Regions Bank 2012 Annual Report Download - page 47

Download and view the complete annual report

Please find page 47 of the 2012 Regions Bank annual report below. You can navigate through the pages in the report by either clicking on the pages listed below, or by using the keyword search tool below to find specific information within the annual report.

Page out of 254

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
  • 115
  • 116
  • 117
  • 118
  • 119
  • 120
  • 121
  • 122
  • 123
  • 124
  • 125
  • 126
  • 127
  • 128
  • 129
  • 130
  • 131
  • 132
  • 133
  • 134
  • 135
  • 136
  • 137
  • 138
  • 139
  • 140
  • 141
  • 142
  • 143
  • 144
  • 145
  • 146
  • 147
  • 148
  • 149
  • 150
  • 151
  • 152
  • 153
  • 154
  • 155
  • 156
  • 157
  • 158
  • 159
  • 160
  • 161
  • 162
  • 163
  • 164
  • 165
  • 166
  • 167
  • 168
  • 169
  • 170
  • 171
  • 172
  • 173
  • 174
  • 175
  • 176
  • 177
  • 178
  • 179
  • 180
  • 181
  • 182
  • 183
  • 184
  • 185
  • 186
  • 187
  • 188
  • 189
  • 190
  • 191
  • 192
  • 193
  • 194
  • 195
  • 196
  • 197
  • 198
  • 199
  • 200
  • 201
  • 202
  • 203
  • 204
  • 205
  • 206
  • 207
  • 208
  • 209
  • 210
  • 211
  • 212
  • 213
  • 214
  • 215
  • 216
  • 217
  • 218
  • 219
  • 220
  • 221
  • 222
  • 223
  • 224
  • 225
  • 226
  • 227
  • 228
  • 229
  • 230
  • 231
  • 232
  • 233
  • 234
  • 235
  • 236
  • 237
  • 238
  • 239
  • 240
  • 241
  • 242
  • 243
  • 244
  • 245
  • 246
  • 247
  • 248
  • 249
  • 250
  • 251
  • 252
  • 253
  • 254

mobile devices that are beyond our control systems. Although we believe that we have robust information
security procedures and controls, our technologies, systems, networks and our customers’ devices may be the
target of cyber attacks or information security breaches that could result in the unauthorized release, gathering,
monitoring, misuse, loss or destruction of Regions’ or our customers’ confidential, proprietary and other
information. Additionally, cyber attacks, such as denial of service attacks, hacking or terrorist activities, could
disrupt Regions’ or our customers’ or other third parties’ business operations. For example, in October 2012 and
December 2012, a group launched denial of service attacks against a number of large financial services
institutions. Regions was targeted by this group in October and December. These events did not result in a breach
of Regions’ client data, and account information remained secure; however, the attacks did adversely affect the
performance of Regions Bank’s website, www.regions.com, and, in some instances, prevented customers from
accessing Regions Bank’s secure websites for consumer and commercial applications. The October event was
resolved within approximately one day. The December events occurred over multiple days, but each individual
event was of a shorter duration than the October event and was promptly resolved. In all cases, the attacks
primarily resulted in inconvenience; however, future cyber attacks could be more disruptive and damaging, and
Regions may not be able to anticipate or prevent all such attacks.
Third parties with which we do business or that facilitate our business activities could also be sources of
operational and information security risk to us, including from breakdowns or failures of their own systems or
capacity constraints.
Our risk and exposure to cyber attacks and other information security breaches remain heightened because
of, among other things, the evolving nature of these threats and the prevalence of Internet and mobile banking.
As cyber threats continue to evolve, we may be required to expend significant additional resources to continue to
modify or enhance our protective measures or to investigate and remediate any information security
vulnerabilities. Disruptions or failures in the physical infrastructure or operating systems that support our
businesses and customers, or cyber attacks or security breaches of the networks, systems or devices that our
customers use to access our products and services, could result in customer attrition, regulatory fines, penalties or
intervention, reputational damage, reimbursement or other compensation costs and/or additional compliance
costs, any of which could materially adversely affect our business, results of operations or financial condition.
We rely on other companies to provide key components of our business infrastructure.
Third parties provide key components of our business operations such as data processing, recording and
monitoring transactions, online banking interfaces and services, Internet connections and network access. While
we have selected these third party vendors carefully, we do not control their actions. Any problems caused by
these third parties, including those resulting from disruptions in communication services provided by a vendor,
failure of a vendor to handle current or higher volumes, or failure of a vendor to provide services for any reason
or poor performance of services, could adversely affect our ability to deliver products and services to our
customers and otherwise conduct our business. Financial or operational difficulties of a third party vendor could
also hurt our operations if those difficulties interfere with the vendor’s ability to serve us. Replacing these third
party vendors could also create significant delay and expense. Accordingly, use of such third parties creates an
unavoidable inherent risk to our business operations.
We depend on the accuracy and completeness of information about clients and counterparties.
In deciding whether to extend credit or enter into other transactions with clients and counterparties, we may
rely on information furnished by or on behalf of clients and counterparties, including financial statements and
other financial information. We also may rely on representations of clients and counterparties as to the accuracy
and completeness of that information and, with respect to financial statements, on reports of independent auditors
if made available. If this information is inaccurate, we may be subject to regulatory action, reputational harm or
other adverse effects with respect to the operation of our business, our financial condition and our results of
operations.
31