Dollar General 2014 Annual Report Download - page 92

Download and view the complete annual report

Please find page 92 of the 2014 Dollar General annual report below. You can navigate through the pages in the report by either clicking on the pages listed below, or by using the keyword search tool below to find specific information within the annual report.

Page out of 180

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
  • 115
  • 116
  • 117
  • 118
  • 119
  • 120
  • 121
  • 122
  • 123
  • 124
  • 125
  • 126
  • 127
  • 128
  • 129
  • 130
  • 131
  • 132
  • 133
  • 134
  • 135
  • 136
  • 137
  • 138
  • 139
  • 140
  • 141
  • 142
  • 143
  • 144
  • 145
  • 146
  • 147
  • 148
  • 149
  • 150
  • 151
  • 152
  • 153
  • 154
  • 155
  • 156
  • 157
  • 158
  • 159
  • 160
  • 161
  • 162
  • 163
  • 164
  • 165
  • 166
  • 167
  • 168
  • 169
  • 170
  • 171
  • 172
  • 173
  • 174
  • 175
  • 176
  • 177
  • 178
  • 179
  • 180

10-K
Any failure to maintain the security of information we hold relating to our customers, employees and
vendors, whether as a result of cybersecurity attacks or otherwise, could expose us to litigation, government
enforcement actions and costly response measures, and could materially disrupt our operations and harm our
reputation.
In connection with sales, we transmit confidential credit and debit card information. We also have
access to, collect or maintain certain private or confidential information regarding our customers,
employees and vendors, as well as our business. We have procedures and technology in place to
safeguard such data and information. To our knowledge, computer hackers have not gained significant
access to the information stored in, or otherwise gained access to, our information and technology
systems. However, cyberattacks are rapidly evolving and becoming increasingly sophisticated.
Additionally, under certain circumstances, we may share information with vendors that assist us in
conducting our business, as required by law, or with the permission of the individual. While we have
implemented procedures to protect our information and require appropriate controls of our vendors, it
is possible that computer hackers and others might compromise our security measures or those of our
technology and other vendors in the future and obtain the personal information of our customers,
employees and vendors that we hold or our business information.
Because we accept debit and credit cards for payment, we are subject to the Payment Card
Industry Data Security Standards (‘‘PCI DSS’’), issued by the Payment Card Industry Security
Standards Council. PCI DSS contains compliance guidelines and standards with regard to our security
surrounding the physical and electronic storage, processing, and transmission of cardholder data.
Complying with PCI DSS standards and implementing related procedures, technology and information
security measures requires significant resources and ongoing attention. Even if we comply with PCI
DSS standards, we may be vulnerable to, and unable to detect and appropriately respond to, data
security breaches and data loss, including cyber-security attacks or other breach of cardholder data.
A security breach of any kind, which could be undetected for a period of time, or any failure by us
to comply with the applicable privacy and information security laws, regulations and standards could
expose us to risks of data loss, litigation, government enforcement actions and costly response measures
(including, for example, credit monitoring services for affected customers, as well as further upgrades to
our security measures) which may not be covered by our insurance policies, and could materially
disrupt our operations. Any resulting negative media attention and publicity could significantly harm
our reputation which could cause us to lose market share as a result of customers discontinuing the use
of debit or credit cards in our stores or not shopping in our stores altogether and could have a material
adverse effect on our business and financial performance.
Deterioration in market conditions or changes in our credit profile could adversely affect our ability to
raise additional capital to fund our operations and limit our ability to pursue our growth strategy or other
opportunities or to react to changes in the economy or our industry.
We obtain and manage liquidity from the positive cash flow we generate from our operating
activities and our access to capital markets, including our credit facility. Changes in the credit and
capital markets, including market disruptions, limited liquidity and interest rate fluctuations, may
increase the cost of financing, make it more difficult to obtain favorable terms, or restrict our access to
this source of future liquidity. There is no assurance that our ability to obtain additional financing
through the capital markets will not be adversely impacted by economic conditions. Our debt securities
currently have an investment grade rating, and a downgrade of this rating likely would make it more
difficult or expensive for us to obtain additional financing and would increase the cost of borrowing
under our credit facility, which could adversely affect our cash flow and limit our growth strategy or
other opportunities or our ability to react to changes in the economy or our industry.
18