A Reporting Entity must establish effective arrangements to deny access to Inside Information to Persons other than those who require it for the exercise of their functions within the Reporting Entity.