(a) The PC Postage customer is permitted to make payments for postage in one of two ways: Automated clearinghouse (ACH) transfer or credit card.
(b) The provider must make payments on behalf of the customer to the Postal Service in accordance with contractual and/or regulatory responsibilities.
(c) The Postal Service requires that the provider publicize to all PC Postage customers the following payment options (listed in order of preference):
(1) Automated clearinghouse (ACH) debits/credits.
(2) Credit cards.
(d) Returned ACH debits are the responsibility of the Postal Service. The RC must lock the customer account immediately so that the customer is unable to reset the account until the Postal Service receives payment in full.
(e) Refunds. The provider issues a refund to a customer for any unused postage in a Postage Evidencing System. After verification by the Postal Service, the provider will be reimbursed by the Postal Service for the individual refunds provided to customers by the provider.
(f) Security and Revenue Protection. To receive Postal Service approval to continue to operate PC Postage systems, the provider must submit to a periodic examination of its PC Postage system and any other applications and technology infrastructure that may have a material impact on Postal Service revenues, as determined by the Postal Service. The examination shall be performed by a qualified, independent audit firm and shall be conducted in accordance with the Statements on Standards for Attestation Engagements (SSAEs) No. 16, Service Organizations, developed by the American Institute of Certified Public Accountants (AICPA), as amended or superseded. Expenses associated with such examination shall be incurred by the provider. The examination shall include testing of the operating effectiveness of relevant provider internal controls (SOC1 Type II SSAE 16 Report). If the service organization uses another service organization (sub-service provider), Postal Service management should consider the nature and materiality of the transactions processed by the sub-service organization and the contribution of the sub-service organization's processes and controls in the achievement of the Postal Service's control objectives. The Postal Service should have access to the sub-service organization's SOC 1 Type II SSAE 16 report. The control objectives to be covered by the SOC 1 Type II SSAE 16 report are subject to Postal Service review and approval, and are to be provided to the Postal Service 30 days prior to the initiation of each examination period. As a result of the examination, the service auditor shall provide the provider and the Postal Service with an opinion on the design and operating effectiveness of the internal controls related to the PC Postage system, and any other applications and technology infrastructure considered material to the services provided to the Postal Service by the provider. Such examinations are to be conducted on no less than an annual basis, and are to be as of and for the 12 months ended June 30 of each year (except for new contracts for which the examination period will be no less than the period from the contract date to the following June 30, unless otherwise agreed to by the Postal Service). The examination reports are to be provided to the Postal Service by August 15 of each year. To the extent that internal control weaknesses are identified in a SOC 1 Type II SSAE 16 report, the Postal Service may require the remediation of such weaknesses, and review working papers and engage in discussions about the work performed with the service auditor. The Postal Service requires that all remediation efforts (if applicable) are completed and reported by the provider prior to the Postal Service's fiscal year end (September 30). In addition, the provider will be responsible for performing an examination of their internal control environment related to the PC Postage system and any other applications and technology infrastructure considered material to the services provided to the Postal Service by the provider, in particular, disclosing changes to internal controls for the period of July 1 to September 30. This examination should be documented and submitted to the Postal Service by October 14. The provider will be responsible for all costs related to the examinations conducted by the service auditor and the provider.
(g) Inspection of records and facilities. The provider must make its facilities, which handle the operation of the PC Postage system and all records about the operation of the system, available for inspection by representatives of the Postal Service at all reasonable times.
(h) To the extent that the customer maintains funds on deposit for the payment of postage, the provider is required to incorporate the following language into its agreements with PC Postage customers:
Acknowledgment of Deposit Requirement--PC Postage
By signing this agreement with the provider, you represent that you have read the Acknowledgment of Deposit Requirement--PC Postage and are familiar with its terms. You agree that, upon execution of this agreement with the provider, you will also be bound by all terms and conditions of the Acknowledgment of Deposit Requirement--PC Postage, as it may be amended from time to time. [72 FR 33163, June 15, 2007, as amended at 75 FR 56472, Sept. 16, 2010; 79 FR 10995, Feb. 27, 2014]