Regions Bank 2011 Annual Report Download - page 56

Download and view the complete annual report

Please find page 56 of the 2011 Regions Bank annual report below. You can navigate through the pages in the report by either clicking on the pages listed below, or by using the keyword search tool below to find specific information within the annual report.

Page out of 268

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
  • 115
  • 116
  • 117
  • 118
  • 119
  • 120
  • 121
  • 122
  • 123
  • 124
  • 125
  • 126
  • 127
  • 128
  • 129
  • 130
  • 131
  • 132
  • 133
  • 134
  • 135
  • 136
  • 137
  • 138
  • 139
  • 140
  • 141
  • 142
  • 143
  • 144
  • 145
  • 146
  • 147
  • 148
  • 149
  • 150
  • 151
  • 152
  • 153
  • 154
  • 155
  • 156
  • 157
  • 158
  • 159
  • 160
  • 161
  • 162
  • 163
  • 164
  • 165
  • 166
  • 167
  • 168
  • 169
  • 170
  • 171
  • 172
  • 173
  • 174
  • 175
  • 176
  • 177
  • 178
  • 179
  • 180
  • 181
  • 182
  • 183
  • 184
  • 185
  • 186
  • 187
  • 188
  • 189
  • 190
  • 191
  • 192
  • 193
  • 194
  • 195
  • 196
  • 197
  • 198
  • 199
  • 200
  • 201
  • 202
  • 203
  • 204
  • 205
  • 206
  • 207
  • 208
  • 209
  • 210
  • 211
  • 212
  • 213
  • 214
  • 215
  • 216
  • 217
  • 218
  • 219
  • 220
  • 221
  • 222
  • 223
  • 224
  • 225
  • 226
  • 227
  • 228
  • 229
  • 230
  • 231
  • 232
  • 233
  • 234
  • 235
  • 236
  • 237
  • 238
  • 239
  • 240
  • 241
  • 242
  • 243
  • 244
  • 245
  • 246
  • 247
  • 248
  • 249
  • 250
  • 251
  • 252
  • 253
  • 254
  • 255
  • 256
  • 257
  • 258
  • 259
  • 260
  • 261
  • 262
  • 263
  • 264
  • 265
  • 266
  • 267
  • 268

Because the nature of the financial services business involves a high volume of transactions, certain errors
may be repeated or compounded before they are discovered and successfully rectified. Our necessary dependence
upon automated systems to record and process transactions and our large transaction volume may further
increase the risk that technical flaws or employee tampering or manipulation of those systems will result in losses
that are difficult to detect. We also may be subject to disruptions of our operating systems arising from events
that are wholly or partially beyond our control (for example, computer viruses or electrical or
telecommunications outages, or natural disasters, disease pandemics or other damage to property or physical
assets) which may give rise to disruption of service to customers and to financial loss or liability. We are further
exposed to the risk that our external vendors may be unable to fulfill their contractual obligations (or will be
subject to the same risk of fraud or operational errors by their respective employees as we are) and to the risk that
we (or our vendors’) business continuity and data security systems prove to be inadequate. The occurrence of any
of these risks could result in our diminished ability to operate our business (for example, by requiring us to
expend significant resources to correct the defect), as well as potential liability to clients, reputational damage
and regulatory intervention, which could adversely affect our business, financial condition or results of
operations, perhaps materially.
Our information systems may experience an interruption or security breach.
Failure in or breach of our operational or security systems or infrastructure, or those of our third party
vendors and other service providers, including as a result of cyber attacks, could disrupt our businesses, result in
the disclosure or misuse of confidential or proprietary information, damage our reputation, increase our costs and
cause losses. As a large financial institution, we depend on our ability to process, record and monitor a large
number of customer transactions on a continuous basis. As customer, public and regulatory expectations
regarding operational and information security have increased, our operational systems and infrastructure must
continue to be safeguarded and monitored for potential failures, disruptions and breakdowns. Our business,
financial, accounting, data processing systems or other operating systems and facilities may stop operating
properly or become disabled or damaged as a result of a number of factors including events that are wholly or
partially beyond our control. For example, there could be sudden increases in customer transaction volume;
electrical or telecommunications outages; natural disasters such as earthquakes, tornadoes, and hurricanes;
disease pandemics; events arising from local or larger scale political or social matters, including terrorist acts;
and, as described below, cyber attacks. Although we have business continuity plans and other safeguards in
place, our business operations may be adversely affected by significant and widespread disruption to our physical
infrastructure or operating systems that support our businesses and customers.
Information security risks for large financial institutions such as Regions have generally increased in recent
years in part because of the proliferation of new technologies, the use of the Internet and telecommunications
technologies to conduct financial transactions, and the increased sophistication and activities of organized crime,
hackers, terrorists, activists, and other external parties. As noted above, our operations rely on the secure
processing, transmission and storage of confidential information in our computer systems and networks. In
addition, to access our products and services, our customers may use personal smartphones, tablet PC’s, and
other mobile devices that are beyond our control systems. Although we believe we have robust information
security procedures and controls, our technologies, systems, networks, and our customers’ devices may become
the target of cyber attacks or information security breaches that could result in the unauthorized release,
gathering, monitoring, misuse, loss or destruction of Regions’ or our customers’ confidential, proprietary and
other information, or otherwise disrupt Regions’ or our customers’ or other third parties’ business operations.
Third parties with which we do business or that facilitate our business activities, could also be sources of
operational and information security risk to us, including from breakdowns or failures of their own systems or
capacity constraints.
Although to date we have not experienced any material losses relating to cyber attacks or other information
security breaches, there can be no assurance that we will not suffer such losses in the future. Our risk and
32