
32.3 Aadhaar (Data Security) Regulations 2016,
32.4 Aadhaar (Sharing of Information) Regulations, 2016
32.5 UIDAI Information Security Policy
32.6 UIDAI Circular No. K-11020/205/2017 (Auth I) dated 25.07.2017
32.7 UIDAI Circular no.4 of 2018 dated:01.05.2018
32.8 UIDAI circular no.5 of 2018 dated:16.05.2018
32.9 UIDAI circular no.6 of 2018 dated 04.06.2018
33 Bidder shall abide by the ISMS framework of the Bank which

includes Incident Management, Change Management and
Capacity management etc.
Place:
Date:
Signature:
Name & Designation:
Business Address:
P a g e 83 | 136
Vault Solution
52. Annexure E (A) – Hardware Specifications

Detailed Specifications of Hardware to be
provided including Processor/Server Type &
clock speed, Total no. of cores, Total
Memory, Hard Disk Drives, Operating
System, Network ports, Host Bus Adapter
Sr. Particulars of Equipment Make and Model (HBA) and Redundant
required
No.
Power Supply (RPS) etc.
1. Server for Data Centre.
2. Server for Disaster Recovery

Site.
3. Server for UAT.
4. Storage for Data Centre.
5. Storage for Disaster Recovery

Site.
6. HSM for Data Centre.
7. HSM for Disaster

Recovery Site
8. HSM for UAT
9. Any Other Hardware

Provided
Note: Server and storage for the Solution must be capable enough to handle 1100 TPS transactions and
should be scalable so as to handle transactions as per Bank’s projections.
53. Annexure F – Unpriced Indicative Commercial Bid
P a g e 84 | 136
Vault Solution
Total Cost in Rs. Submitted

SL. Quantity (B) (Yes/No)
Items Unit Cost (A) (Exclusive of Taxes)
No. C=AxB
1 Hardware* NA NA NA
i Server at DC XX XX XX
ii Storage at DC XX XX XX
iii Server at DR XX XX XX
iv Storage at DR XX XX XX
V HSM at DC XX XX XX
vi HSM at DR XX XX XX
vii Server for UAT XX XX XX
viii HSM for UAT XX XX XX
Any other hardware to

ix XX XX XX
be provided( item-wise
cost to be provided)
Total Hardware Cost (sum of (i) to (ix)) XX

2 Software NA NA NA
I Perpetual License Cost XX 1 XX

Ii Any other
XX XX XX
software
required (OS
etc, item-wise
cost to be
provided)
Total Software Cost (i+ii) XX
3 AMC of Hardware
per year (Between 8-
XX 2 years XX
10% of hardware
cost)
P a g e 85 | 136
Vault Solution
4 ATS of Software per year

(Between 16-22% of XX 4 years XX
software cost)
5 Onsite technical support
cost for resource per
XX 5 years XX
month( Support wise
cost to be provided)
6 Implementation and
XX 12 XX
Integration with CBS
and other applications Months
cost (man months
charge)
Total Cost of Ownership (TCO) in Rs. (1+2+3+4+5+6) XX
* Hardware should be quoted for High Availability at DC. Quantity is to be specified by the bidder
wherever left blank.
Note:
1. The Commercial Offer should be given in the above format only.

2. There should be no conditions mentioned in the Commercial Offers.
3. Commercial offers with conditions will be rejected.
4. Bidder need to provide the detail configuration and purpose of proposed hardware.
5. Bidder need to size the hardware to handle the load mentioned in the RFP
document. In case of any performance issue due to hardware sizing during the
contract period, bidder need to upgrade the hardware without any cost to bank.
6. TCO is for five years including one year warranty, four years ATS for post warranty
and after go-live for software solution and three years warranty, 2 years AMC for
post warranty for hardware/Server.
7. The price quoted should be inclusive of Cost of deliverables, Enterprise License,

installation, customization, configuration, maintenance and support of Solution
for Implementation of Aadhaar Data Vault solution as per Bank’s requirement.
P a g e 86 | 136
Vault Solution
8. The ATS charges per annum should be between 16 to 22% of the cost of software
components and AMC charges per annum should be between 8 to 10% of the cost
of hardware components.
9. Bank will not pay any Labour charges for transportation, Road Permit, installation
of Software separately. All such costs, if any, should be absorbed in the TCO.
10. The TCO should be exclusive of GST (CGST, SGST & IGST). Applicable taxes, if any,
shall be payable by the Bank at actual on date of invoicing.
11. Bidder has to show the bifurcation/details of applicable GST (CGST/SGST/IGST) in

every invoice.
12. If the cost for any line item is indicated as zero then it will be assumed by the Bank
that the said item is provided to the Bank without any cost.
13. In case of any discrepancy in calculation, price quoted in words will be considered
for computation of TCO.
Place:
Date:
Name & Designation & E-mail ID:
Business Address:
P a g e 87 | 136
Vault Solution
54. Annexure F (A) - Indicative Commercial Bid

Total Cost in Rs.
SL. Quantity
Items Unit Cost (Exclusive of Taxes)
(B)
No. (A) C=AxB
1 Hardware* NA NA NA
I Server at DC
Ii Storage at DC
Iii Server at DR
Iv Storage at DR
V HSM at DC
Vi HSM at DR
Vii Server for UAT
Viii HSM for UAT
Any other hardware to be

Ix
provided
Total Hardware Cost (sum of (i) to (ix))

2 Software NA NA NA
I Perpetual License Cost
Ii Any other software

required (OS etc.,
item-wise cost to
be provided)
Total Software Cost (i+ii)

3 AMC of Hardware per
year (Between 8-10% of
2 years
P a g e 88 | 136
Vault Solution
hardware cost)
4 ATS of Software per year

(Between 16-22% 4 years
of software cost)
5 Onsite technical support
cost for resource per
5 years
month (item-wise cost to
be provided)
6 Customization cost (man
12 Months
months charge)
Total Cost of Ownership (TCO) in Rs. (1+2+3+4+5+6)
* Hardware should be quoted for High Availability at DC. Quantity is to be specified by the bidder
wherever left blank.
Note:
1. The Commercial Offer should be given in the above format only.

2. There should be no conditions mentioned in the Commercial Offers.
3. Commercial offers with conditions will be rejected.

4. Bidder need to provide the detail configuration and purpose of proposed hardware.
5. Bidder need to size the hardware to handle the load mentioned in the RFP
document. In case of any performance issue due to hardware sizing during the
contract period, bidder need to upgrade the hardware without any cost to bank.
6. TCO is for five years including one year warranty, four years ATS for post warranty
and after go-live for software solution and three years warranty, 2 years AMC for
post warranty for hardware/Server.
P a g e 89 | 136
Vault Solution
7. The price quoted should be inclusive of Cost of deliverables, Enterprise License,

installation, customization, configuration, maintenance and support of Solution
for Implementation of Aadhaar Data Vault solution as per Bank’s requirement.
8. The ATS charges per annum should be between 16 to 22% of the cost of software
components and AMC charges per annum should be between 8 to 10% of the cost
of hardware components.
9. Bank will not pay any Labour charges for transportation, Road Permit, installation
of Software separately. All such costs, if any, should be absorbed in the TCO.
10. The TCO should be exclusive of GST (CGST, SGST & IGST). Applicable taxes, if any,
shall be payable by the Bank at actual on date of invoicing.
11. Bidder has to show the bifurcation/details of applicable GST (CGST/SGST/IGST) in

every invoice.
12. If the cost for any line item is indicated as zero then it will be assumed by the Bank
that the said item is provided to the Bank without any cost.
13. In case of any discrepancy in calculation, price quoted in words will be considered
for computation of TCO.
Place:
Date:
Name & Designation & E-mail ID:
Business Address:
55. Annexure G - Reference Site Details

The reference sites submitted must be necessarily of those Banks/Companies where the bidder
has been awarded the contract prior to date of Issuance of this RFP. For those references where
P a g e 90 | 136
Vault Solution
the offered solution is accepted but implementation is not started, the acceptance should be
valid as on the last date for submission of bids at India Post Payments Bank.
Please provide reference details in the format defined below:
Particulars Response
Name of the Bank/ Financial Institution
Country of Operation
Address of the Organization
Date of commencement of Project
Date of completion of Project (if completed)
Status (completed/ in progress)
Scope of Work for Solution
Name of the contact person for reference
Contact details of contact person

***TPS of the solution offered****
Project Details
a. Operating System
b. Application Software
c. Network Topology
d. Programming language
e. Middleware
f. Security features
g. Maintenance & support
(Enclose necessary documentary proof)
P a g e 91 | 136
Vault Solution
* Provide Information in respect of at least 1 major customer who fulfills the qualification Criteria.
References may be enclosed from the customers from the above.
Place:
Date:
Signature:
Name & Designation:
Business Address:
56. Annexure H – Pre-Contract Integrity Pact.

