Western Union 2013 Annual Report Download - page 129

Download and view the complete annual report

Please find page 129 of the 2013 Western Union annual report below. You can navigate through the pages in the report by either clicking on the pages listed below, or by using the keyword search tool below to find specific information within the annual report.

Page out of 274

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
  • 115
  • 116
  • 117
  • 118
  • 119
  • 120
  • 121
  • 122
  • 123
  • 124
  • 125
  • 126
  • 127
  • 128
  • 129
  • 130
  • 131
  • 132
  • 133
  • 134
  • 135
  • 136
  • 137
  • 138
  • 139
  • 140
  • 141
  • 142
  • 143
  • 144
  • 145
  • 146
  • 147
  • 148
  • 149
  • 150
  • 151
  • 152
  • 153
  • 154
  • 155
  • 156
  • 157
  • 158
  • 159
  • 160
  • 161
  • 162
  • 163
  • 164
  • 165
  • 166
  • 167
  • 168
  • 169
  • 170
  • 171
  • 172
  • 173
  • 174
  • 175
  • 176
  • 177
  • 178
  • 179
  • 180
  • 181
  • 182
  • 183
  • 184
  • 185
  • 186
  • 187
  • 188
  • 189
  • 190
  • 191
  • 192
  • 193
  • 194
  • 195
  • 196
  • 197
  • 198
  • 199
  • 200
  • 201
  • 202
  • 203
  • 204
  • 205
  • 206
  • 207
  • 208
  • 209
  • 210
  • 211
  • 212
  • 213
  • 214
  • 215
  • 216
  • 217
  • 218
  • 219
  • 220
  • 221
  • 222
  • 223
  • 224
  • 225
  • 226
  • 227
  • 228
  • 229
  • 230
  • 231
  • 232
  • 233
  • 234
  • 235
  • 236
  • 237
  • 238
  • 239
  • 240
  • 241
  • 242
  • 243
  • 244
  • 245
  • 246
  • 247
  • 248
  • 249
  • 250
  • 251
  • 252
  • 253
  • 254
  • 255
  • 256
  • 257
  • 258
  • 259
  • 260
  • 261
  • 262
  • 263
  • 264
  • 265
  • 266
  • 267
  • 268
  • 269
  • 270
  • 271
  • 272
  • 273
  • 274

2013 FORM 10-K
19
Privacy and Information Security Regulations
We must collect, transfer, disclose, use and store personal information in order to provide our services. These activities are
subject to information security standards, data privacy, data breach and related laws and regulations in the United States and other
countries. In the United States, data privacy and data breach laws such as the federal Gramm-Leach-Bliley Act and various state
laws apply directly to a broad range of financial institutions including money transfer providers like Western Union, and indirectly
to companies that provide services to or on behalf of those institutions. The United States Federal Trade Commission ("FTC") has
an on-going program of investigating the privacy practices of companies and has commenced enforcement actions against many,
resulting in multimillion dollar settlements and multi-year agreements governing the settling companies' privacy practices. The
FTC and several states have expanded their area of concern to include privacy practices related to mobile applications. Many state
laws require us to provide notification to affected individuals, state officers and consumer reporting agencies in the event of a
security breach of computer databases or physical documents that contain certain types of non-public personal information and
present a risk for unauthorized use.
The collection, transfer, disclosure, use and storage of personal information required to provide our services is subject to data
privacy laws outside of the United States, such as laws adopted pursuant to the EU's 95/46 EC Directive of the European Parliament
(the "Data Protection Directive"), and national and provincial laws throughout the world. In some cases, these laws are more
restrictive than the Gramm-Leach-Bliley Act and impose more stringent duties on companies. These laws, which are not uniform,
do one or more of the following: restrict the collection, transfer, processing, storage, use and disclosure of personal information,
require notice to individuals of privacy practices and give individuals certain rights to prevent the use or disclosure of personal
information for secondary purposes such as marketing.
These regulations, laws and industry standards also impose requirements for safeguarding personal information through the
issuance of internal data security standards, controls or guidelines.
In connection with regulatory requirements to assist in the prevention of money laundering and terrorist financing and pursuant
to legal obligations and authorizations, Western Union makes information available to certain United States federal and state, as
well as certain foreign, government agencies when required by law. In recent years, Western Union has experienced increasing
data sharing requests by these agencies, particularly in connection with efforts to prevent terrorist financing or reduce the risk of
identity theft. During the same period, there has also been increased public attention to the corporate use and disclosure of personal
information, accompanied by legislation and regulations intended to strengthen data protection, information security and consumer
privacy. These regulatory goals - the prevention of money laundering, terrorist financing and identity theft and the protection of
the individual's right to privacy - may conflict, and the law in these areas is not consistent or settled. While we believe that Western
Union is compliant with its regulatory responsibilities, the legal, political and business environments in these areas are rapidly
changing, and subsequent legislation, regulation, litigation, court rulings or other events could expose Western Union to increased
program costs, liability and reputational damage.
Banking Regulation
We have subsidiaries that operate under banking licenses granted by the Austrian Financial Market Authority and the Brazilian
Central Bank which subject these subsidiaries to Austrian and Brazilian regulations. We are also subject to regulation, examination
and supervision by the New York State Department of Financial Services (the "Financial Services Department"), which has
regulatory authority over our entity that holds all interests in these subsidiaries, a limited liability investment company organized
under Article XII of the New York Banking Law. An Agreement of Supervision with the Financial Services Department imposes
various regulatory requirements including operational limitations, capital requirements, affiliate transaction limitations, and notice
and reporting requirements. Approval is required from the Financial Services Department under New York Banking Law, and
from the Austrian Financial Market Authority and the Brazilian Central Bank under Austrian and Brazilian regulations, respectively,
prior to certain direct or indirect changes in control of the Article XII investment company and its banking subsidiaries, including
a change in control of its ultimate parent, the Company.
Since these subsidiaries do not operate any banking offices in the United States and do not conduct business in the United
States except as may be incidental to their activities outside the United States, our Company's affiliation with these subsidiaries
does not cause them to be subject to the provisions of the Bank Holding Company Act in the United States.