MasterCard 2012 Annual Report Download - page 46

Download and view the complete annual report

Please find page 46 of the 2012 MasterCard annual report below. You can navigate through the pages in the report by either clicking on the pages listed below, or by using the keyword search tool below to find specific information within the annual report.

Page out of 144

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
  • 115
  • 116
  • 117
  • 118
  • 119
  • 120
  • 121
  • 122
  • 123
  • 124
  • 125
  • 126
  • 127
  • 128
  • 129
  • 130
  • 131
  • 132
  • 133
  • 134
  • 135
  • 136
  • 137
  • 138
  • 139
  • 140
  • 141
  • 142
  • 143
  • 144

increasingly use personal smartphones, tablet PCs and other mobile devices that may be beyond our control
systems. We routinely receive cyber-threats and our technologies, systems and networks have been subject to
cyber-attacks. Because of our position in the payments value chain, we believe that such threats may continue,
and that we are likely to continue to be a target of such attacks.
To date, we have not experienced any material impact relating to cyber-attacks or other information security
breaches. However, if one or more of these events occurs, it could lead to security breaches of the networks,
systems or devices that our customers use to access our products and services which could result in the
unauthorized disclosure, release, gathering, monitoring, misuse, loss or destruction of confidential, proprietary
and other information (including account data information) or data security compromises. Such events could also
cause service interruptions, malfunctions or other failures in the physical infrastructure or operations systems that
support our businesses and customers (such as the lack of availability of our value-added systems), as well as the
operations of our customers or other third parties. Any actual attacks could lead to damage to our reputation with
our customers and other parties and the market, additional costs to MasterCard (such as repairing systems, adding
new personnel or protection technologies or compliance costs), regulatory penalties, financial losses to both us
and our customers and partners and the loss of customers and business opportunities. If such attacks are not
detected immediately, their effect could be compounded.
We maintain an information security program, a business continuity program and insurance coverage, and
our processing systems incorporate multiple levels of protection, in order to address or otherwise mitigate these
risks. We also test our systems to discover and address any potential vulnerabilities. Despite these mitigation
efforts, there can be no assurance that we will be immune to these risks and not suffer losses in the future. Our
risk and exposure to these matters remain heightened because of, among other things, the evolving nature of
these threats, the prominent size and scale of MasterCard and our role in the global payments and technology
industries, our plans to continue to implement our digital and mobile channel strategies and develop additional
remote connectivity solutions to serve our customers and cardholders when and how they want to be served, our
global presence, our extensive use of third party vendors and future joint venture and merger and acquisition
opportunities. As a result, cyber-security and the continued development and enhancement of our controls,
processes and practices designed to protect our systems, computers, software, data and networks from attack,
damage or unauthorized access remain a priority for us. As cyber-threats continue to evolve, we may be required
to expend significant additional resources to continue to modify or enhance our protective measures or to
investigate and remediate any information security vulnerabilities. Any of the risks described above could
materially adversely affect our overall business and results of operations.
If our transaction processing systems and other services are disrupted or we are unable to process
transactions or service our customers efficiently or at all, our results of operations would be materially
reduced.
Our transaction processing systems and other key service offerings may experience interruptions as a result
of a disaster including, but not limited to, technology malfunctions, fire, weather events, power outages,
telecommunications disruptions, terrorism, workplace violence, accidents or other catastrophic events. Our
visibility in the global payments industry may also put us at greater risk of attack by terrorists, activists, or
hackers who intend to disrupt our facilities and/or systems. A disaster that occurs at, or in the vicinity of, our
primary and/or back-up facilities in any global location could interrupt our services. Although we maintain a
business continuity program to analyze risk, assess potential impacts, and develop effective response strategies,
we cannot ensure that our business would be immune to these risks.
Additionally, we rely on third-party service providers for the timely transmission of information across our
global data network. Inadequate infrastructure in lesser-developed markets could also result in service
disruptions, which could impact our ability to do business in those markets. If one of our service providers fails
to provide the communications capacity or services we require, as a result of natural disaster, operational
disruptions, terrorism, hacking or any other reason, the failure could interrupt our services. Because of the
42