Integrity Pact
(To be stamped accordingly)
RFP No: IPPB/IT/NW/2020/XX/XX/XXXXXX Dated: XXXXXX
Sub: RFP for Supply, Implementation and Maintenance of Aadhaar Data Vault Solution
This Agreement (hereinafter called the Integrity Agreement) is made on _____ day of the month of
_____ 20___, between,
On one hand, India Post Payments Bank Limited (CIN U74999DL2016GOI304561), having its Registered
Office at Post Office, Speed Post Centre Building, Market Road, New Delhi – 110001, (hereinafter
referred to as the “Principal/Owner”, “ IPPB” or ”Buyer”, as the case may be, which expression shall
unless repugnant to the context thereof, include its successors, assigns), acting through
_____________________, ,party of the FIRST PART,
And
M/s________________________ represented by_________________________________, Authorized

Signatory (hereinafter called the “Vendor” or “Service Provider”, as the case may be, which expression
shall mean and include, unless the context otherwise requires, his successors and permitted assigns)
party of the Second Part.
P a g e 92 | 136
Vault Solution
WHEREAS the Principal/ Owner has floated the RFP reference number _________ (hereinafter referred
to as “Tender/Bid”) and intends to award, under laid down organizational procedure, contract for
____________________ for IPPB, 2nd Floor, Speed Post Center, Bhai Veer Singh Marg, Market Road,
New Delhi – 110001 Hereinafter referred to as the “Contract”. and the VENDOR is willing to offer/has
offered the services.
AND WHEREAS the Principal/Owner values full compliance with all relevant laws of the land, rules,
regulations, economic use of resources and of fairness/transparency in its relation with its
Vendor(s) and Contractor(s).
NOW, THEREFORE,
To avoid all forms of corruption by following a system that is fair, transparent and free from any
influence/prejudiced dealings prior to, during and subsequent to the currency of the contract to be
entered into with a view to:-
Enabling the Principal/Owner to obtain the desired services at a competitive price in conformity with the
defined specification by avoiding the high cost and the distortionary impact of corruption on public
procurement, and
Enabling VENDORs to abstain from bribing or indulging in any corrupt practice in order to secure the
contract by providing assurance to them that their competitors will also abstain from bribing and other
corrupt practices and the Principal/Owner will commit to prevent corruption, in any form, by its officials
by following transparent procedures.
Article 1: Commitment of the Principal/Owner
1. The Principal/Owner commits itself to take all measures necessary to prevent corruption and to
observe the following principles:
a. No employee of the Principal/Owner, personally or through any of his/her family members, will
in connection with the Tender, or the execution of the Contract, demand, take a promise for or accept,
for self or third person, any material or immaterial benefit which the person is not legally entitled to.
b. The Principal/Owner will, during the Tender process, treat all Vendor(s) with equity and reason.
The Principal/Owner will, in particular, before and during the Tender process, provide to all Vendor(s)
the same information and will not provide to any Vendor(s) confidential / additional information
through which the Vendor(s) could obtain an advantage in relation to the Tender process or the
Contract execution.
c. The Principal/Owner shall endeavor to exclude from the Tender process any person, whose
conduct in the past has been of biased nature.
d. All the officials of the BUYER will report to the appropriate Government office any attempted or
completed breaches of the above commitments as well as any substantial suspicion of such a breach.
P a g e 93 | 136
Vault Solution
In case any such preceding misconduct on the part of such official(s) is reported by the VENDOR to the
BUYER with full and verifiable facts and the same is prima facie found to be correct by the BUYER,
necessary disciplinary proceedings, or any other action as deemed fit, including criminal proceedings
may be initiated by the Principal/Owner and such a person shall be debarred from further dealings
related to the contract process. In such a case while an enquiry is being conducted by the
Principal/Owner the proceedings under the contract would not be stalled.
If the Principal/Owner obtains information on the conduct of any of its employees which is a criminal
offence under the Indian Penal code (IPC)/Prevention of Corruption Act, 1988 (PC Act) or is in violation
of the principles herein mentioned or if there be a substantive suspicion in this regard, the
Principal/Owner will inform the Chief Vigilance Officer and in addition can also initiate disciplinary
actions as per its internal laid down policies and procedures.
Article 2: Commitment of the Vendor(s)/Vendor(s)
1. It is required that each Vendor/Vendor (including their respective officers, employees and
agents) adhere to the highest ethical standards, and report to the India Post Payments Bank all
suspected acts of fraud or corruption or Coercion or Collusion of which it has knowledge or becomes
aware, during the tendering process and throughout the negotiation or award of a contract.
2. The VENDOR commits itself to take all the measures necessary to prevent corrupt practices,
unfair means and illegal activities during any stage of its bid/tender process or during any pre-contract
or post-contract stage in order to secure the contract or in furtherance to secure it and in particular
commit itself to the following: -
a. The Vendor(s)/Vendor(s) will not, directly or through any other person or firm, offer,
promise or give to any of the Principal/Owner’s employees involved in the Tender
process or execution of the Contract or to any third person any material or other benefit
which he/she is not legally entitled to, in order to obtain in exchange any advantage of
any kind whatsoever during the Tender process or during the execution of the Contract.
b. The VENDOR will not offer, directly or through intermediaries, any bribe, gift,
consideration, reward, favour or any material or immaterial benefit or other advantage,
commission, fees, brokerage or inducement to any official of the India Post Payments
Bank, connected directly or indirectly with the bidding process, or to any person,
organisation or third party related to the contract in exchange for any advantage in the
bidding, evaluation, contracting and implementation of the contract.
c. The VENDOR further undertakes that it has not given, offered or promised to give,
directly or indirectly any bribe, gift, consideration, reward, favour, any material or
immaterial benefit or other advantage, commission, fees, brokerage or inducement to
any official of the India Post Payments Bank or otherwise in procuring the Contract or
P a g e 94 | 136
Vault Solution
forbearing to do or having done any act in relation to the obtaining or execution of the
contract or any other contract with the Government for showing or forbearing to show
favour or disfavour to any person in relation to the contract or any other contract with
the Government.
d. VENDOR shall disclose the payments to be made by them to agents/brokers or any

other intermediary, in connection with this bid/contract.
e. The VENDOR further confirms and declares to the India Post Payments Bank that the
VENDOR has not engaged any individual or firm or company whether Indian or foreign
to intercede, facilitate or in any way to recommend to the BUYER or any of its
functionaries, whether officially or unofficially to the award of the contract to the
VENDOR, nor has any amount been paid, promised or intended to be paid to any such
individual, firm or company in respect of any such intercession, facilitation or
recommendation.
f. The VENDOR, either while presenting the bid or during pre-contract negotiations or
before signing the contract, shall disclose any payments he has made, is committed to
or intends to make to officials of the India Post Payments Bank or their family members,
agents, brokers or any other intermediaries in connection with the contract and the
details of services agreed upon for such payments.
g. The VENDOR will not collude with other parties interested in the contract to impair the
transparency, fairness and progress of the bidding process, bid evaluation, contracting
and implementation of the contract.
h. The VENDOR will not accept any advantage in exchange for any corrupt practice, unfair
means and illegal activities.
i. The VENDOR shall not use improperly, for purposes of competition or personal gain, or
pass on to others, any information provided by the India Post Payments Bank as part of
the business relationship, regarding plans, technical proposals and business details,
including information contained in any electronic data carrier or information contained
or transmitted electronically. The VENDOR also undertakes to exercise due and
adequate care lest any such information is divulged.
j. The VENDOR commits to refrain from giving any complaint directly or through any other
manner without supporting it with full and verifiable facts.
k. The VENDOR shall not instigate or cause to instigate any third person to commit any of
the actions mentioned above.
l. If any employee of the VENDOR or any person acting on behalf of the VENDOR who is
directly or indirectly involved in the bidding process of this RFP, is a relative of any of the
P a g e 95 | 136
Vault Solution
officers of the India Post Payments Bank who is directly or indirectly involved in the
bidding process, bid evaluation for this RFP, the same shall be disclosed by the VENDOR
at the time of filing of tender. The term relative for this purpose would be as defined in
Sub-Section (77) of Section 2 of the Companies Act of 2013.
The VENDOR shall not lend to or borrow any money from or enter into any monetary dealings or
transactions, directly or indirectly, with any employee of the India Post Payments Bank.
The Vendor(s) will not enter with other Vendor(s) into any undisclosed agreement or understanding,
whether formal or informal. This applies in particular to prices, specifications, certifications, subsidiary
contracts, submission or non- submission of bids or any other actions to restrict competitive or to
cartelize in the bidding process.
c. The Vendor(s) will not commit any offence under the relevant IPC/PC Act.
The Vendor(s)/ of foreign origin shall disclose the names and addresses of agents/representatives in
India, if any. Similarly, Vendor(s) of Indian Nationality shall disclose names and addresses of foreign
agents/representatives, if any. Either the Indian agent on behalf of the foreign principal or the foreign
principal directly could bid in a tender but not both. Further, in cases where an agent participates in a
tender on behalf of one manufacturer, he shall not be allowed to quote on behalf of another
manufacturer along with the first manufacturer in a subsequent/parallel tender for the same item.
The Vendor(s) will not instigate third persons to commit offences outlined above or be an accessory to
such offences.
The Vendor(s) will not, directly or through any other person or firm indulge in fraudulent practice
means a willful misrepresentation or omission of facts or submission of fake/forged documents in
order to induce public official to act in reliance thereof, with the purpose of obtaining unjust advantage
by or causing damage to justified interest of others and/or to influence the procurement process to the
detriment of the India Post Payments Bank interests.
The Vendor(s) will not, directly or through any other person or firm use Coercive Practices (means the
act of obtaining something, compelling an action or influencing a decision through intimidation, threat
or the use of force directly or indirectly, where potential or actual injury may befall upon a person, his/
her reputation or property to influence their participation in the tendering process)
Article 3: Consequences of Breach
Without prejudice to any rights that may be available to the Principal/Owner under law or the Contract
or its established policies and laid down procedures, the Principal/Owner shall have the following rights
in case of breach of this Integrity Pact by the Vendor(s)/ and the Vendor accepts and undertakes to
respect and uphold the Principal/Owner’s absolute right:
P a g e 96 | 136
Vault Solution
1. If the Vendor(s)/, either before award or during execution of Contract has committed a
transgression through a violation of Article 2 above or in any other form, such as to put his reliability or
credibility in question, the Principal/Owner after giving 14 days’ notice to the Vendor shall have
powers to disqualify the Vendor(s)/ from the Tender process or terminate/determine the Contract, if
already executed or exclude the Vendor from future contract award processes. The imposition and
duration of the exclusion will be determined by the severity of transgression and determined by the
Principal/Owner. Such exclusion may be forever or for a limited period as decided by the
Principal/Owner.
2. To immediately call off the pre contract negotiations without assigning any reason or giving any
compensation to the VENDOR. However, the proceedings with the other VENDOR(s) would continue.
I. The Earnest Money Deposit (in pre-contract stage) and/or Performance Security (after
the contract is signed) shall stand forfeited either fully or partially, as decided by the
BUYER and the BUYER shall not be requiring to assign any reason therefore.
II. To immediately cancel the contract, if already signed, without giving any compensation
to the VENDOR.
III. To recover all sums already paid by the BUYER, and in case of an Indian VENDOR with
interest thereon at 2% higher than the prevailing Prime Lending Rate of State Bank of
India, while in case of a VENDOR from a country other than India with interest thereon
at 2% higher than the LIBOR. If any outstanding payment is due to the VENDOR from the
BUYER in connection with any other contract for any other stores, such outstanding
payment could also be utilized to recover the aforesaid sum and interest.
IV. To encash the advance bank guarantee and performance bond/warranty bond, if
furnished by the VENDOR, in order to recover the payments, already made by the
BUYER, along with interest.
V. To cancel all or any other Contracts with the VENDOR. The VENDOR shall be liable to pay
compensation for any loss or damage to the BUYER resulting from such cancellation /
rescission and the BUYER shall be entitled to deduct the amount so payable from the
money(s) due to the VENDOR.
VI. To debar the VENDOR from participating in future bidding processes of the Government
of India for a minimum period of five years, which may be further extended at the
discretion of the BUYER.
VII. To recover all sums paid in violation of this Pact by VENDOR(s) to any middleman or
agent or broker with a view to securing the contract.
VIII. In cases where irrevocable Letters of Credit have been received in respect of any
contract signed by the BUYER with the VENDOR, the same shall not be opened.
P a g e 97 | 136
Vault Solution
IX. Forfeiture of Performance Bond/Performance Bank Guarantee in case of a decision by

