MasterCard 2011 Annual Report Download - page 29

Download and view the complete annual report

Please find page 29 of the 2011 MasterCard annual report below. You can navigate through the pages in the report by either clicking on the pages listed below, or by using the keyword search tool below to find specific information within the annual report.

Page out of 156

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
  • 115
  • 116
  • 117
  • 118
  • 119
  • 120
  • 121
  • 122
  • 123
  • 124
  • 125
  • 126
  • 127
  • 128
  • 129
  • 130
  • 131
  • 132
  • 133
  • 134
  • 135
  • 136
  • 137
  • 138
  • 139
  • 140
  • 141
  • 142
  • 143
  • 144
  • 145
  • 146
  • 147
  • 148
  • 149
  • 150
  • 151
  • 152
  • 153
  • 154
  • 155
  • 156

In the United States, during the past several years, a number of bills have been considered by Congress and
there have been several congressional hearings to address consumer privacy, passive collection of information
(such as use of “cookies” and other technology), information safeguarding and data breach issues. Congress
continues to consider these issues, which could result in legislation that may have an adverse impact on us and
our customers. A large number of U.S. states have enacted security breach legislation, requiring varying levels of
consumer notification in the event of a security breach. In Europe, the European Parliament and Council is in the
process of revising the European Directive 95/46/EC (the “Directive”), which provides for the protection of
individuals with regard to the processing of personal data and on the free movement of such data. The revised
regulation, as well as the Directive, obligates the controller of an individual’s personal data to take the necessary
technical and organizational measures to protect personal data. Both the current Directive and the proposed
regulation establish general principles with regard to the processing of personal data, including the legal grounds
for processing, the rights of individuals with regard to their personal data, restrictions on transfers of the personal
data outside the European Economic Area, and the obligation of the controller of that information to take the
necessary technical and organizational measures to protect personal data. In addition to the United States and
Europe, many jurisdictions around the world are enacting similar privacy, data protection and information
security regulations which have similar impacts to our businesses in these jurisdictions. See “Risk Factors—
Legal and Regulatory Risks—Regulation in the areas of consumer privacy, data use and/ or security could
decrease the number of payment cards issued and could increase our costs” in Part I, Item 1A of this Report.
Anti-Money Laundering and Anti-Terrorism. MasterCard and other participants in the payment industry
are also subject to the regulatory requirements of Section 352 of the USA PATRIOT Act. Section 352 of the
USA PATRIOT Act requires MasterCard to maintain a comprehensive anti-money laundering program and
imposes similar requirements on our financial institution customers in the United States. Our anti-money
laundering program must be reasonably designed to prevent our system from being used to facilitate money
laundering and the financing of terrorist activities. The program must include the designation of a compliance
officer, provide for the training of appropriate personnel regarding anti-money laundering responsibilities, as
well as incorporate policies, procedures, and controls to mitigate money laundering risks, and be independently
audited.
We are also subject to regulations imposed by the U.S. Office of Foreign Assets Control (“OFAC”)
restricting financial transactions with Cuba, Burma/Myanmar, Iran, Syria and Sudan and with persons and
entities included in OFAC’s list of Specially Designated Nationals and Blocked Persons (the “SDN List”). Cuba,
Iran, Sudan and Syria also have been identified by the U.S. State Department as terrorist-sponsoring states.
MasterCard takes measures to prevent transactions that do not comply with OFAC sanctions; however, it is
possible that such transactions may be processed through our payment system. It is possible that our reputation
may suffer due to our customer financial institutions’ association with these countries or the existence of any
such transactions, which in turn could have a material adverse effect on the value of our stock.
Financial Industry Regulation. MasterCard customers are subject to numerous regulations applicable to
banks and other financial institutions in the United States and elsewhere, and as a consequence MasterCard is
impacted by such regulations. Certain of our operations are periodically reviewed by the U.S. Federal Financial
Institutions Examination Council (“FFIEC”) under its authority to examine financial institutions’ technology
service providers. Examinations by the FFIEC cover areas such as data integrity and data security. In recent
years, the U.S. federal banking regulators have adopted a series of regulatory measures affecting credit card
payment terms and requiring more conservative accounting, greater risk management and in some cases higher
capital requirements for bank credit card activities, particularly in the case of banks that focus on subprime
cardholders. In addition, MasterCard Europe operates a retail payment system in Europe and is subject to
oversight by the National Bank of Belgium pursuant to standards published by the European Central Bank that
are principally targeted at managing financial, legal and operations risk.
In July 2010, as part of the Wall Street Reform and Consumer Protection Act, the Consumer Financial
Protection Bureau (the “CFPB”) was created. The CFPB has significant authority to regulate consumer financial
25