13 / 354
4
Risk Factors
Risks related to the Group’s business and industry
13
Worldline
2016 Registration Document
adapt its contracts accordingly. The Group’s financial exposure
by international standards and law and industry standards, or to
comply with mandatory privacy and security standards required
required to expend significant capital and other resources to
restrictions on its business processes. The Group may be
impact on the Group by increasing its costs or imposing
specific industry bodies, such changes could have an adverse
in the various jurisdictions in which the Group operates or by
requirements relating to personal data are adopted in the future
extent more restrictive laws, rules or industry security
through any insurance maintained by the Group.
standards may either not be insured against or not fully covered
from any actual or alleged breach of such regulations or
Regulation GDPR (General Data Protection Regulation). The
in which the Group operates, and in particular to the European
processing and transfer of personal data in various jurisdictions
standards and limitations applicable to the collection, storage,
indirectly through its clients) to laws, regulations, industry
e-Transactional services, the Group is subject directly (or
institutions, card processing services and other digital and
Moreover, as a global provider of services to financial
results of operations and financial condition. In addition, to the
which could have an adverse effect on the Group’s business,
damage to the Group’s global reputation and its brand, any of
customers to be reluctant to do business with the Group,
penalties including fines, or may cause existing or potential
services and the imposition of administrative, civil or criminal
registrations, the limitation, suspension or termination of
result in the suspension or revocation of licenses or
data use and security laws, standards and regulations could
Group’s failure to keep apprised of and comply with privacy,
liability.
defects could damage customer relations and subject it to
Breakdowns of the Group’s processing systems or software
computer viruses, unauthorized entry, terrorist acts and war.
limited to, fire, natural disasters, telecommunications failure,
delivers are designed to securely and reliably process very
software, servers and data centers. The services the Group
operation of numerous systems, including its computer systems,
The Group depends heavily on the efficient and uninterrupted
outflows for different parties operating across the payment
collection, accounting and management of cash inflows and
reputation. The Group operates various services that involve the
number of users, the Group’s business, and, ultimately, its
could have a material adverse effect on a potentially large
significant processing or reporting errors or service outages
effective and secure service or performance issues that result in
high volumes and processing speeds. Any failure to deliver an
reports and other information on those transactions, all at very
complex transactions—very often in real-time—and provide
that could cause system interruptions include, but are not
including from events that may be beyond its control. Events
therefore be able to protect its systems from interruption,
flows. To successfully operate its business, the Group must
unable to take corrective measures to redistribute such cash
given the Group’s role as systems operator, should the Group be
which could adversely affect the Group’s financial condition,
undetected fraud, could result in cash flow accounting errors
interpretation of contractual rules within systems, or even
services chain. A technical defect, errors in the application or
result in:
processing of payment transactions or other difficulties could
parties, defects in our systems, errors or delays in the
may occur. Breakdowns in the Group’s systems or those of third
not be adequate to compensate it for all losses or failures that
The Group’s property and business interruption insurance may
may contain undetected errors that degrade their performance.
products or employees. Similarly, software and software updates
result of breakdowns or failures of such parties’ own systems,
could also be sources of operational risk to it, including as a
or systems. Third parties with whom the Group does business
deliberate sabotage or fraudulent manipulation of its operations
failures, either as a result of human error or as a result of
dependent, could cause significant operational breakdowns or
Additionally, the Group’s employees, on whom it is also
loss of revenue;
●
loss of clients and/or contracts;
●
loss of sensitive merchant, consumer and other data;
●
fines imposed by payment network associations;
●
contractual penalties or trade concessions;
●
damage to the hardware or software of our clients;
●
negative publicity;
harm to the Group’s business or reputation resulting from
●
exposure to fraud losses or other liabilities;
●
measures and remediation efforts);
connection with the imposition of additional security
additional operating and development costs (notably in
●
legal proceedings being brought against the Group; and/or
●
diversion of technical and other resources.
●
results of operations and financial condition.
reliability or its reputation generally, and hence its business,
materially and adversely affect the Group’s reputation for
the duration of the outage. Any of these developments could
merchant clients from being able to process card payments for
liability. Similarly, service outages could prevent the Group’s
successful in preventing disruption or limiting the Group’s
etc., it cannot be certain that these measures will always be
security controls, application development and testing controls,
liability through controls, including system redundancies,
operations. Although the Group attempts to limit its potential
on the Group’s business, financial condition and results of
Any one or more of the foregoing could have an adverse effect