the BUYER to forfeit the same without assigning any reason for imposing sanction for
violation of this Pact.
4.2 The BUYER will be entitled to take all or any of the actions mentioned at para 4.1 (i) to (x) of this Pact
also on the Commission by the VENDOR or any one employed by it or acting on its behalf (whether with
or without the knowledge of the VENDOR), of an offence as defined in Chapter IX of the Indian Penal
code, 1860 or Prevention of Corruption Act, 1988 or any other statute enacted for prevention of
corruption.
4.3 The decision of the BUYER to the effect that a breach of the provisions of this Pact has been
committed by the VENDOR shall be final and conclusive on the VENDOR. However, the VENDOR can
approach the Independent Monitor(s) appointed for the purposes of this Pact.
Criminal Liability: If the Principal/Owner obtains knowledge of conduct of a Vendor or Vendor, or of an

employee or a representative or an associate of a Vendor or Vendor which constitutes corruption within
the meaning of IPC Act, or if the Principal/Owner has substantive suspicion in this regard, the
Principal/Owner will inform the same to law enforcing agencies for further investigation.
Article 4: Previous Transgression
1. The Vendor declares that no previous transgressions occurred in the last 5 years with any other
Company in any country confirming to the anticorruption approach or with IPPB or any other
Central/State Public Sector Enterprises in India that could justify his exclusion from the Tender process.
2. The VENDOR agrees that if it makes incorrect statement on this subject, VENDOR can be
disqualified from the tender process or the contract, if already awarded, can be terminated for
such reason.
Article 5: Equal Treatment of all Vendors/Vendors/Sub Vendors
a. The Vendor(s)/Vendor(s) undertake(s) to demand from all sub-Vendors a commitment in

conformity with this Integrity Pact. The Vendor/Vendor shall be responsible for any violation(s) of the
principles laid down in this agreement/Pact by any of its Sub Vendors/sub-vendors.
b. The Principal/Owner will enter into Pacts on identical terms as this one with all Vendors and
Vendors.
c. The Principal/Owner will disqualify Vendors, who do not submit, the duly Signed Pact between
the Principal/Owner and the Vendor, along with the Tender or violate its provisions at any stage of the
Tender process, from the Tender process.
Article 6: Duration of the Pact
P a g e 98 | 136
Vault Solution
This Pact begins when both the parties have legally signed it. It expires for the Vendor/Vendor 12
months after the completion of work under the contract or till the continuation of defect liability period,
whichever is more and for all other Vendors, till the Contract has been awarded.
If any claim is made/lodged during the time, the same shall be binding and continue to be valid despite
the lapse of this Pacts as specified above, unless it is discharged/determined by the Competent
Authority, INDIA POST PAYMENTS BANK.
Article 7: Other Provisions
1. This Pact is subject to Indian Law, place of performance and Jurisdiction is the Headquarters of
the Division of the Principal/Owner, who has floated the Tender.
2. Changes and supplements need to be made in writing. Side agreements have not been made.
3. If the Vendor is a partnership or a consortium, this Pact must be signed by all the partners or by
one or more partner holding power of attorney signed by all partners and consortium members. In case
of a Company, the Pact must be signed by a representative duly authorized by board resolution.
4. It is agreed term and condition that any dispute or difference arising between the parties with
regard to the terms of this Integrity Agreement / Pact, any action taken by the Owner/Principal in
accordance with this Integrity Agreement/ Pact or interpretation thereof shall not be subject to
arbitration.
Article 8: Independent Monitors
8.1 _____________________________has been appointed as Independent External Monitor

(hereinafter referred to as Monitor) for overseeing and implementation of the Pre-Contract Integrity
Pact for procurement of services for the BUYER.
8.2 His contact details are as under:
_______________________
8.3 The task of the Monitors shall be to review independently and objectively, whether and to what
extent the parties comply with the obligations under this Pact.
8.4 The Monitors shall not be subject to instructions by the representatives of the parties and perform
their functions neutrally and independently.
8.5 Both the parties accept that the Monitors have the right to access all the documents relating to the
project/procurement, including minutes of meetings.
8.6 As soon as the Monitor notices, or has reason to believe, a violation of this Pact, he will so inform
the Authority designated by the BUYER.
P a g e 99 | 136
Vault Solution
8.7 The VENDOR(s) accepts that the Monitor has the right to access without restriction to all Project
documentation of the BUYER including that provided by the VENDOR. The VENDOR will also grant
the Monitor, upon his request and demonstration of a valid interest, unrestricted and unconditional
access to his project documentation. The same is applicable to Subcontractors. The Monitor shall be
under contractual obligation to treat the information and documents of the VENDOR/Sub-
contractor(s) with confidentiality.
8.8 The BUYER will provide to the Monitor sufficient information about all meetings among the parties
related to the Project provided such meetings could have an impact on the contractual relations
between the parties. The parties will offer to the Monitor the option to participate in such meetings.
8.9 The Monitor will submit a written report to the designated Authority of BUYER/Secretary in the
Department/ within 8 to 10 weeks from the date of reference or intimation to him by the
BUYER/VENDOR and, should the occasion arise, submit proposals for correcting problematic
situations.
Article 9: Facilitation of investigation
In case of any allegation of violation of any provisions of this Pact or payment of commission, the BUYER
or its agencies shall be entitled to examine all the documents including the Books of Accounts of the
VENDOR and the VENDOR shall provide necessary information and documents in English and shall
extend all possible help for the purpose of such examination.
1.Law and Place of Jurisdiction
This Pact is subject to Indian Law. The place of performance and jurisdiction is New Delhi.
2.Other Legal Actions
The actions stipulated in this Integrity Pact are without prejudice to any other legal action that may
follow in accordance with the provisions of the extant law in force relating to any civil or criminal
proceedings.
Article 10: Validity
a. The validity of this Integrity Pact shall be from date of its signing and extend up to a
period of contract and any extended period notified by BUYER.
b. The complete execution of the contract to the satisfaction of both the BUYER and the
VENDOR/Seller, including warranty period, whichever is later, in case VENDOR is
unsuccessful, this integrity Pact shall expire after six months from the date of the signing
of the contract.
c. Should one or several provisions of this Pact turn out to be invalid, the remainder of this
Pact shall remain valid. In this case, the parties will strive to come to an agreement to
their original intentions.
P a g e 100 | 136
Vault Solution
Article 11: Legal and prior rights
All rights and remedies of the parties hereto shall be in addition to all the other legal rights and
remedies belonging to such parties under the Contract and/or law and the same shall be deemed to be
cumulative and not alternative to such legal rights and remedies aforesaid. For the sake of brevity, both
the Parties agree that this Integrity Pact will have precedence over the Tender/Contact documents with
regard any of the provisions covered under this Integrity Pact.
IN WITNESS WHEREOF the parties have signed and executed this Integrity Pact at the place and date
first above mentioned in the presence of following witnesses:
For and on behalf of Principal/Owner For and on behalf of Vendor
INDIA POST PAYMENTS BANK, M/s Vendor Name,
2nd floor, Speed Post Centre,
Bhai Veer Singh Marg, Market Road
New Delhi- 110001
WITNESSES:
1.
(Signature, name and address)
2.
(Signature, name and address)
Place:
Dated:
P a g e 101 | 136
Vault Solution
57. Annexure J – Format of Performance Bank Guarantee.

