MasterCard 2010 Annual Report Download - page 34

Download and view the complete annual report

Please find page 34 of the 2010 MasterCard annual report below. You can navigate through the pages in the report by either clicking on the pages listed below, or by using the keyword search tool below to find specific information within the annual report.

Page out of 162

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
  • 115
  • 116
  • 117
  • 118
  • 119
  • 120
  • 121
  • 122
  • 123
  • 124
  • 125
  • 126
  • 127
  • 128
  • 129
  • 130
  • 131
  • 132
  • 133
  • 134
  • 135
  • 136
  • 137
  • 138
  • 139
  • 140
  • 141
  • 142
  • 143
  • 144
  • 145
  • 146
  • 147
  • 148
  • 149
  • 150
  • 151
  • 152
  • 153
  • 154
  • 155
  • 156
  • 157
  • 158
  • 159
  • 160
  • 161
  • 162

In the United States, during the past several years, a number of bills have been considered by Congress and
there have been several congressional hearings to address information safeguarding and data breach issues.
Congress continues to consider these issues, which could result in legislation that would have an adverse impact
on us and our customers. For example, the House of Representatives has again passed comprehensive data
security and data breach notification legislation that could impose additional regulatory burdens on us and our
customers. Similar legislation has not yet passed the Senate in this Congress, and it is not clear whether
legislation of this type will be signed into law. In addition, a large number of U.S. states have enacted security
breach legislation, requiring varying levels of consumer notification in the event of a security breach. In Europe,
the European Parliament and Council passed the European Directive 95/46/EC (the “Directive”) on the
protection of individuals with regard to the processing of personal data and on the free movement of such data,
which obligates the controller of an individual’s personal data to take the necessary technical and organizational
measures to protect personal data. The Directive has been implemented through local laws regulating data
protection in European Union member states to which we and our customers are subject. The Directive
establishes general principles with regard to the processing of personal data, including the legal grounds for
processing, the rights of individuals with regard to their personal data, restrictions on transfers of the personal
data outside the European Economic Area, and the obligation of the controller of that information to take the
necessary technical and organizational measures to protect personal data. In addition to the United States and
Europe, other jurisdictions around the world are enacting similar privacy, data protection and information
security regulations which have similar impacts to our businesses in these jurisdictions. See “Risk Factors—
Legal and Regulatory Risks—Regulation in the areas of consumer privacy, data use and/ or security could
decrease the number of payment cards issued and could increase our costs” in Part I, Item 1A.
Anti-Money Laundering and Anti-Terrorism. MasterCard and other participants in the payment industry
are also subject to the regulatory requirements of Section 352 of the USA PATRIOT Act, which applies to
certain types of financial institutions, including operators of credit card systems. Section 352 of the USA
PATRIOT Act requires MasterCard to maintain a comprehensive anti-money laundering program and imposes
similar requirements on some of our customers. Our anti-money laundering program must be reasonably
designed to prevent our system from being used to facilitate money laundering and the financing of terrorist
activities. The program must, at a minimum, include the designation of a compliance officer, provide for the
training of appropriate personnel regarding anti-money laundering responsibilities, as well as incorporate
policies, procedures, and controls to mitigate money laundering risks, and be independently audited.
We are also subject to regulations imposed by OFAC restricting financial transactions with Cuba, Burma/
Myanmar, Iran and Sudan and with persons and entities included in OFAC’s list of Specially Designated
Nationals and Blocked Persons (the “SDN List”). Cuba, Iran, Sudan and Syria also have been identified by the
U.S. State Department as terrorist-sponsoring states. While MasterCard has no business operations, subsidiaries
or affiliated entities in these countries, there are financial institutions licensed by MasterCard to issue cards or
acquire merchant transactions in certain of these countries. MasterCard takes measures to avoid transactions with
persons and entities on the SDN List; however, it is possible that transactions involving persons or entities on the
SDN List may be processed through our payment system. It is possible that our reputation may suffer due to our
customer financial institutions’ association with these countries or the existence of any such transactions, which
in turn could have a material adverse effect on the value of our stock. Further, certain U.S. states have enacted
legislation regarding investments by pension funds and other retirement systems in companies that have business
activities or contacts with countries that have been identified as terrorist-sponsoring states and similar legislation
may be pending in other states. As a result, pension funds and other retirement systems may be subject to
reporting requirements with respect to investments in companies such as ours or may be subject to limits or
prohibitions with respect to those investments that may materially and adversely affect our stock price.
Financial Industry Regulation. MasterCard customers are subject to numerous regulations applicable to
banks and other financial institutions in the United States and elsewhere, and as a consequence MasterCard is
impacted by such regulations. Certain of our operations are periodically reviewed by the U.S. Federal Financial
Institutions Examination Council (“FFIEC”) under its authority to examine financial institutions’ technology
24