ISBC 2017 Form 10-K & 2018 Proxy Statement

FORM 10-K The Bank has implemented security controls to prevent unauthorized access to its computer systems and requires its third-party service providers to maintain similar controls. However, we cannot be certain that these measures will be successful. A security breach of our computer systems and loss of confidential information, such as customer account numbers and related information, could result in a loss of customers’ confidence and, thus, loss of business. The Bank could also lose revenue if competitors gain access to confidential information about our business operations and use it to compete with the Bank. In addition, unauthorized access to or use of sensitive data could subject the Bank to litigation and liability, and costs to prevent further such occurrences. Further, the Bank may be affected by data breaches at retailers and other third parties who participate in data interchanges with the Bank and its customers that involve the theft of customer debit card data, which may include the theft of the Bank debit card PIN numbers and card information used to make purchases at such retailers and other third parties. Such data breaches could result in the Bank incurring significant expenses to reissue debit cards and cover losses, which could result in a material adverse effect on the Bank’s results of operations. To date, the Bank has not experienced any material losses relating to cyber-attacks or other information security breaches, but there can be no assurance that the Bank will not suffer such attacks or attempted breaches, or incur resulting losses, in the future. The Bank’s risk and exposure to these matters remains heightened because of, among other things, the evolving nature of these threats. The Bank plans to continue to implement internet and mobile banking capabilities to meet customer demand and the current economic environment. As cyber and other data security threats continue to evolve, the Bank may be required to expend significant additional resources to continue to modify and enhance its protective measures or to investigate and remediate any security vulnerabilities. The Bank’s assets at risk for cyber-attacks include financial assets and non-public information belonging to customers. Investors Bank uses several third-party vendors who have access to Investors Bank’s assets via electronic media. Certain cyber security risks arise due to this access, including cyber espionage, blackmail, ransom and theft. All of the types of cyber incidents discusses above could result in damage to the Bank’s reputation, loss of customer business, costs of incentives to customers or business partners in order to maintain their relationships, litigation, increased regulatory scrutiny and potential enforcement actions, repairs of system damage, increased investments in cybersecurity (such as obtaining additional technology, making organizational changes, deploying additional personnel, training personnel and engaging consultants), increased insurance premiums, and loss of investor confidence, all of which could result in financial loss and material adverse effects on the Bank’s results of operations, financial condition and earnings. Our failure to effectively deploy the capital raised in our second step conversion offering may have an adverse effect on our financial performance. We invested 50% of the net proceeds from our second step conversion offering in Investors Bank; provided funding to our Employee Stock Ownership Plan for the purchase of 6,617,421 shares of common stock sold in the offering; and contributed $20.0 million to Investors Charitable foundation by issuing 1,000,000 shares and a $10.0 million cash contribution. A substantial portion of the net proceeds were used to pay off short-term borrowings as they matured and invest in securities. We continue to utilize the remainder of the net proceeds for general corporate purposes, including, among other items, paying cash dividends and repurchasing shares of our common stock. Our failure to deploy the capital effectively may reduce our profitability and may adversely affect the value of our common stock. Our recruitment efforts may not be sufficient to implement our business strategy and execute successful operations. As we continue to grow, we may find our recruitment efforts more challenging. If we do not succeed in attracting, hiring, and integrating experienced or qualified personnel, we may not be able to continue to successfully implement our business strategy. 47