PERFORMANCE BANK GUARANTEE
(To be stamped in accordance with Stamp Act)
The non-judicial stamp paper should be in the name of issuing Bank
Ref……………….. Bank Guarantee No…………………......
Date………………………………………...
To
Post Office
Speed Post Centre Building
Market Road
New Delhi – 110001
India
Dear Sirs,
1. In consideration of the India Post Payments Bank, a scheduled bank registered under
Reserve Bank of India (hereinafter referred to as the ‘Bank’ or ‘Purchaser’ which expression
shall unless repugnant to the context or meaning thereof include its successors,
administrators and assigns) having awarded to M/s…………………………………….. with its
Registered/Head office at ……………………………………………………………………….
……………………… (hereinafter referred to as the “Contractor” or “Vendor” or “Service
Provider” which expression shall unless repugnant to the context or meaning thereof,
include its successors, administrators, executors and assigns), a Contract by issue of Letter
of Intent or Purchase Order No…………….. dated ……….. and the same having been
acknowledged by the Contractor / Vendor / Service Provider, resulting in a Contract, bearing
No………….. dated…………valued at………for………… (scope of Contract) and the Contractor /
Vendor / Service Provider having agreed to provide a Contract Performance Guarantee for
the faithful performance of the entire Contract not exceeding Rs.
……………….. (in words & figures).
2. We…………………………………………………………………………………………………(Name & Address of Bank

Branch) having its Head office at ……………………………………………….
(hereinafter referred to as the ‘ Issuing Bank’, which expression shall, unless repugnant to
the context or meaning thereof, include its successors, administrators, executors and
assigns) do hereby guarantee and undertake to pay the amounts due and payable under this
P a g e 102 | 136
Vault Solution
guarantee without any demur, reservation, context, recourse or protest and/or without any
reference to the Contractor merely on a demand from the Owner stating that the amount
claimed is due by way of loss or damage caused to or would be caused to or suffered by the
Owner by reason of breach by the said Contractor(s) of any of the terms or conditions
contained in the said Agreement or by reason of the Contractor(s)’ failure to perform the
said Agreement. Any such demand made on the Issuing Bank shall be conclusive and binding
not withstanding any difference between the Owner and the Contractor / Vendor / Service
Provider or any dispute pending before any Court, Tribunal, Arbitrator or any other
authority. We agree that the guarantee herein contained shall be irrevocable and shall
continue to be enforceable till the Owner discharges this guarantee.
3. The Bank / Purchaser shall have the fullest liberty without affecting in any way the liability
of the Bank / Purchaser under this guarantee, from time to time to extent the time for
performance of the Contract by the Contractor. The Bank / Purchaser shall have the fullest
liberty, without affecting this guarantee, to postpone from time to time the exercise of any
powers vested in them or of any right which they might have against the Contractor, and to
exercise the same at any time in any manner, and either to enforce or to forbear to enforce
any covenants, contained or implied, in the Contract between the Bank / Purchaser and the
Contractor or any other course or remedy or security available to the Bank / Purchaser. The
Issuing Bank shall not be released of its obligations under these presents by any exercise by
the Bank / Purchaser of its liberty with reference to the matters aforesaid or any of them or
by reason of any other act of omission or commission on the part of the Bank / Purchaser or
any other indulgences shown by the Owner or by any other matter or thing whatsoever
which under law would, but for this provision have the effect of relieving the Issuing Bank.
4. The Issuing Bank also agrees that the Bank / Purchaser at its option shall be entitled to
enforce this Guarantee against the Issuing Bank as a principal debtor, in the first instance
without proceeding against the Contractor / Vendor / Service Provider and notwithstanding
any security or other guarantee the Bank / Purchaser may have in relation to the
Contractor’s liabilities.
5. This guarantee will not be discharged due to the change in the constitution of the Bank or
the Contractor(s)/Service Provider(s).
6. Notwithstanding anything contained hereinabove:
(1) Our liability under this guarantee is limited to Rs. ……………. (in words & figures).
(2) This Bank Guarantee will be valid upto ………………….; and
P a g e 103 | 136
Vault Solution
(3) We are liable to pay the guarantee amount or any part thereof under this Bank Guarantee
only upon service of a written claim or demand by you on or before …………..
In witness whereof the Issuing Bank, through its authorised officer, has set its hand and stamp
on this…………….day of…………..20……….at…………
WITNESS
1 2
………………….… ………………….………
(Signature) (Signature)
………………………….. ………………....……………………….. (Name)

(Name)
………………………….. …………….…………………………..
(Official Address) (Official Address)
…………………………….. ……………………………………….
(Designation with Bank Stamp) (Designation with Bank Stamp)
Attorney as per Power of Attorney No…………….

Dated………………………………
58. Annexure K – Format for Bank Guarantee for EMD

P a g e 104 | 136
Vault Solution
BANK GUARANTEE FOR EMD

(To be Stamped in accordance with Stamp Act)
The non-judicial stamp paper should be in the name of issuing Bank
Ref……………….. Bank Guarantee No…………………......

Date………………………………………...
To
Post Office
Speed Post Centre Building
Market Road
India
Dear Sirs,
1. In accordance with Invitation to Bid under your Reference No……………………….,

M/s………………….., having its Registered/Head Office at……………………… (hereinafter called
the ‘Bidder’) wish to participate in the said Bid or……………………….. and you, as a special
favour have agreed to accept an irrevocable and unconditional Bank Guarantee for an
amount of………………… valid upto ……………… on behalf of Bidder in lieu of the Bid deposit
required to be made by the Bidder, as a condition precedent for participation in the said
Bid.
2. We, the …………………. Bank at ……………… (local address) having our Head office at
……………………….., guarantee and undertake to pay immediately on demand by India Post
Payments Bank, the amount of Rs. ……………………………………………………………………………………
…………………………………………………….. (in words & figures) without any reservation,
protest, demur and recourse. Any such demand made by the valid holder of this
Guarantee shall be conclusive and binding on us irrespective of any dispute or difference
raised by the Bidder.
3. This guarantee will not be discharged due to the change in the constitution of the issuing
Bank or the Supplier(s)/Service Provider(s).
4. Notwithstanding anything contained hereinabove:

(1) Our liability under this guarantee is limited to Rs. ……………. (in words & figures).
(2) This Bank Guarantee will be valid up to ………………….; and
P a g e 105 | 136
Vault Solution
(3) We are liable to pay the guarantee amount or any part thereof under this Bank
Guarantee only upon service of a written claim or demand by you on or before …………..
In witness whereof the Bank, through its authorised officer, has set its hand and stamp
on this…………….day of…………..20……….at…………
WITNESS
1 2
………………….… ………………….………
(Signature) (Signature)
………………………….. ………………....……………………….. (Name)

(Name)
………………………….. …………….…………………………..
(Official Address) (Official Address)
…………………………….. ……………………………………….
(Designation with Bank Stamp) (Designation with Bank Stamp)
Attorney as per Power of Attorney No…………….

Dated………………………………
P a g e 106 | 136
Vault Solution
59. Annexure L - eReverse Auction Instructions for Bidders.

1) Tender Cum Auction is a combination of Tender Followed by Auction
(Reverse Auction). It is also called as eRA.
2) In eRA, tendering process will be followed as per the instructions given in
NIT/Tender Documents. Subsequently, Reverse Auction will be conducted
amongst techno–commercially qualified / approved bidders after Opening
of Financial/Price Bids’ online. The Reverse Auction will be normally
initiated after Opening of Price Bids. There will be no participation fees for
Auction.
3) Only such bidders - who have been found techno-commercially qualified as
per requirements of the tender will be permitted to participate in the
Reverse Auction.
4) After opening of the price (financial) bids and System displays L1 price
based on either over all basis or item wise/lot basis automatically. Using
this system provided price, which would be auction start price (can be
changed, if required), procuring entity will create Reverse Auction and
publish the same.
5) The Techno-commercially qualified bidders will receive Auction information
through SMS & email. The participating bidders get an opportunity to revise
their prices (reduce in case of Reverse). It allows bidders multiple
opportunities to offer a price.
6) Procedure in submission of bids by the bidders during Reverse auction
online.
6.1 Bidders shall login using their login ID & Password and then using
DSC.
6.2 Click on My Auctions button given in left side of page, to view Action
details for which Techno-Commercially qualified.
P a g e 107 | 136
Vault Solution
6.3 For participating in Live Auction,

