required to develop estimates of fair value, and the use of different assumptions or valuation methodologies may have a material effect on the estimated fair value amounts.
As an example, our registered independent accounting firm has identified the valuation of embedded derivatives of fixed indexed annuities as a critical audit matter. Our FIA contracts allow the policyholder to elect a fixed interest rate return or an equity market component for which interest credited is based on the performance of certain stock market indices. The equity market option is an embedded derivative. The fair value of the embedded derivatives is computed as the present value of death, surrender, and partial withdrawal benefits attributable to the excess of the projected policy contract values over the projected minimum guaranteed contract values. The projections of policy contract values are based on assumptions for future policy growth, which included assumptions for expected index credits on the next policy anniversary date, future equity option cost developed based on the participation rate, cap rate, strike rate, volatility assumption, time to expiration, and risk-free rates using the Black Scholes formula and grow at the risk-free interest rates over the term of the index period, guaranteed minimum renewal interest rate, and policyholder assumptions including mortality, lapses, partial withdrawal rates, and the utilization of benefit riders. Because of the significant subjectivity and estimation of the valuation inputs, the valuation of our embedded derivatives could vary significantly as conditions change and new information and becomes available. Decreases in value may have a material adverse effect on our results of operation or financial condition.
Our determination of the amount of allowances and impairments varies by investment type and is based on our periodic evaluations and assessments of known and inherent risks associated with the respective asset class. Such evaluations and assessments are revised as conditions change and new information becomes available. We update our evaluations regularly and make changes in allowances and impairments in operations. Market volatility, including as a result of the COVID-19 pandemic, inflation, bank failures, and the conflict between Russia and Ukraine, can make it more difficult to value our securities if trading in such securities becomes less frequent. In addition, a forced sale by holders of large amounts of a security, whether due to insolvency, liquidity, or other issues with respect to such holders, could result in declines in the price of a security. There can be no guarantee that we have accurately assessed the level of impairments taken and allowances reflected in our financial statements. Furthermore, additional impairments may need to be taken or allowances provided for in the future. Impairments result in charges to earnings in the period taken, and historical trends may not be indicative of future impairments or allowances.
A breach of information security or other unauthorized data access could have an adverse impact on our business and reputation.
In the ordinary course of business, we collect, process, transmit, and store large quantities of personally identifiable information, customer financial and health information, and proprietary business information (“Sensitive Information”). The secure processing, storage, maintenance, and transmission of Sensitive Information are vital to our operations and business strategies. Although we undertake substantial efforts to reasonably protect Sensitive Information, including internal processes and technological defenses that are preventative, and other commercially reasonable controls designed to provide multiple layers of security and detection, Sensitive Information maintained by us may be vulnerable to attacks by computer hackers, to physical theft by other third-party criminals, or to other compromise due to employee error or malfeasance. Attacks may include both sophisticated cyber-attacks perpetrated by organized crime groups, “activists,” or state sponsored groups, as well as non-technical attacks ranging from sophisticated social engineering to simple extortion or threats, which can lead to unauthorized access or disclosure, disruption or further attacks. Such events may expose us to civil and criminal liability, or regulatory action, harm our reputation among customers, deter people from purchasing our products, cause system interruptions, require significant technical, legal, and other remediation expenses, and otherwise have an adverse impact on our business. Third parties to whom we outsource certain functions are also subject to the risks outlined above, and if a third-party suffers a breach of information security involving our Sensitive Information, the breach may result in substantial costs and other negative consequences, including a material adverse effect on our business, financial condition, results of operations, and liquidity. We offer no guarantees that we will be able to implement information security measures to prevent all breaches of information security.
Employee error, misconduct, or excessive risks may be difficult to detect and prevent and could adversely affect us.
Persons who conduct our business, including executive officers and other members of management, other employees and our IMOs and their sales agents, do so in part by making decisions and choices that involve exposing us to risk. These include decisions such as setting underwriting guidelines and standards, product design and pricing, determining what assets to purchase for investment and when to sell them, deciding which business opportunities to pursue, and other business decisions. Losses may result from, among other things, excessive risk, fraud, errors, failure to document transactions properly, failure to obtain proper internal authorization, or failure to comply with regulatory requirements. Although we employ controls and procedures designed to monitor business decisions and
