Ameriprise 2014 Annual Report Download - page 52

Download and view the complete annual report

Please find page 52 of the 2014 Ameriprise annual report below. You can navigate through the pages in the report by either clicking on the pages listed below, or by using the keyword search tool below to find specific information within the annual report.

Page out of 214

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
  • 115
  • 116
  • 117
  • 118
  • 119
  • 120
  • 121
  • 122
  • 123
  • 124
  • 125
  • 126
  • 127
  • 128
  • 129
  • 130
  • 131
  • 132
  • 133
  • 134
  • 135
  • 136
  • 137
  • 138
  • 139
  • 140
  • 141
  • 142
  • 143
  • 144
  • 145
  • 146
  • 147
  • 148
  • 149
  • 150
  • 151
  • 152
  • 153
  • 154
  • 155
  • 156
  • 157
  • 158
  • 159
  • 160
  • 161
  • 162
  • 163
  • 164
  • 165
  • 166
  • 167
  • 168
  • 169
  • 170
  • 171
  • 172
  • 173
  • 174
  • 175
  • 176
  • 177
  • 178
  • 179
  • 180
  • 181
  • 182
  • 183
  • 184
  • 185
  • 186
  • 187
  • 188
  • 189
  • 190
  • 191
  • 192
  • 193
  • 194
  • 195
  • 196
  • 197
  • 198
  • 199
  • 200
  • 201
  • 202
  • 203
  • 204
  • 205
  • 206
  • 207
  • 208
  • 209
  • 210
  • 211
  • 212
  • 213
  • 214

In addition, the SEC and other federal and state regulators have increased their scrutiny of potential conflicts of interest. It
is possible that potential or perceived conflicts could give rise to litigation or enforcement actions. It is possible also that
the regulatory scrutiny of, and litigation in connection with, conflicts of interest will make our clients less willing to enter
into transactions in which such a conflict may occur, and will adversely affect our businesses.
Our operational systems and networks have been, and will continue to be, subject to evolving cybersecurity or
other technological risks, which could result in the disclosure of confidential client information, loss of our
proprietary information, damage to our reputation, additional costs to us, regulatory penalties and other adverse
impacts.
Our business is reliant upon internal and third party technology systems and networks to process, transmit and store
information, including sensitive client and proprietary information, and to conduct many of our business activities and
transactions with our clients, advisors, vendors and other third parties. Maintaining the integrity of these systems and
networks is critical to the success of our business operations, including the retention of our advisors and clients, and to
the protection of our proprietary information and our clients’ personal information. To date, we have not experienced any
material breaches of or interference with our systems and networks, however, we routinely encounter and address such
threats. For example, in 2014 we and other financial institutions experienced distributed denial of service attacks intended
to disrupt our clients’ online access. While we were able to detect and respond to these incidents without loss of client
assets or information, we have since implemented additional security capabilities and will continue to assess our ability to
monitor and respond to such threats. In addition to the foregoing, our experiences with cybersecurity and technology
threats have included phishing scams, introductions of malware, attempts at electronic break-ins, and unauthorized
payment requests. Any such breaches or interference by third parties or by our advisors or employees that may occur in
the future could have a material adverse impact on our business, financial condition or results of operations.
We are subject to international, federal and state regulations, and in some cases contractual obligations, that require us to
establish and maintain policies and procedures designed to protect sensitive client, employee, contractor and vendor
information. We have implemented and maintain security measures designed to protect against breaches of security and
other interference with our systems and networks resulting from attacks by third parties, including hackers, and from
employee or advisor error or malfeasance. We also contractually require third-party vendors who, in the provision of
services to us are provided with or process information pertaining to our business or our clients, to meet certain
information security standards. Changes in our client base, the mix of assets under management or administration and
business model or technology platform changes, such as an evolution to accommodate mobile computing, virtual interface
and multi-device functionality, may also require corresponding changes in our systems, networks and data security
measures. In addition, the increasing reliance on technology systems and networks and the occurrence and potential
adverse impact of attacks on such systems and networks, both generally and in the financial services industry, have
enhanced government and regulatory scrutiny of the measures taken by companies to protect against cybersecurity
threats. As these threats, and government and regulatory oversight of associated risks, continue to evolve, we may be
required to expend additional resources to enhance or expand upon the security measures we currently maintain.
Despite the measures we have taken and may in the future take to address and mitigate cybersecurity and technology
risks, we cannot assure that our systems and networks will not be subject to breaches or interference. Any such event may
result in operational disruptions as well as unauthorized access to or the disclosure or loss of our proprietary information or
our clients’ personal information, which in turn may result in legal claims, regulatory scrutiny and liability, reputational
damage, the incurrence of costs to eliminate or mitigate further exposure, the loss of clients or advisors or other damage
to our business. While we maintain cyber liability insurance that provides both third-party liability and first-party liability
coverages, this insurance may not be sufficient to protect us against all losses. In addition, the trend toward broad
consumer and general public notification of such incidents could exacerbate the harm to our business, financial condition
or results of operations. Even if we successfully protect our technology infrastructure and the confidentiality of sensitive
data, we may incur significant expenses in connection with our responses to any such attacks as well as the adoption,
implementation and maintenance of appropriate security measures. We could also suffer harm to our business and
reputation if attempted security breaches are publicized. We cannot be certain that advances in criminal capabilities,
discovery of new vulnerabilities, attempts to exploit vulnerabilities in our systems, data thefts, physical system or network
break-ins or inappropriate access, or other developments will not compromise or breach the technology or other security
measures protecting the networks and systems used in connection with our business.
Protection from system interruptions and operating errors is important to our business. If we experience a
sustained interruption to our telecommunications or data processing systems, or other failure in operational
execution, it could harm our business.
Operating errors and system or network interruptions could delay and disrupt our ability to develop, deliver or maintain our
products and services, causing harm to our business and reputation and resulting in loss of our advisors, clients or
revenue. Interruptions could be caused by operational failures arising from employee or advisor error or malfeasance,
interference by third parties, including hackers, our implementation of new technology, as well as from our maintenance of
33