 Click on Live Auction Button.
 Click on View button to participate in interested Auction.
 There is List of qualified Lots in which Bidder can participate against
selected Auction. Click on Hammer Icon to participate in the
respective lot.
 On clicking Hammer Icon, system will show Start price, Decremental
price and Current price against lot. Current Price appears as Blank in
case no bidder has offered price.
 Enter your Price in ‘My Auction Price’ in multiples of decremental
value up to above (below) Max Seal % value, and then sign it digitally
by clicking on Sign Icon and Click on submit button.
 System will show your Latest Value / Price Quoted and system will
also show Least Amount/ Rate which any Bidder would have quoted.
7) Terms and conditions for Reverse Auction are as follows:
7.1 Reverse Auction will be initiated after opening of price bids. The
schedule of Reverse Auction shall be intimated to the bidders by the
system through their registered email and SMS to mobile number.
7.2 Only those bidders whose price bid has been opened by the Tender
Inviting Authority shall be eligible to participate in Reverse process.
However, in case of in Reverse Auction process, the H1 bidder whose
quote is highest during tender will not be allowed to participate as
per H1 elimination policy.
7.3 Bidders are advised to read the ‘Reverse Auction terms and
conditions’ details of Reverse Auction event carefully, before auction
event.
P a g e 108 | 136
Vault Solution
7.4 Reverse Auction can be held in two ways as indicated in the tender
either on the Total overall cost of items / works or on Item wise/ Lot
wise.
7.5 The ‘Starting price’ i.e. Start price and bid decrement price for
Reverse Auction will be decided by the Tender Inviting Authority.
7.6 Bidders shall be able to view the following on their screen along with
the necessary fields during Online Reverse Auction:
7.6.1 Current Bid Price in the Auction.
7.6.2 Start Price.
7.6.3 Decrement value.
7.7 The bidding direction in case of Reverse Auction is downward.
7.8 In case of Reverse Auction, in order to displace a standing lowest bid
and to become “L1”, a bidder can offer a minimum bid decrement or
in multiples of decremental value up to above Max Seal %.
For ex: Current price :- Rs. 49,000
Decrement value :- Rs. 1000 System Defined (As decided
by TIA)
Maximum Seal % :- 50, in this case a bidder
can quote minimum decrement amount as Rs 49,000-1000= Rs.
48,000 and maximum decrement amount is 49000-24500-
1000=23500=24000*.
(* - Indicates rounding off the amount in this example)
This continues as an iterative process.
7.9 The system will not disclose the name of the L1 bidder, number of
bids and names of the bidders on the portal to anybody prior to the
completion of Reverse auction process.
P a g e 109 | 136
Vault Solution
7.10 There shall be no communication between the Tender Inviting

Authority and bidders and among bidders.
7.11 Bidders only see the lowest bid during Reverse auction. At no point
of time will any bidder see the name of other bidders or the prices of
bidders other than the lowest bid.
7.12 After the completion of the online reverse auction, all bidders who
have participated in Reverse will see the L1 price in Auction and
further processing will be done by Tender Inviting Authority.
7.13 In case of no participation by techno-commercially qualified bidders
in Reverse Auction, the Tender price bids received during tender will
be processed.
7.14 In case of auction on total value of items / works, the successful
bidder may be required to submit a letter for price confirmation and
rates of individual items / works within stipulated number of days
after completion of Reverse Auction event, besides sending the same
by registered post / courier to the tender inviting authority.
7.15 Any variation between the final bid value during RA and that in the
confirmatory letter forwarded will be advised to re-work and submit.
7.16 Server time shall be the basis of Start Time and Closing time for
bidding and shall be binding for all.
7.17 All electronic bids submitted during the reverse auction process shall
be legally binding on the bidder.
7.18 The chronologically last bid submitted by the bidder till the end of
the auction will be considered as the valid price bid offered by the
bidder and acceptance of the same by Tender Inviting Authority will
form a binding contract between Tender Inviting Authority and the
bidder for entering into a contract.
P a g e 110 | 136
Vault Solution
7.19 The last successful bid price quoted by bidder will be considered as
valid price at any point of time during Auction.
7.20 If a bidder does not submit bid in the Reverse Auction, the price
quoted by them in the price bid shall be considered as the valid price
of that bidder. The status of the bidder (L1, L2 etc) shall be evaluated
considering either the bid price submitted in Reverse Auction or the
price quoted in the price bid, whichever is lower.
7.21 In case of disruption of service at the service provider’s end while the
Reverse Auction is live due to any technical snag or otherwise
attributable to the system failure at the server end, Tender Inviting
Authority in consultation with Application Administrator may decide
to extend auction if required as per system malfunction procedure
displayed in the home page of the website. In this case, the status
quo of Auction will be maintained prior to failure and process would
continue from that point onwards.
8) Post auction procedure: The Tender Inviting Authority will proceed with
the Lowest Bid in the Reverse Auction for further processing.
9) Schedule for Reverse Auction: The Reverse Auction schedule will be
intimated later on through e-mail and SMS after opening the price bid.
10) Auction extension time: If a bidder places a bid in the last {…} minutes of
closing of the Reverse Auction and if that bid gets accepted, then the
auction’s duration shall get extended automatically for another {…}
minutes, for the entire auction from the time that bid comes in. Please note
that the auto-extension will take place only if a bid comes in those last {…}
minutes and if that bid gets accepted as the lowest bid. If the bid does not
get accepted as the lowest bid, the auto-extension will not take place even
if that bid might have come in the last {…} minutes. In case, there is no bid
in the last {…} minutes of closing of Reverse Auction, the auction shall get
closed automatically without any extension. However, bidders are advised
P a g e 111 | 136
Vault Solution
not to wait till the last minute or last few seconds to enter their bid during
the auto-extension period to avoid complications related with internet
connectivity, network problems, system crash down, power failure, etc. The
above process will continue till ….…times extension is given during Reverse
Auction. All bidders, regardless of their previous position, can submit their
bid during the extension period also.
11) Bidding currency and unit of measurement: Bidding will be conducted in
Indian Rupees as indicated in the tender.
12) Validity of bids: Price shall be valid for a period of defined number of
months from the date of reverse auction. These shall not be subjected to
any change whatsoever.
13) Bidders’ bid will be taken as an offer to execute the work (or to award
supply of the item) as per enquiry no. {.................…} dt. {........…}. Bids once
made by the bidder, cannot be cancelled/ withdrawn and bidder shall be
bound to execute as mentioned above at bidder’s final bid price. Should
bidder back out and not execute the contract as per the rates quoted,
action shall be initiated as per the tender terms and conditions.
14) The Tender Inviting Authority decision on award of contract shall be final
and binding on all the Bidders.
15) The Tender Inviting Authority reserves the right to extend, reschedule or
cancel the Reverse Auction process at any time, before ordering, without
assigning any reason, with intimation to bidders.
16) The Tender Inviting Authority reserves the right to suspend or pause the
reverse auction, if required. In such cases, as per discretion of Tender
Inviting Authority, auction may be reopened.
17) The Tender Inviting Authority shall not have any liability to bidders for any
interruption or delay in access to the site irrespective of the cause. In such
P a g e 112 | 136
Vault Solution
cases, the decision of Tender Inviting Authority shall be binding on the

bidders.
18) The decrement value and Max Seal % value will be intimated to the
technically qualified bidders by TIA
19) Failure of power or loss of connectivity at the premises of bidders during
the Reverse auction cannot be the cause for not participating in the reverse
auction. On account of this, the time for the auction cannot be extended
and the organisation is not responsible for such eventualities.
20) Other terms and conditions shall be as per tender.
21) Bidder shall not divulge Bids or any other exclusive details of the
organisation to any other party. If the Bidder or any of its representatives
are found to be involved in Price manipulation/ cartel formation of any
kind, directly or indirectly by communicating with other bidders, action will
be taken against such bidders as per banning procedure of the
organisation.
22) Tender price bid (s) means the price bid (s) received during tendering for
the items/work/services.
23) Auction closing price bid means the lowest (highest) online price bid
received after the completion of Reverse Auction.
24) Training for reverse auction shall be provided by CPP and vensor shall have
to co-ordinate with CPP for the same.
P a g e 113 | 136
Vault Solution
60. Annexure L (A) - Compliance Statement – Reverse Auction

Compliance Statement cum Price confirmation letter – Reverse Auction
(To be submitted by all the bidders participating in Reverse Auction)
To,
The AGM -IT,
Corporate Office,
New Delhi- 110001.
DECLARATION
1. We (name of the company) hereby confirm having submitted our
bid for participating in Bank’s RFP dated_______
for procurement of .
2. We also confirm having read the terms of RFP as well as the Business Rules
relating to the Reverse Auction for this RFP process.
3. We hereby undertake and agree to abide by all the terms and conditions
stipulated by India Post Payments Bank in the RFP document including all
annexure and the Business Rules for Reverse Auction.
P a g e 114 | 136
Vault Solution
4. We shall participate in the on-line auction conducted by CPP Portal and

submit our commercial bid. We shall also abide by the procedures prescribed
for online auction by CPP portal.
5. We, hereby confirm that we will honor the Bids placed by us during the
auction process, failing which we shall forfeit the EMD. We also understand
that the bank may debar us from participating in future tenders.
6. We confirm having nominated Mr. __________________________
who is the holder of POA and designated as _____of our company to
participate in the Reverse Auction on behalf of the company. We undertake
that the company shall be bound by the bids made by him in the Reverse
Auction.
7. We undertake to submit the confirmation of last bid price by us to the Bank
within 24 working hours of the completion of event. We also undertake to
submit the Bill of Materials for the TCO (Total Cost of Ownership) in terms of
RFP.
Signature with company seal

Name of Company / Organization:
Designation within Company / Organization:
Address of Company / Organization:
Date:
Name of Authorized Representative:

Signature of Authorized Representative:
Verified above signature
P a g e 115 | 136
Vault Solution
Competent Authority Signature: Date:
61. Annexure M – Confidentiality / Non Disclosure Agreement

