We collect, store, share, disclose, transfer, use and otherwise process customer information and other data, including personal data, and an actual or perceived failure by us or our third-party service providers to protect such information and data or respect customers’ privacy could damage our reputation and brand, negatively affect our ability to retain customers and harm our business, financial condition, operating results, cash flows and prospects.
The operation of our platform involves the use, collection, storage, sharing, disclosure, transfer and other processing of customer information, including personal data, and security breaches and other security incidents could expose us to a risk of loss or exposure of this information, which could result in potential liability, investigations, regulatory fines, penalties for violation of applicable laws or regulations, litigation, and remediation costs, as well as reputational harm. Any or all of the issues above could adversely affect our ability to attract new customers and continue our relationship with existing customers, cause our customers to stop using our products and services, result in negative publicity or subject us to governmental, regulatory or third-party lawsuits, disputes, investigations, orders, regulatory fines, penalties for violation of applicable laws or regulations or other actions or liability, thereby harming our business, financial condition, operating results, cash flows, and prospects. Any accidental or unauthorized access to or disclosure, loss, destruction, disablement or encryption of, use or misuse of or modification of data, including personal data, cybersecurity breach or other security incident that we, our customers or our third-party service providers experience or the perception that one has occurred or may occur, could harm our reputation, reduce the demand for our products and services and disrupt normal business operations. In addition, it may require us to expend significant financial and operational resources in response to a security breach, including repairing system damage, increasing security protection costs by deploying additional personnel and modifying or enhancing our protection technologies, investigating, remediating or correcting the breach and any security vulnerabilities, defending against and resolving legal and regulatory claims, and preventing future security breaches and incidents, all of which could expose us to uninsured liability, increase our risk of regulatory scrutiny, expose us to legal liabilities, including litigation, regulatory enforcement, indemnity obligations or damages for contract breach, divert resources and the attention of our management and key personnel away from our business operations, and cause us to incur significant costs, any of which could materially adversely affect our business, financial condition, and results of operations.
We are subject to anti-money laundering and anti-terrorism financing laws and regulations, and failure to comply with these obligations could have significant adverse consequences for us, including subjecting us to criminal or civil liability and harm to our business.
Various laws and regulations in the United States and abroad, such as the Bank Secrecy Act, the Dodd-Frank Act, the USA PATRIOT Act, and the Credit Card Accountability Responsibility and Disclosure Act, impose certain anti-money laundering requirements on companies that are financial institutions or that provide financial products and services. Under these laws and regulations, financial institutions are broadly defined to include money services businesses such as money transmitters. In 2013, FinCEN issued guidance regarding the applicability of the Bank Secrecy Act to administrators and exchangers of convertible virtual currency, clarifying that they are money service businesses, and more specifically, money transmitters. The Bank Secrecy Act requires money services businesses (“MSBs”) to develop and implement risk-based anti-money laundering programs, report large cash transactions and suspicious activity, and maintain transaction records, among other requirements. State regulators may impose similar requirements on licensed money transmitters. In addition, our contracts with financial institution partners and other third parties may contractually require us to maintain an anti-money laundering program.
We are also subject to economic and trade sanctions programs administered by the Treasury Department’s Office of Foreign Assets Control, or OFAC, which prohibit or restrict transactions to or from or dealings with specified countries, their governments, and in certain circumstances, their nationals, and with individuals and entities that are specially-designated nationals of those countries, narcotics traffickers, terrorists or terrorist organizations, and other sanctioned persons and entities. Our failure to comply with anti-money laundering, economic and trade sanctions regulations, and similar laws could subject us to substantial civil and criminal penalties, or result in the loss or restriction of our MSB or broker-dealer registrations and state licenses, or liability under our contracts with third parties, which may significantly affect our ability to conduct some aspects of our business. Changes in this regulatory environment, including changing interpretations and the implementation of new or varying regulatory requirements by the government.
We are subject to anti-corruption, anti-bribery and similar laws, and non-compliance with such laws can subject us to significant adverse consequences, including criminal or civil liability and harm our business.
We are subject to the FCPA, U.S. domestic bribery laws and other U.S. and foreign anti-corruption laws. Anti-corruption and anti-bribery laws have been enforced aggressively in recent years and are interpreted broadly to generally prohibit companies, their employees and their third-party intermediaries from authorizing, offering or providing, directly or indirectly, improper payments or
