MasterCard 2013 Annual Report Download - page 32

Download and view the complete annual report

Please find page 32 of the 2013 MasterCard annual report below. You can navigate through the pages in the report by either clicking on the pages listed below, or by using the keyword search tool below to find specific information within the annual report.

Page out of 120

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
  • 115
  • 116
  • 117
  • 118
  • 119
  • 120

28
settlement failure, we may not be able to recover the cost of such a payment and may therefore be exposed to significant
losses, which could materially and adversely affect our results of operations. Moreover, during 2013, many of our
financial institution customers continued to be directly and adversely impacted by adverse economic events in the
global financial markets. These conditions present increased risk that we may have to perform under our settlement
guarantees. For more information on our settlement exposure and risk assessment and mitigation practices as of
December 31, 2013, see Note 19 (Settlement and Other Risk Management) to the consolidated financial statements
included in Part II, Item 8 of this Report.
Separately, MasterCard also provides guarantees to certain customers and other companies indemnifying them from
losses stemming from our failure to perform with respect to our products and services or the failure of third parties to
perform. Any significant indemnification obligation which we owe to any such customers or other companies could
materially and adversely affect our overall business and results of operations.
A failure or breach of our security systems or infrastructure as a result of cyber-attacks could disrupt our
business, result in the disclosure or misuse of confidential or proprietary information, damage our reputation,
increase our costs and cause losses.
Information security risks for payments and technology companies such as MasterCard have significantly increased in
recent years in part because of the proliferation of new technologies, the use of the Internet and telecommunications
technologies to conduct financial transactions, and the increased sophistication and activities of organized crime,
hackers, terrorists and other external parties. These threats may derive from fraud or malice on the part of our employees
or third parties, or may result from human error or accidental technological failure. These threats include cyber-attacks
such as computer viruses, malicious code, phishing attacks or information security breaches.
Our operations rely on the secure processing, transmission and storage of confidential, proprietary and other information
in our computer systems and networks. Our customers and other parties in the payments value chain, as well as our
cardholders, rely on our digital technologies, computer and email systems, software and networks to conduct their
operations. In addition, to access our products and services, our customers and cardholders increasingly use personal
smartphones, tablet PCs and other mobile devices that may be beyond our control. We routinely are subject to cyber-
threats and our technologies, systems and networks have been subject to cyber-attacks. Because of our position in the
payments value chain, we believe that we are likely to continue to be a target of such threats and attacks.
To date, we have not experienced any material impact relating to cyber-attacks or other information security breaches.
However, if one or more of these events occurs, it could lead to security breaches of the networks, systems or devices
that our customers use to access our products and services which could result in the unauthorized disclosure, release,
gathering, monitoring, misuse, loss or destruction of confidential, proprietary and other information (including account
data information) or data security compromises. Such events could also cause service interruptions, malfunctions or
other failures in the physical infrastructure or operations systems that support our businesses and customers (such as
the lack of availability of our value-added systems), as well as the operations of our customers or other third parties.
Any actual attacks could lead to damage to our reputation with our customers and other parties and the market, additional
costs to MasterCard (such as repairing systems, adding new personnel or protection technologies or compliance costs),
regulatory penalties, financial losses to both us and our customers and partners and the loss of customers and business
opportunities. If such attacks are not detected immediately, their effect could be compounded.
We maintain an information security program, a business continuity program and insurance coverage, and our processing
systems incorporate multiple levels of protection, in order to address or otherwise mitigate these risks. We also test
our systems to discover and address any potential vulnerabilities. Despite these mitigation efforts, there can be no
assurance that we will be immune to these risks and not suffer losses in the future. Our risk and exposure to these
matters remain heightened because of, among other things, the evolving nature of these threats, the prominent size and
scale of MasterCard and our role in the global payments and technology industries, our plans to continue to implement
our digital and mobile channel strategies and develop additional remote connectivity solutions to serve our customers
and cardholders when and how they want to be served, our global presence, our extensive use of third party vendors
and future joint venture and merger and acquisition opportunities. As a result, cyber-security and the continued
development and enhancement of our controls, processes and practices designed to protect our systems, computers,
software, data and networks from attack, damage or unauthorized access remain a priority for us. As cyber-threats
continue to evolve, we may be required to expend significant additional resources to continue to modify or enhance