Non Disclosure Agreement
(To be stamped accordingly)
RFP No: IPPB/CO/IT/2020/05/CNS/09 Dated: XXXXXX
Sub: RFP for supply, Implementation and Maintenance of Aadhaar Data Vault Solution.
THIS AGREEMENT is made on this the <***> day of <***> 20--- at <***>, New Delhi.
BETWEEN
India Post Payments Bank Limited (CIN U74999DL2016GOI304561), having its Registered Office
at Post Office, Speed Post Centre Building, Market Road, New Delhi – 110001, (hereinafter
referred to as the “Payment Bank” or “Bank”, which expression shall unless repugnant to the
context thereof, include its successors, assigns) party of the First part;
AND
<***>, a ………………………….. incorporated under the ………………., having its registered office at
<***> (hereinafter referred to as the “…………….”, as the case may be (which expression shall,
unless the context otherwise requires, include its permitted successors and assigns), party of the
other part.
.
Each of the parties mentioned above are collectively referred to as the ‘Parties’ and individually
as a ‘Party’.
WHEREAS:
P a g e 116 | 136
Vault Solution
A. the ............................, is a ……………………… providing

…………………………………………………………………………………………………………………………………
………………….to the Payment Bank.
B. The Confidential Information shall at all times belong to the Party providing
(“Provider”) such information and shall be provided to the recipient Party
(“Recipient”) for the specific purposes of achieving the objects of the Service
Agreement.
C. The Parties are executing these presents to set out their understanding with regard
to the manner of dealing with the Confidential Information (as defined below).
NOW THEREFORE, in consideration of the mutual covenants, promises, assurances,

representations and provisions set forth herein, the Parties hereto agree as follows:
1. DEFINITIONS AND INTERPRETATION
1.1. Definitions
a) “Agreement” means this non-disclosure agreement, as amended from time to time, and
includes all recitals, schedules, annexures or exhibits annexed hereto.
b) “Agreed Purpose” mean the specific purpose for which the Provider has provided the
Confidential Information to the Recipient;
c) “Confidential Information” shall mean and includes, without limitation, any and all
information, data, knowledge, and know-how, whether pertaining to commercial, technical,
scientific, operational, administrative, financial, marketing or business affairs, or intellectual
property, or otherwise (in whatever form and however communicated) relating, directly or
indirectly, to the Provider, which the Provider or its employees, directors, officers, agents,
consultants etc., would have disclosed or delivered prior to the date of this Agreement, or is
disclosed or delivered after the date of this Agreement, to the Recipient or to any third party on
the request of the Recipient, in writing, electronically, verbally, or through visual means, either
with the disclaimer of confidentiality or not, or which the Recipient (or such third party) learns,
obtains or derives, orally, through observation or through analysis, interpretations, compilations,
studies, or evaluations of such information, data, knowledge, or know-how; for clarity, the
information, data, knowledge, and know-how includes, without limitation, those in the nature
of, or pertaining to, business plans, marketing and financial plans, strategy, projections, policy
details, client details, various products, details regarding pricing, technical know-how etc. in
respect of such products, and also the documents, registers, books, photographs, notes,
P a g e 117 | 136
Vault Solution
renderings, journals, notebooks, computer programs, computer readable video, audio or sound
files, and samples relating thereto;;
d) “Parties” means the Payment Bank and ............................ for the purposes of this
Agreement and “Party” shall be interpreted accordingly;
1.2. Interpretation
In this Agreement, unless otherwise specified:
(i) references to Clauses, Sub-Clauses, Paragraphs and Schedules are to clauses, sub-clauses,
paragraphs of and schedules to this Agreement;
(ii) use of any gender includes the other genders;
(iii) references to a ‘company’ shall be construed so as to include any company, corporation
or other body corporate, wherever and however incorporated or established;
(iv) references to a ‘person’ shall be construed so as to include any individual, firm, company,
government, state or agency of a state, local or municipal authority or government body or any
joint venture, association or partnership (whether or not having separate legal personality);
(v) a reference to any statute or statutory provision shall be construed as a reference to the
same as it may have been, or may from time to time be, amended, modified or re-enacted;
(vi) any reference to a ‘day’ (including within the phrase ‘business day’) shall mean a period
of 24 hours running from midnight to midnight;
(vii) references to a ’business day’ shall be construed as a reference to a day (other than 2 nd
and 4th Saturday, Sunday and other gazetted holidays) on which the Payment Bank is generally
open for business;
(viii) references to times are to Indian standard time;
(ix) a reference to any other document referred to in this Agreement is a reference to that
other document as amended, varied, novated or supplemented at any time; and
(x) all headings and titles are inserted for convenience only. They are to be ignored in the
interpretation of this Agreement.
2. TERM
P a g e 118 | 136
Vault Solution
This Agreement will remain in effect for ………….. years from the date of the last disclosure of
Confidential Information (“Term”), at which time it will terminate, unless extended by the
provider of information in writing.
3. USE OF THE CONFIDENTIAL INFORMATION; NON-DISCLOSURE
The Recipient hereby agrees that it shall use the Confidential Information only for the Agreed
Purpose. Further, the Recipient shall not, except with the prior written consent of the Provider
or in accordance with this Agreement disclose, transfer, or use, to its financial or monetary
advantage, any such Confidential Information. The obligation of the Recipient contained in this
Clause 3 shall not be limited in point in time save and except at such time as the exclusions
contained hereof become applicable in respect thereof as per Clause 2 hereof. Also, the
Recipient and its Representatives will not disclose to any person the fact that the Confidential
Information has been made available to it or its Representatives or that Confidential Information
has been provided by Provider to the Recipient and/or its representatives.
4. OBLIGATIONS OF THE RECEIVING PARTY

The Receiving Party shall:
(a) use the Confidential Information only for the Agreed Purpose and shall hold the
Confidential Information in confidence using the same degree of care as it normally exercises to
protect its own proprietary information, taking into account the nature of the Confidential
Information, and
(b) grant access to Confidential Information only to its employees on a “need to know basis”
and restrict such access as and when not necessary to carry out the Agreed Purpose.
(c) cause its employees to comply with the provisions of this Agreement;
(d) reproduce Confidential Information only to the extent essential to fulfilling the Agreed
Purpose, and
(e) prevent disclosure of Confidential Information to third parties;

(f) disclose the Confidential Information to its consultants/contractors on a need to know
basis; provided that by doing so, the Recipient agrees to bind such consultants/ contractors to
terms at least as restrictive as those stated herein. The Recipient upon making a disclosure under
this Clause shall:
P a g e 119 | 136
Vault Solution
(i) advise the consultants/contractors of the confidentiality obligations imposed on them by

this Clause.
(g) upon the Provider’s request, the Recipient shall either return to the Provider all
Confidential Information or shall certify to the Provider that all media containing Confidential
Information have been destroyed. Provided, however, that an archival copy of the Confidential
Information may be retained in the files of the Recipient’s counsel, solely for the purpose of
proving the contents of the Confidential Information.
(h) not to remove any Confidential Information from the premises of the Provider without
prior written approval of the Provider.
(i) exercise extreme care in protecting the confidentiality of any Confidential Information
which is removed, only with the Provider’s prior written approval, from the Provider’s premises.
Each Party agrees to comply with any and all terms and conditions the Provider may impose upon
any such approved removal, such as conditions that the removed Confidential Information and
all copies must be returned by a certain date, and that no copies are to be made off of the
premises.
(j) Upon the Provider’s request, the Recipient shall promptly return to the Provider all
tangible items containing or consisting of the Provider’s Confidential Information all copies
thereof.
The recipient of information agrees that the provider of information shall have the right to obtain
an immediate injunction enjoining any breach of this Agreement, as well as the right to pursue
any and all other rights and remedies available at law or in equity for such a breach.
5. EXCEPTIONS TO CONFIDENTIAL INFORMATION
The foregoing restrictions on each party's use or disclosure of Confidential Information shall not
apply to the Confidential Information that the Recipient can demonstrate that such Confidential
Information:
(a) was independently developed by the Recipient; or
(b) has become generally available to the public without breach of confidentiality obligations
of the Recipient; or
(c) was in the Recipient's possession without restriction or was known by the Recipient
without restriction at the time of disclosure; or
P a g e 120 | 136
Vault Solution
(d) is the subject of a subpoena or other legal or administrative demand for disclosure;
provided, however, that the Recipient has given the Provider prompt notice of such demand for
disclosure and the Recipient reasonably cooperates with the Provider's efforts to secure an
appropriate protective order; or
(e) is disclosed with the prior consent of the Provider; or
(f) was in its possession or known to it by being in its use or being recorded in its files or
computers or other recording media prior to receipt from the Provider and was not previously
acquired by the Recipient from the Provider under an obligation of confidence; or
(g) the Recipient obtains or has received such information from a source other than the
Provider without breach by the Recipient or such source of any obligation of confidentiality or
non-use towards the Provider.
6. OWNERSHIP OF THE CONFIDENTIAL INFORMATION
(a) Each Party recognizes and agrees that all of the Provider’s Confidential Information is
owned solely by the Provider (or its licensors) and that the unauthorized disclosure or use of such
Confidential Information would cause irreparable harm and significant injury, the degree of
which may be difficult to ascertain.
(b) By disclosing the Confidential Information or executing this Agreement, the Provider does
not grant any license, explicitly or implicitly, under any trademark, patent, copyright, mask work
protection right, trade secret or any other intellectual property right. The Provider disclaims all
warranties regarding the information, including all warranties with respect to infringement of
intellectual property rights and all warranties as to the accuracy or utility of such information.
(c) Access to Confidential Information hereunder shall not preclude an individual who has
seen such Confidential Information for the purposes of this Agreement from working on future
projects for the Provider which relate to similar subject matters, provided that such individual
does not make reference to the Confidential Information and does not copy the substance of the
Confidential Information during the Term. Furthermore, nothing contained herein shall be
construed as imposing any restriction on the Recipient's disclosure or use of any general learning,
skills or know-how developed by the Recipient's personnel under the Service Agreement.
(d) Execution of this Agreement and the disclosure of Confidential Information pursuant to
this Agreement do not constitute or imply any commitment, promise, or inducement by either
Party to make any purchase or sale, or to enter into any additional agreement of any kind.
7. Governing Law & Jurisdiction
P a g e 121 | 136
Vault Solution
This Agreement, the relationship between the Parties and all rights and obligations arising from
any act done or required to be done under this Agreement and the terms herein shall be
governed by and construed in accordance with the laws of India. Subject to Clause 8 below, the
courts at New Delhi, India shall have exclusive jurisdiction over the subject matter.
8. DISPUTE RESOLUTION
(a) If any disputes or differences (“Dispute”) arise between the Parties hereto as to the
interpretation or the performance of this Agreement (except proceedings for urgent
interlocutory relief) the Party claiming that a Dispute has arisen must give the other parties to
the Dispute notice setting out details of the Dispute.
(b) If the parties cannot resolve the Dispute within 14 days from the date of receipt of notice
then such Dispute arising between the parties to this Contract shall be referred to a sole
arbitrator to be appointed by mutual consent of both the parties herein. If the parties cannot
agree on the appointment of the arbitrator within a period of one month from the notification
by a party to the other of existence of such Dispute, then the Arbitrator shall be appointed
consent of both the parties to this agreement. The provisions of the Arbitration and Conciliation
Act, 1996 will be applicable and the award made there under shall be final and binding upon the
parties hereto, subject to legal remedies available under the law. Such differences shall be
deemed to be a submission to arbitration under the Indian Arbitration and Conciliation Act, 1996,
or of any modifications, Rules or re-enactments thereof. The seat and venue of arbitrations shall
be New Delhi and the language of arbitration shall be English.
9. MODIFICATION / AMENDMENT
No modification, amendment, or other change in this Agreement will be binding on any Party
unless consented to in writing to by both Parties.
10. WAIVER
Waiver including partial or conditional waiver, by either Party of any default by the other Party
in the observance and performance of any provision of or obligations under this Agreement:-
(a) shall be in writing
(b) shall not operate or be construed as a waiver of any other or subsequent default hereof
or of other provisions of or obligations under this Agreement;
(c) shall be executed by a duly authorized representative of the Party; and
(d) shall not affect the validity or enforceability of this Agreement in any manner.
P a g e 122 | 136
Vault Solution
11. EXCLUSION OF IMPLIED WARRANTIES

