Target 2013 Annual Report Download - page 52

Download and view the complete annual report

Please find page 52 of the 2013 Target annual report below. You can navigate through the pages in the report by either clicking on the pages listed below, or by using the keyword search tool below to find specific information within the annual report.

Page out of 82

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82

47
(SG&A), but were not part of our segment results. Expenses include costs to investigate the Data Breach, provide
credit-monitoring services to our guests, increase staffing in our call centers, and procure legal and other professional
services.
The $61 million of fourth quarter expenses also include an accrual for the estimated probable loss related to the
expected payment card networks’ claims by reason of the Data Breach. The ultimate amount of these claims will likely
include amounts for incremental counterfeit fraud losses and non-ordinary course operating expenses (such as card
reissuance costs) that the payment card networks believe they or their issuing banks have incurred. In order for us to
have liability for such claims, we believe that a court would have to find among other things that (1) at the time of the
Data Breach the portion of our network that handles payment card data was noncompliant with applicable data security
standards in a manner that contributed to the Data Breach, and (2) the network operating rules around reimbursement
of operating costs and counterfeit fraud losses are enforceable. While an independent third-party assessor found the
portion of our network that handles payment card data to be compliant with applicable data security standards in the
fall of 2013, we expect the forensic investigator working on behalf of the payment card networks nonetheless to claim
that we were not in compliance with those standards at the time of the Data Breach. We base that expectation on our
understanding that, in cases like ours where prior to a data breach the entity suffering the breach had been found by
an independent third-party assessor to be fully compliant with those standards, the network-approved forensic
investigator nonetheless regularly claims that the breached entity was not in fact compliant with those standards. As
a result, we believe it is probable that the payment card networks will make claims against us. We expect to dispute
the payment card networks’ anticipated claims, and we think it is probable that our disputes would lead to settlement
negotiations consistent with the experience of other entities that have suffered similar payment card breaches. We
believe such negotiations would effect a combined settlement of both the payment card networks' counterfeit fraud
loss allegations and their non-ordinary course operating expense allegations. We based our year-end accrual on the
expectation of reaching negotiated settlements of the payment card networks’ anticipated claims and not on any
determination that it is probable we would be found liable on these claims were they to be litigated. Currently, we can
only reasonably estimate a loss associated with settlements of the networks' expected claims for non-ordinary course
operating expenses. The year-end accrual does not include any amounts associated with the networks' expected
claims for alleged incremental counterfeit fraud losses because the loss associated with settling such claims, while
probable in our judgment, is not reasonably estimable, in part because we have not yet received third-party fraud
reporting from the payment card networks. We are not able to reasonably estimate a range of possible losses in excess
of the year-end accrual related to the expected settlement of the payment card networks’ claims because the
investigation into the matter is ongoing and there are significant factual and legal issues to be resolved. We believe
that it is reasonably possible that the ultimate amount paid on payment card network claims could be material to our
results of operations in future periods.
Litigation and Governmental Investigations
In addition, more than 80 actions have been filed in courts in many states and other claims have been or may be
asserted against us on behalf of guests, payment card issuing banks, shareholders or others seeking damages or
other related relief, allegedly arising out of the Data Breach. State and federal agencies, including the State Attorneys
General, the Federal Trade Commission and the SEC are investigating events related to the Data Breach, including
how it occurred, its consequences and our responses. Although we are cooperating in these investigations, we may
be subject to fines or other obligations. While a loss from these matters is reasonably possible, we cannot reasonably
estimate a range of possible losses because our investigation into the matter is ongoing, the proceedings remain in
the early stages, alleged damages have not been specified, there is uncertainty as to the likelihood of a class or classes
being certified or the ultimate size of any class if certified, and there are significant factual and legal issues to be
resolved. Further, we do not believe that a loss from these matters is probable; therefore, we have not recorded a loss
contingency liability for litigation, claims and governmental investigations in 2013. We will continue to evaluate
information as it becomes known and will record an estimate for losses at the time or times when it is both probable
that a loss has been incurred and the amount of the loss is reasonably estimable.
Future Costs
We expect to incur significant investigation, legal and professional services expenses associated with the Data Breach
in future periods. We will recognize these expenses as services are received. We also expect to incur additional
expenses associated with incremental fraud and reissuance costs on Target REDcards.