This CME Group Data Services Advisory Notice is being issued on January 31, 2024, to remind Licensees and Subscribers to CME
Group Information (“Information”) of their obligation to maintain effective Internal Controls as it relates to access of Information
pursuant to CME Group’s Information Policies, Information License Agreement (“ILA”) (and its Schedules) and Subscriber Addendum.

CME Group requires all Licensee Group and Subscriber Group entities to have and to maintain, at all times, effective Internal
Controls and, as part of having effective Internal Controls, use an entitlement system that manages entitlement, access and
distribution of Information. Internal Controls must be able to monitor and control the downstream flow of Information from each
data feed point to all applications, application users, and recipient Devices within a Licensee Group or Subscriber Group entity.
These systems must ensure that only those applications, solutions, the application users, and their Devices that are entitled and
licensed to receive access to the Information can do so. Access to Information that is not otherwise governed by effective Internal
Controls is strictly prohibited. Read the full release here.