This Agreement expressly excludes any warranty, condition or other undertaking implied at law
or by custom or otherwise arising out of any other agreement, except the service agreement, if
any, executed between the Parties or any representation by either Party not contained in a
binding legal agreement executed by both Parties.
12. ENTIRE AGREEMENT

This Agreement constitute a complete and exclusive statement of the terms of the agreement
between the Parties on the subject hereof, and no amendment or modification hereto shall be
valid and effective unless such modification or amendment is agreed to in writing by the Parties
and duly executed by persons especially empowered in this behalf by the respective Parties. All
prior written or oral understandings, offers or other communications of every kind pertaining to
this Agreement are abrogated and withdrawn.
13. SEVERABILITY
If for any reason whatever, any provision of this Agreement is or becomes invalid, illegal or
unenforceable or is declared by any court of competent jurisdiction or any other instrumentality
to be invalid, illegal or unenforceable, the validity, legality or enforceability of the remaining
provisions shall not be affected in any manner, and the Parties shall negotiate in good faith with
a view to agreeing to one or more provisions which may be substituted for such invalid,
unenforceable or illegal provisions, as nearly as is practicable to such invalid, illegal or
unenforceable provision. Failure to agree upon any such provisions shall not be subject to the
dispute resolution procedure set forth under this Agreement or otherwise.
14. NO PARTNERSHIP
This Agreement shall not be interpreted or construed to create an association, joint venture or
partnership between the Parties, or to impose any partnership obligation or liability upon either
Party, and neither Party shall have any right, power or authority to enter into any agreement or
undertaking for, or act on behalf of, or to act as or be an agent or representative of, or to
otherwise bind, the other Party except as expressly provided under the terms of this Agreement.
15. THIRD PARTIES

This Agreement is intended solely for the benefit of the Parties and their respective successors
and permitted assigns, and nothing in this Agreement shall be construed to create any duty to,
standard of care with reference to, or any liability to, any person not a Party to this Agreement.
16. SUCCESSORS AND ASSIGNS
P a g e 123 | 136
Vault Solution
The Agreement shall be binding on and shall inure to the benefit of the Parties and their
respective successors and permitted assigns.
17. NOTICES
Any notice or other communication to be given by any Party to the other Party under or in
connection with the matters contemplated by this Agreement shall be in writing and shall be
given by hand delivery, recognized courier, registered post, email or facsimile transmission and
delivered or transmitted to the Parties at their respective addresses set forth below:
If to the Payment Bank:

India Post Payments Bank Ltd.,
Corporate Office, 2nd Floor,
Speed Post Centre, Bhaai Veer Singh Marg,
Market Road, New Delhi-110001
If to the ............................:
Attn. <***>
Phone: <***>
Fax No. <***>
18. LANGUAGE
All notices required to be given by one Party to the other Party and all other communications,
documentation and proceedings which are in any way relevant to this Agreement shall be in
writing and in the English language.
19. COUNTERPARTS
This Agreement may be executed in counterparts, each of which, when executed and delivered,
shall constitute an original of this Agreement.
20. DAMAGES:
a) Both parties acknowledge that the Confidential Information coming to the knowledge of
the other may relate to and/or have implications regarding the business activities,
methods, processes and or information of the parties, which afford them certain
competitive and strategic advantage of the Disclosing Party.
P a g e 124 | 136
Vault Solution
b) The provisions of this Agreement are necessary for the protection of the business goodwill
of the parties and are considered by the parties to be reasonable for such purposes. Both
the parties agree that any breach of this Agreement will cause substantial and irreparable
damages to the other party and, therefore, in the event of such breach, in addition to
other remedies, which may be available, the party violating the terms of Agreement shall
be liable for the entire loss and damages on account of such disclosure.
c) Each party agrees to indemnify the other against loss suffered due to breach of contract
and undertakes to make good the financial loss caused directly or indirectly by claims
brought about by its customers or by third parties.
d) The parties hereto acknowledge and agree that in the event of a breach or threatened
breach by the other of the provisions of this Agreement, the party not in breach will have
no adequate remedy in money or damages and accordingly the party not in breach shall
be entitled to injunctive relief against such breach or threatened breach by the party in
breach.
21. MITIGATION
Without prejudice to any express provisions of this Agreement on any mitigation obligations of
the Parties, each of the Payment Bank and the ……………… shall at all times take all reasonable
steps to minimize and mitigate any loss for which the relevant Party is entitled to bring a claim
against the other Party pursuant to this Agreement.
22. REMOVAL OF DIFFICULTIES
The Parties acknowledge that it is conceivable that the Parties may encounter difficulties or
problems in the course of implementation of the Project and the transactions envisaged under
this Agreement. The Parties agree and covenant that they shall mutually discuss such difficulties
and problems in good faith and take all reasonable steps necessary for removal or resolution of
such difficulties or problems.
IN WITNESS WHEREOF THE PARTIES HAVE EXECUTED AND DELIVERED THIS AGREEMENT AS OF
THE DATE FIRST ABOVE WRITTEN.
P a g e 125 | 136
Vault Solution
( ) ( )
Signed
Payment Bank Signed
For and on behalf of the For and on behalf of the
India Post Payments Bank Limited (Company name)

By: _(signature)_ By: _(signature)_
(Name and designation)_ (Name and designation)_
An authorised signatory duly nominated
pursuant to Board Resolution No. dated of
the ............................
Witness:
1. 1.
1. 2.
P a g e 126 | 136
Vault Solution
62. Annexure N – Bid Query Format

Bidders have to provide their queries on eligibility criteria, scope of work, terms & conditions etc. in
excel format as mentioned below. Bidders are requested to categorize their queries under appropriate
headings. Bidders are requested to provide a reference of the page number, state the clarification point
and the queries/suggestion/deviation that they propose as shown below (all the pre bid queries will be
entertained in this Microsoft Excel format by e-mail):
Bidder Clause no Page no. Clause Query Bank

Name Response
Place:
Date:
Name & Designation: Business Address: Email Address: Mobile Number:
P a g e 127 | 136
Vault Solution
63. Annexure O - Undertaking By Bidder
To: Date:
The AGM -IT, India Post Payments Bank, Corporate Office,
New Delhi- 110001.
Undertaking (To be submitted by all Bidders’ on their letter head)
We (bidder name), hereby undertake that-
 As on date of submission of tender, we are not blacklisted by the Central

Government / any of the State Governments / PSUs in India or any Financial
Institution in India.
 We also undertake that, we are not involved in any legal case that may affect the
solvency / existence of our firm or in any other way that may affect capability to
provide / continue the services to bank.
Yours faithfully,
Authorized Signatories
(Name, Designation and Seal of the
Company) Date: Place:
64. Annexure P - Undertaking of Information Security

