Discover 2015 Annual Report Download - page 51

Download and view the complete annual report

Please find page 51 of the 2015 Discover annual report below. You can navigate through the pages in the report by either clicking on the pages listed below, or by using the keyword search tool below to find specific information within the annual report.

Page out of 192

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
  • 115
  • 116
  • 117
  • 118
  • 119
  • 120
  • 121
  • 122
  • 123
  • 124
  • 125
  • 126
  • 127
  • 128
  • 129
  • 130
  • 131
  • 132
  • 133
  • 134
  • 135
  • 136
  • 137
  • 138
  • 139
  • 140
  • 141
  • 142
  • 143
  • 144
  • 145
  • 146
  • 147
  • 148
  • 149
  • 150
  • 151
  • 152
  • 153
  • 154
  • 155
  • 156
  • 157
  • 158
  • 159
  • 160
  • 161
  • 162
  • 163
  • 164
  • 165
  • 166
  • 167
  • 168
  • 169
  • 170
  • 171
  • 172
  • 173
  • 174
  • 175
  • 176
  • 177
  • 178
  • 179
  • 180
  • 181
  • 182
  • 183
  • 184
  • 185
  • 186
  • 187
  • 188
  • 189
  • 190
  • 191
  • 192

-35-
of our stock at any time. There can be no assurance that we will declare and pay any dividends on or repurchase our
stock in the future.
We are a holding company and depend on payments from our subsidiaries.
Discover Financial Services, our parent holding company, depends on dividends, distributions and other
payments from its subsidiaries, particularly Discover Bank, to fund dividend payments, share repurchases, payments on
its obligations, including debt obligations, and to provide funding and capital as needed to its operating subsidiaries.
Banking laws and regulations and our banking regulators may limit or prohibit our transfer of funds freely, either to or
from our subsidiaries, at any time. These laws, regulations and rules may hinder our ability to access funds that we may
need to make payments on our obligations or otherwise achieve strategic objectives. For more information, see
"Business — Supervision and Regulation — Capital, Dividends and Share Repurchases."
Operational and Other Risk
Our risk management framework and models for managing risks may not be effective in mitigating our risk of loss.
Our risk management framework seeks to identify and mitigate risk and appropriately balance risk and return.
We have established processes and procedures intended to identify, measure, manage, monitor and report the types of
risk to which we are subject, including credit risk, market risk, liquidity risk, operational risk, compliance and legal risk,
and strategic risk. We seek to monitor and control our risk exposure through a framework of policies, procedures, limits
and reporting requirements.
Management of our risks in some cases depends upon the use of analytical and/or forecasting models. We use a
variety of models to manage and inform decision-making with respect to customers, and for the measurement of risk
including credit, market and operational risks and for our finance and treasury functions. Models used by Discover can
vary in their complexity and are designed to identify, measure and mitigate risks at various levels such as loan-level,
portfolio segments, entire portfolios and products. These models use a set of computational rules to generate numerical
estimates of uncertain values to be used for assessment of price, financial forecasts, and estimates of credit, interest rate,
market and operational risk. All models carry some level of uncertainty that introduces risks in the estimates.
If the models that we use to mitigate risks are inadequate, we may incur increased losses. In addition, there may
be risks that exist, or that develop in the future, that we have not appropriately anticipated, identified or mitigated. If
our risk management framework and models do not effectively identify or mitigate our risks, we could suffer unexpected
losses and our financial condition and results of operations could be materially adversely affected.
If our security systems, or those of third parties, containing information about us, our customers or third parties with
which we do business, are compromised, our business could be disrupted and we may be subject to significant
financial exposure, liability and damage to our reputation.
Our direct banking and network operations rely heavily on the secure processing, storage and transmission of
confidential information about us, our customers and third parties with which we do business. Information security risks
for financial institutions have increased and continue to increase in part because of the proliferation of new
technologies, the use of the internet, mobile and telecommunications technologies to conduct financial transactions, and
the increased sophistication and activities of organized crime, activists, hackers, terrorist organizations, nation state
actors and other external parties. Those parties may also attempt to fraudulently induce employees, customers or other
users of our systems to disclose sensitive information in order to gain access to our data or that of our customers.
Our technologies, systems, networks and software, and those of other financial institutions, have been and are
likely to continue to be the target of increasingly frequent cyber-attacks, malicious code, computer viruses, denial of
service attacks, phishing and social engineering, other remote access attacks, and physical attacks that could result in
unauthorized access, misuse, loss or destruction of data (including confidential customer information), account
takeovers, unavailability of service or other events. These types of threats may derive from human error, fraud or malice
on the part of external or internal parties, or may result from accidental technological failure.
Despite our efforts to ensure the integrity of our systems through our information security and business continuity
programs, we may not be able to anticipate or to implement effective preventive measures against all security breaches
or events of these types, especially because the techniques used change frequently and quickly or are not recognized
until launched, and because: