Freddie Mac 2014 Annual Report Download - page 50

Download and view the complete annual report

Please find page 50 of the 2014 Freddie Mac annual report below. You can navigate through the pages in the report by either clicking on the pages listed below, or by using the keyword search tool below to find specific information within the annual report.

Page out of 330

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
  • 115
  • 116
  • 117
  • 118
  • 119
  • 120
  • 121
  • 122
  • 123
  • 124
  • 125
  • 126
  • 127
  • 128
  • 129
  • 130
  • 131
  • 132
  • 133
  • 134
  • 135
  • 136
  • 137
  • 138
  • 139
  • 140
  • 141
  • 142
  • 143
  • 144
  • 145
  • 146
  • 147
  • 148
  • 149
  • 150
  • 151
  • 152
  • 153
  • 154
  • 155
  • 156
  • 157
  • 158
  • 159
  • 160
  • 161
  • 162
  • 163
  • 164
  • 165
  • 166
  • 167
  • 168
  • 169
  • 170
  • 171
  • 172
  • 173
  • 174
  • 175
  • 176
  • 177
  • 178
  • 179
  • 180
  • 181
  • 182
  • 183
  • 184
  • 185
  • 186
  • 187
  • 188
  • 189
  • 190
  • 191
  • 192
  • 193
  • 194
  • 195
  • 196
  • 197
  • 198
  • 199
  • 200
  • 201
  • 202
  • 203
  • 204
  • 205
  • 206
  • 207
  • 208
  • 209
  • 210
  • 211
  • 212
  • 213
  • 214
  • 215
  • 216
  • 217
  • 218
  • 219
  • 220
  • 221
  • 222
  • 223
  • 224
  • 225
  • 226
  • 227
  • 228
  • 229
  • 230
  • 231
  • 232
  • 233
  • 234
  • 235
  • 236
  • 237
  • 238
  • 239
  • 240
  • 241
  • 242
  • 243
  • 244
  • 245
  • 246
  • 247
  • 248
  • 249
  • 250
  • 251
  • 252
  • 253
  • 254
  • 255
  • 256
  • 257
  • 258
  • 259
  • 260
  • 261
  • 262
  • 263
  • 264
  • 265
  • 266
  • 267
  • 268
  • 269
  • 270
  • 271
  • 272
  • 273
  • 274
  • 275
  • 276
  • 277
  • 278
  • 279
  • 280
  • 281
  • 282
  • 283
  • 284
  • 285
  • 286
  • 287
  • 288
  • 289
  • 290
  • 291
  • 292
  • 293
  • 294
  • 295
  • 296
  • 297
  • 298
  • 299
  • 300
  • 301
  • 302
  • 303
  • 304
  • 305
  • 306
  • 307
  • 308
  • 309
  • 310
  • 311
  • 312
  • 313
  • 314
  • 315
  • 316
  • 317
  • 318
  • 319
  • 320
  • 321
  • 322
  • 323
  • 324
  • 325
  • 326
  • 327
  • 328
  • 329
  • 330

45 Freddie Mac
and guarantee fee pricing, interest-rate risk management, market risk management, credit risk management, quality-control
sampling strategies for loans in our single-family credit guarantee portfolio, and representation and warranty and other
settlements with our counterparties. Furthermore, any strategies we employ to attempt to manage the risks associated with our
use of models may not be effective. See “MD&A — CRITICAL ACCOUNTING POLICIES AND ESTIMATES” and
“QUANTITATIVE AND QUALITATIVE DISCLOSURES ABOUT MARKET RISK — Interest-Rate Risk and Other Market
Risks” for more information on our use of models.
A failure in our operational systems or infrastructure, or those of third parties, could impair our liquidity, disrupt our
business, damage our reputation, and cause losses.
We face significant levels of operational risk due to a variety of factors, including the complexity of our business
operations and the amount of change to our core systems required to keep pace with regulatory and other requirements.
Shortcomings or failures in our internal processes, people or systems could lead to impairment of our liquidity, financial
and economic loss, errors in our financial statements, disruption of our business, liability to customers, further legislative or
regulatory intervention, or reputational damage. We have certain legacy systems that require manual support and intervention,
which may lead to heightened risk of system failures.
Our business is highly dependent on our ability to process a large number of transactions on a daily basis and manage and
analyze significant amounts of information, much of which is provided by third parties. The transactions we process are
complex and are subject to various legal, accounting, and regulatory standards. The types of transactions we process and the
standards relating to those transactions can change rapidly in response to external events, such as the implementation of
government-mandated programs and changes in market conditions. Our financial, accounting, data processing, or other
operating systems and facilities may fail to operate properly or become disabled, adversely affecting our ability to process these
transactions. Our systems may contain design flaws. The information provided by third parties may be incorrect, or we may fail
to properly manage or analyze it. The inability of our systems to accommodate an increasing volume of transactions or new
types of transactions or products could constrain our ability to pursue new business initiatives or improve existing business
activities.
We also face increased operational risk due to the magnitude and complexity of the new initiatives we are undertaking,
including our efforts to help build a new housing finance system (such as the development of the common securitization
platform). Some of these initiatives require significant changes to our operational systems. In some cases, the changes must be
implemented within a short period of time. Our legacy systems may also create increased operational risk for these new
initiatives. Internal corporate reorganizations (e.g., relating to our implementation of an enhanced three-lines-of-defense risk
management framework) may also increase our operational risk, particularly during the period of implementation.
Our employees could act improperly for their own gain and cause unexpected losses or reputational damage. While we
have processes and systems in place designed to prevent and detect fraud, there can be no assurance that such processes and
systems will be successful.
Most of our key business activities are conducted in our offices in Virginia and represent a concentrated risk of people,
technology, and facilities. As a result, a power outage or other infrastructure disruption in the area near our offices could
significantly adversely affect our ability to conduct normal business operations. A terrorist event or natural disaster in the area
near our offices could have a similar impact. Any measures we take to mitigate this risk may not be sufficient to respond to the
full range of events that may occur.
The threat landscape in cyber security is changing rapidly and growing in sophistication. We may not be able to protect our
systems with complete assurance or fully protect the confidentiality of our information from cyber attack and other
unauthorized access, disclosure, and disruption.
Our operations rely on the secure receipt, processing, storage, and transmission of confidential and other information in
our computer systems and networks and with our business partners. Like many corporations and government entities, from time
to time we have been, and likely will continue to be, the target of attempted cyber attacks. Although we devote significant
resources to protecting our various systems and processes, there is no assurance that our security measures will provide fully
effective security. Our computer systems, software, and networks may be vulnerable to cyber attack, unauthorized access,
supply chain disruptions, computer viruses or other malicious code, or other attempts to harm them or misuse or steal
confidential information. If one or more of such events were to occur, this potentially could jeopardize or result in the
unauthorized disclosure, misuse or corruption of confidential and other information (including information of borrowers, our
customers or our counterparties), or otherwise cause interruptions or malfunctions in our operations or the operations of our
customers or counterparties. This could result in significant losses or reputational damage, adversely affect our relationships
with our customers and counterparties, negatively affect our competitive position, and otherwise harm our business. We could
also face regulatory action. We might be required to expend significant additional resources to modify our protective measures
or to investigate and remediate vulnerabilities or other exposures, and we might be subject to litigation and financial losses that
are not fully insured. In addition, there can be no assurance that business partners, counterparties and governmental
organizations are adequately protecting the confidential and other information that we share with them. As a result, a cyber
Table of Contents