P a g e 128 | 136
Vault Solution
(This letter should be on the letterhead of the bidder as well as the OEM/OSD duly signed by an
authorized signatory on Information security as per regulatory requirement)
To: Date:
The AGM-IT, India Post Payments Bank, Corporate Office,
New Delhi- 110001.
Sir,
Subject: Request for Proposal (RFP) for Supply, Implementation and Maintenance of
Aadhaar Data Vault Solution at DC & DR
We hereby undertake that the proposed solution / software to be supplied will be free of
malware, free of any obvious bugs and free of any covert channels in the code (of the
version of the application being delivered as well as any subsequent
versions/modifications done)
Yours faithfully,
Authorized Signatory Name:

Designation:
Vendor’s Corporate
Name: Address:
Email and Phone #:
65. Annexure Q - Letter for Refund of EMD

LETTER FOR REFUND OF EMD
(To be submitted by the unsuccessful bidders)
P a g e 129 | 136
Vault Solution
Date:
The AGM -IT,

Corporate Office,
New Delhi- 110001.
We (Company Name) had participated in the RFP for Supply,
Implementation and Maintenance of Aadhaar Data Vault Solution at DC & DR and we are an
unsuccessful bidder.
Kindly refund the EMD submitted for participation. Details of EMD submitted are as follows
Sr. No Bidder Name Cheque / DD Drawn on (Bank Amount(Rs)

Number Name
Bank details to which the money needs to be credited via NEFT are as follows
1. Name of the Bank with Branch

2. Account Type
3. Account Title
4. Account Number
5. IFSC Code
Sign
Name of the signatory: Designation: Company Seal:
66. Annexure R - Know Your Employee (KYE)

(To be submitted by all bidders on their letter head)
To
The AGM -IT, India Post Payments Bank, Corporate Office,
P a g e 130 | 136
Vault Solution

New Delhi- 110001072
UNDERTAKING
1. We (name of the company) hereby confirm that all the resource

(both on-site and off-site) deployed/to be deployed on Bank’s project for
(Name of the RFP) have undergone KYE (Know Your Employee) process and requisite checks
have been performed prior to employment of said employees as per our policy.
2. We further undertake and agree to save defend and keep harmless and indemnified
the Bank against all loss, cost, damages, claim penalties expenses, legal liability
because of non compliance of KYE and of misconduct of the employee deployed by
us to the Bank.
3. We further agree to submit the required supporting documents (Process of screening,

Background verification report, police verification report, character certificate, ID
card copy, Educational document, etc) to Bank before deploying officials in Bank
premises for (Name of the RFP).”
Signature of Competent Authority with company seal

Name
of Competent Authority
Company / Organization
Designation within Company / Organization

Date
Name of Authorized Representative
Designation of Authorized Representative

Signature of Authorized Representative
P a g e 131 | 136
Vault Solution
Verified above signature

Signature of Competent Authority Date:
67. Annexure S – Power of Attorney for signing of Application

Power of Attorney for signing of Application
(To be submitted on a INR 100 Stamp Paper only)
RFP No and Date : IPPB/CO/IT/2020/05/CNS/09 Dated………
RFP Name:- __________________________________
To,
The Asstt General Manager (IT)
IPPB, 2nd Floor, Speed Post Center, Bhai Veer Singh Marg, Gole Market
Know all men by these presents, we…………………………………………….. (name of the firm and address
of the registered office) do hereby irrevocably constitute, nominate, appoint and authorize Mr/
Ms (name), …………………… son/daughter/wife of ……………………………… and presently residing at
…………………., who is presently employed with us (the “Bidder Name”) and holding the position of
……………………………. , as our true and lawful attorney (hereinafter referred to as the “Attorney”)
to do in our name and on our behalf, all such acts, deeds and things as are necessary or required
P a g e 132 | 136
Vault Solution
in connection with or incidental to submission of our application for pre-qualification and

submission of our bid for the Network Connectivity Project proposed by the India Post Payments
Bank (the “Authority”) including but not limited to signing and submission of all applications, bids
and other documents and writings, participate in pre-applications and other conferences and
providing information/ responses to the Authority, representing us in all matters before the
Authority, signing and execution of all contracts and undertakings consequent to acceptance of
our bid, and generally dealing with the Authority in all matters in connection with or relating to
or arising out of our bid for the said Project and/ or upon award thereof to us and/or till the
entering into of the agreement with the Authority.
AND we hereby agree to ratify and confirm and do hereby ratify and confirm all acts, deeds and
things done or caused to be done by our said Attorney pursuant to and in exercise of the powers
conferred by this Power of Attorney and that all acts, deeds and things done by our said Attorney
in exercise of the powers hereby conferred shall and shall always be deemed to have been done
by us.
IN WITNESS WHEREOF WE, …………………………., THE ABOVE NAMED OF ………….
For
Authorized Signature:
Authorized Signatory Name:
Title of Signatory:
Address:
Witnesses:
1.
P a g e 133 | 136
Vault Solution
2.
Accepted
Attorney’s Signature:
Attorney’s Name:
Attorney’s Title:
Address:
Notes:
1. The mode of execution of the Power of Attorney should be in accordance with the procedure,
if any, laid down by the applicable law and the charter documents of the executant(s) and
when it is so required, the same should be under common seal affixed in accordance with
the required procedure
2. Wherever required, the Applicant should submit for verification the extract of the charter
documents and documents such as a board or shareholders’ resolution/ power of attorney in
favour of the person executing this Power of Attorney for the delegation of power hereunder
on behalf of the Applicant
3. For a Power of Attorney executed and issued overseas, the document will also have to be
legalized by the Indian Embassy and notarized in the jurisdiction where the Power of
Attorney is being issued.
4. However, the Power of Attorney provided by Applicants from countries that have signed The
Hague Legislation Convention 1961 are not required to be legalized by the Indian Embassy if
it carries a conforming Apostille certificate.
P a g e 134 | 136
Vault Solution
Date:
Place:
68. Annexure T Signed RFP Document

Signed RFP Document
(To be submitted on company letterhead)
RFP No: IPPB/CO/IT/2020/05/CNS/09 Dated: XXXXXX
Sub: RFP for Supply, Implementation and Maintenance of Aadhaar Data Vault Solution.
To,
Asstt. General Manager (IT)
IPPB, 2nd Floor, Speed Post Center, Bhai Veer Singh Marg, Gole Market
Dear Sir,
The signed copy of RFP is attached.
Yours faithfully
(Authorized signatory and company stamp)

Full name and Designation of authorized signatory
P a g e 135 | 136
Vault Solution
Place:
Date:
P a g e 136 | 136

2020 - IPPB - 561753 - 1 - RFP Document

Hochgeladen von

Dokumentinformationen

Originaltitel

Copyright

Verfügbare Formate

Dieses Dokument teilen

Dokument teilen oder einbetten

Freigabeoptionen

Stufen Sie dieses Dokument als nützlich ein?

Sind diese Inhalte unangemessen?

Copyright:

Verfügbare Formate

2020 - IPPB - 561753 - 1 - RFP Document

Hochgeladen von

Copyright:

Verfügbare Formate

RFP for Supply, Implementation and Maintenance of Aadhaar Data

Request for Proposal (RFP) for

India Post Payments Bank

New Delhi- 110001

GENERAL INSTRUCTIONS TO BIDDERS

Invitation for Request for Proposal (RFP)

Name of the company India Post Payments Bank Limited

Designation: Senior Manager

Common terms of reference / definition

Across the document the term

AES Advanced Encryption System

ADV Aadhaar Data Vault

API Application Program Interface

ASA Authentication Service Agency

DFS Department of Financial Services

EMD Earnest Money Deposit

FIPS Federal Information Processing Standard

GUI Graphical User Interface

HSM Hardware Security Module

IBA Indian Bank’s Association

IDRBT Institute of Development and Research in Banking

KSA KYC Service Agency

NABARD National Bank for Agriculture and Rural Development

NDA Non-Disclosure Agreement

NSIC National Small Industries Corporation

NPCI National Payments Corporation of India

PSB Public Sector Bank

PSU Public Sector Undertaking

PBG Performance Bank Guarantee

PDF Portable Document Format

RPO Recovery Point Objective

RTO Recovery Time Objective

SLA Service Level Agreement

SOP Standard Operating Procedure

TCO Total Cost of Ownership

TPS Transactions per Second

IPPB India Post Payments Bank

UID Unique Identification

UIDAI Unique Identification Authority of India

2. Integrity Pact (IP) .......................................................................................................................... 10

18. Contract Period ......................................................................................................................... 42

48. Annexure D - Eligibility Criteria................................................................................................... 73

2. Integrity Pact (IP)

1. Mr. Ashok Vishwanath Subhedar

2. Mr. Pradeep Kumar Jajoria

3. Objectives of the RFP

4. Invitation of Tender Bids

All documentary evidence/certificates confirming compliance to eligibility criteria should be part of

6. Broad Scope of Work

6.12.6.1. Storing Aadhaar number with a reference key

6.12.6.2. Retrieving Aadhaar number based on reference key

6.12.6.3. Updating the status of Aadhaar number

Peak Business Transactions Per Second (TPS) Projections

2019-20 2020-21 2021-22 2022-23 2023-24

1100 1400 1700 2000 2300

8.2. Project Management

8.3. Implementation Plan and Schedule

Sr.No Activities Duration

Delivery and installation of Hardware at DC and DR site.

Installation, Customization, if any & Implementation of

3. User Acceptance Test, Migration of data, if any and

4. Full Project implementation/documentation/ training and

9. Instructions for Bid Submission: