Morgan Stanley 2015 Annual Report Download - page 21

Download and view the complete annual report

Please find page 21 of the 2015 Morgan Stanley annual report below. You can navigate through the pages in the report by either clicking on the pages listed below, or by using the keyword search tool below to find specific information within the annual report.

Page out of 278

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
  • 115
  • 116
  • 117
  • 118
  • 119
  • 120
  • 121
  • 122
  • 123
  • 124
  • 125
  • 126
  • 127
  • 128
  • 129
  • 130
  • 131
  • 132
  • 133
  • 134
  • 135
  • 136
  • 137
  • 138
  • 139
  • 140
  • 141
  • 142
  • 143
  • 144
  • 145
  • 146
  • 147
  • 148
  • 149
  • 150
  • 151
  • 152
  • 153
  • 154
  • 155
  • 156
  • 157
  • 158
  • 159
  • 160
  • 161
  • 162
  • 163
  • 164
  • 165
  • 166
  • 167
  • 168
  • 169
  • 170
  • 171
  • 172
  • 173
  • 174
  • 175
  • 176
  • 177
  • 178
  • 179
  • 180
  • 181
  • 182
  • 183
  • 184
  • 185
  • 186
  • 187
  • 188
  • 189
  • 190
  • 191
  • 192
  • 193
  • 194
  • 195
  • 196
  • 197
  • 198
  • 199
  • 200
  • 201
  • 202
  • 203
  • 204
  • 205
  • 206
  • 207
  • 208
  • 209
  • 210
  • 211
  • 212
  • 213
  • 214
  • 215
  • 216
  • 217
  • 218
  • 219
  • 220
  • 221
  • 222
  • 223
  • 224
  • 225
  • 226
  • 227
  • 228
  • 229
  • 230
  • 231
  • 232
  • 233
  • 234
  • 235
  • 236
  • 237
  • 238
  • 239
  • 240
  • 241
  • 242
  • 243
  • 244
  • 245
  • 246
  • 247
  • 248
  • 249
  • 250
  • 251
  • 252
  • 253
  • 254
  • 255
  • 256
  • 257
  • 258
  • 259
  • 260
  • 261
  • 262
  • 263
  • 264
  • 265
  • 266
  • 267
  • 268
  • 269
  • 270
  • 271
  • 272
  • 273
  • 274
  • 275
  • 276
  • 277
  • 278

Compliance Risk.” For more information on how we monitor and manage operational risk, see “Quantitative and Qualitative
Disclosures about Market Risk—Risk Management—Operational Risk” in Part II, Item 7A.
We are subject to operational risks, including a failure, breach or other disruption of our operational or security systems,
that could adversely affect our businesses or reputation.
Our businesses are highly dependent on our ability to process, on a daily basis, a large number of transactions across
numerous and diverse markets in many currencies. In some of our businesses, the transactions we process are complex. In
addition, we may introduce new products or services or change processes, resulting in new operational risk that we may not
fully appreciate or identify. The trend toward direct access to automated, electronic markets and the move to more automated
trading platforms has resulted in using increasingly complex technology that relies on the continued effectiveness of the
programming code and integrity of the data to process the trades. We perform the functions required to operate our different
businesses either by ourselves or through agreements with third parties. We rely on the ability of our employees, our internal
systems and systems at technology centers operated by unaffiliated third parties to process a high volume of transactions.
As a major participant in the global capital markets, we maintain extensive controls to reduce the risk of incorrect valuation
or risk management of our trading positions due to flaws in data, models, electronic trading systems or processes or due to
fraud. Nevertheless, such risk cannot be completely eliminated.
We also face the risk of operational failure or termination of any of the clearing agents, exchanges, clearing houses or other
financial intermediaries we use to facilitate our securities transactions. In the event of a breakdown or improper operation of
our or a third party’s systems or improper or unauthorized action by third parties or our employees, we could suffer financial
loss, an impairment to our liquidity, a disruption of our businesses, regulatory sanctions or damage to our reputation. In
addition, the interconnectivity of multiple financial institutions with central agents, exchanges and clearing houses, and the
increased importance of these entities, increases the risk that an operational failure at one institution or entity may cause an
industry-wide operational failure that could materially impact our ability to conduct business.
Despite the business contingency plans we have in place, there can be no assurance that such plans will fully mitigate all
potential business continuity risks to us. Our ability to conduct business may be adversely affected by a disruption in the
infrastructure that supports our business and the communities where we are located, which are concentrated in the New York
metropolitan area, London, Hong Kong and Tokyo as well as Mumbai, Budapest, Glasgow and Baltimore. This may include
a disruption involving physical site access, cyber incidents, terrorist activities, disease pandemics, catastrophic events,
natural disasters, extreme weather events, electrical, environmental, computer servers, communications or other services we
use, our employees or third parties with whom we conduct business.
Although we devote significant resources to maintaining and upgrading our systems and networks with measures such as
intrusion and detection prevention systems, monitoring firewalls to safeguard critical business applications, and supervising
third party providers that have access to our systems, there is no guarantee that these measures or any other measures can
provide absolute security. Like other financial services firms, we and our third party providers continue to be the subject of
attempted unauthorized access, mishandling or misuse of information, computer viruses or malware, cyber attacks designed
to obtain confidential information, destroy data, disrupt or degrade service, sabotage systems or cause other damage, denial
of service attacks and other events. These threats may derive from human error, fraud or malice on the part of our employees
or third parties, including third party providers, or may result from accidental technological failure. Additional challenges are
posed by external extremist parties, including foreign state actors, in some circumstances as a means to promote political
ends. Any of these parties may also attempt to fraudulently induce employees, customers, clients, third parties or other users
of our systems to disclose sensitive information in order to gain access to our data or that of our customers or clients. There
can be no assurance that such unauthorized access or cyber incidents will not occur in the future, and they could occur more
frequently and on a more significant scale.
If one or more of these events occur, it could result in a security impact on our systems and jeopardize our or our clients’,
partners’ or counterparties’ personal, confidential, proprietary or other information processed and stored in, and transmitted
through, our and our third party providers’ computer systems. Furthermore, such events could cause interruptions or
malfunctions in our, our clients’, partners’, counterparties’ or third parties’ operations, which could result in reputational
15