Capital One 2009 Annual Report Download - page 25

Download and view the complete annual report

Please find page 25 of the 2009 Capital One annual report below. You can navigate through the pages in the report by either clicking on the pages listed below, or by using the keyword search tool below to find specific information within the annual report.

Page out of 209

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
  • 115
  • 116
  • 117
  • 118
  • 119
  • 120
  • 121
  • 122
  • 123
  • 124
  • 125
  • 126
  • 127
  • 128
  • 129
  • 130
  • 131
  • 132
  • 133
  • 134
  • 135
  • 136
  • 137
  • 138
  • 139
  • 140
  • 141
  • 142
  • 143
  • 144
  • 145
  • 146
  • 147
  • 148
  • 149
  • 150
  • 151
  • 152
  • 153
  • 154
  • 155
  • 156
  • 157
  • 158
  • 159
  • 160
  • 161
  • 162
  • 163
  • 164
  • 165
  • 166
  • 167
  • 168
  • 169
  • 170
  • 171
  • 172
  • 173
  • 174
  • 175
  • 176
  • 177
  • 178
  • 179
  • 180
  • 181
  • 182
  • 183
  • 184
  • 185
  • 186
  • 187
  • 188
  • 189
  • 190
  • 191
  • 192
  • 193
  • 194
  • 195
  • 196
  • 197
  • 198
  • 199
  • 200
  • 201
  • 202
  • 203
  • 204
  • 205
  • 206
  • 207
  • 208
  • 209

12
We believe that our account management and loss allowance practices are prudent and appropriate and, therefore, consistent with the
Guidance. We caution, however, the Guidance provides wide discretion to bank regulatory agencies in the application of the Guidance
to any particular institution and its account management and loss allowance practices. Accordingly, under the Guidance, bank
examiners could require changes in our account management or loss allowance practices in the future, and such changes could have an
adverse impact on our financial condition or results of operation.
Privacy and Fair Credit Reporting
The Gramm-Leach-Bliley Act (“GLBA”) requires a financial institution to describe in a privacy notice certain of its privacy and data
collection practices and requires that customers or consumers, before their nonpublic personal information is shared with nonaffiliated
third parties, be given a choice (through an opt-out notice) to limit the sharing of such information about them with nonaffiliated third
persons unless the sharing is required or permitted under the GLBA as implemented. The Company and the Banks have written
privacy notices that are available through the website of the Company, the relevant legal entity, or both, and are delivered to
consumers and customers when required under the GLBA. In accordance with the privacy notices noted above, the Company and the
Banks protect the security of information about their customers, educate their employees about the importance of protecting customer
privacy, and allow their customers to remove their names from the solicitation lists they use and share with others to the extent they
use or share such lists. The Company and the Banks require business partners with whom they share such information to have
adequate security safeguards and to abide by the redisclosure and reuse provisions of the GLBA. To the extent that the GLBA and the
FCRA require the Company or one or more of the Banks to provide customers and consumers the opportunity to opt out of sharing
information, then the relevant entity or entities provide such options in the privacy notice. In addition to adopting federal requirements
regarding privacy, the GLBA also permits individual states to enact stricter laws relating to the use of customer information. To date,
at least California and Vermont have done so by statute, regulation or referendum, and other states may consider proposals which
impose additional requirements or restrictions on the Company and/or the Banks. If the federal or state regulators of the financial
subsidiaries establish further guidelines for addressing customer privacy issues, the Company and/or one or more of the Banks may
need to amend their privacy policies and adapt their internal procedures.
Under Section 501(b) of the GLBA, among other sources of statutory authority, including state law, the Banks and the Company are
required to observe various data security-related requirements, including establishing information security and data security breach
response programs and properly authenticating customers before processing or enabling certain types of transactions or interactions.
The failure to observe any one or more of these requirements could subject the Banks or the Company to enforcement action or
litigation.
Like other lending institutions, the Banks utilize credit bureau data in their underwriting activities. Use of such data is regulated under
the FCRA on a uniform, nationwide basis, including credit reporting, prescreening, sharing of information between affiliates, and the
use of credit data. The Fair and Accurate Credit Transactions Act of 2003 (the “FACT Act”), which was enacted by Congress and
signed into law in December 2003, extends the federal preemption of the FCRA permanently, although the law authorizes states to
enact identity theft laws that are not inconsistent with the conduct required by the provisions of the FACT Act. If financial institutions
and credit bureaus fail to alleviate the costs and consumer frustration associated with the growing crime of identity theft, financial
institutions could face increased legislative/regulatory and litigation risks.
Investment in the Company and the Banks
Certain acquisitions of capital stock may be subject to regulatory approval or notice under federal or state law. Investors are
responsible for ensuring that they do not, directly or indirectly, acquire shares of capital stock of the Company in excess of the amount
which can be acquired without regulatory approval. Each of the Banks is an “insured depository institution” within the meaning of the
Change in Bank Control Act. Consequently, federal law and regulations prohibit any person or company from acquiring control of the
Corporation without, in most cases, prior written approval of the Federal Reserve or the OCC, as applicable. Control is conclusively
presumed if, among other things, a person or company acquires more than 25% of any class of voting stock of the Company. A
rebuttable presumption of control arises if a person or company acquires more than 10% of any class of voting stock and is subject to
any of a number of specified “control factors” as set forth in the applicable regulations. Additionally, COBNA and CONA are “banks”
within the meaning of Chapter 13 of Title 6.1 of the Code of Virginia governing the acquisition of interests in Virginia financial
institutions (the “Financial Institution Holding Company Act”). The Financial Institution Holding Company Act prohibits any person
or entity from acquiring, or making any public offer to acquire, control of a Virginia financial institution or its holding company
without making application to, and receiving prior approval from, the Bureau of Financial Institutions.