Travelers 2013 Annual Report Download - page 79

Download and view the complete annual report

Please find page 79 of the 2013 Travelers annual report below. You can navigate through the pages in the report by either clicking on the pages listed below, or by using the keyword search tool below to find specific information within the annual report.

Page out of 304

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
  • 115
  • 116
  • 117
  • 118
  • 119
  • 120
  • 121
  • 122
  • 123
  • 124
  • 125
  • 126
  • 127
  • 128
  • 129
  • 130
  • 131
  • 132
  • 133
  • 134
  • 135
  • 136
  • 137
  • 138
  • 139
  • 140
  • 141
  • 142
  • 143
  • 144
  • 145
  • 146
  • 147
  • 148
  • 149
  • 150
  • 151
  • 152
  • 153
  • 154
  • 155
  • 156
  • 157
  • 158
  • 159
  • 160
  • 161
  • 162
  • 163
  • 164
  • 165
  • 166
  • 167
  • 168
  • 169
  • 170
  • 171
  • 172
  • 173
  • 174
  • 175
  • 176
  • 177
  • 178
  • 179
  • 180
  • 181
  • 182
  • 183
  • 184
  • 185
  • 186
  • 187
  • 188
  • 189
  • 190
  • 191
  • 192
  • 193
  • 194
  • 195
  • 196
  • 197
  • 198
  • 199
  • 200
  • 201
  • 202
  • 203
  • 204
  • 205
  • 206
  • 207
  • 208
  • 209
  • 210
  • 211
  • 212
  • 213
  • 214
  • 215
  • 216
  • 217
  • 218
  • 219
  • 220
  • 221
  • 222
  • 223
  • 224
  • 225
  • 226
  • 227
  • 228
  • 229
  • 230
  • 231
  • 232
  • 233
  • 234
  • 235
  • 236
  • 237
  • 238
  • 239
  • 240
  • 241
  • 242
  • 243
  • 244
  • 245
  • 246
  • 247
  • 248
  • 249
  • 250
  • 251
  • 252
  • 253
  • 254
  • 255
  • 256
  • 257
  • 258
  • 259
  • 260
  • 261
  • 262
  • 263
  • 264
  • 265
  • 266
  • 267
  • 268
  • 269
  • 270
  • 271
  • 272
  • 273
  • 274
  • 275
  • 276
  • 277
  • 278
  • 279
  • 280
  • 281
  • 282
  • 283
  • 284
  • 285
  • 286
  • 287
  • 288
  • 289
  • 290
  • 291
  • 292
  • 293
  • 294
  • 295
  • 296
  • 297
  • 298
  • 299
  • 300
  • 301
  • 302
  • 303
  • 304

experiences an interruption. Business interruptions and failures of controls could also result if our
internal systems do not interface with each other as intended, including as it relates to recently
acquired businesses. If our business continuity plans did not sufficiently address such a business
interruption, system failure or service denial, this could result in a deterioration of our ability to write
and process new and renewal business, provide customer service, pay claims in a timely manner or
perform other necessary business functions.
Our operations rely on the reliable and secure processing, storage and transmission of confidential
and other information in our computer systems and networks. Computer viruses, hackers, employee
misconduct and other external hazards could expose our data systems to security breaches, cyber-
attacks or other disruptions. In addition, we routinely transmit and receive personal, confidential and
proprietary information by e-mail and other electronic means. While we attempt to develop secure
transmission capabilities with third-party vendors and others with whom we do business, we may be
unable to put in place secure capabilities with all of such vendors and third parties and, in addition,
these third parties may not have appropriate controls in place to protect the confidentiality of the
information.
Like other global companies, our computer systems are regularly subject to and will continue to be
the target of computer viruses or other malicious codes, unauthorized access, cyber-attacks or other
computer-related penetrations. While we have experienced threats to our data and systems, to date, we
are not aware that we have experienced a material breach of cyber security. Over time, the
sophistication of these threats continues to increase, however, and our administrative and technical
controls as well as other preventative actions we take to reduce the risk of cyber incidents and protect
our information may be insufficient to detect or prevent unauthorized access, other physical and
electronic break-ins, cyber-attacks or other security breaches to our computer systems or those of third
parties with whom we do business. In addition, new technology that could result in greater operational
efficiency may further expose our computer systems to the risk of cyber-attacks.
We have increasingly outsourced certain technology and business process functions to third parties
and may continue to do so in the future. If we do not effectively develop, implement and monitor our
outsourcing relationships, third party providers do not perform as anticipated or we experience
technological or other problems with a transition, we may not realize expected productivity
improvements or cost efficiencies and may experience operational difficulties, increased costs and a loss
of business. Our outsourcing of certain technology and business process functions to third parties may
expose us to increased risk related to data security or service disruptions, which could result in
monetary and reputational damages. For example, while we do not believe it will materially and
adversely impact our operations or results, we terminated a contract with one of our outsourcing
vendors in the fourth quarter of 2013 because they breached that contract by providing proprietary
Company information to one of our competitors. In addition to risks caused by third party providers,
our ability to receive services from third party providers outside of the United States might be
impacted by cultural differences, political instability, unanticipated regulatory requirements or public
policy inside or outside of the United States.
The increased risks identified above could expose us to data loss, disruption of service, monetary
and reputational damages and significant increases in compliance costs and costs to improve the
security and resiliency of our computer systems. The compromise of personal, confidential or
proprietary information could also subject us to legal liability or regulatory action under data protection
and privacy laws and regulations enacted by the U.S. federal and state governments, the European
Union or other jurisdictions or by various regulatory organizations or exchanges. As a result, our ability
to conduct our business and our results of operations might be materially and adversely affected.
We are subject to a number of risks associated with our business outside the United States. We
conduct business outside the United States primarily in Canada, the United Kingdom and the Republic
69