CASH 2017 Annual Report

67 The Bank owns or is seeking a number of patents, trademarks and other forms of intellectual property with respect to the operation of its business and the protection of such intellectual property may in the future require material expenditures. In their operations, our divisions, through the Bank, seek protection for various forms of intellectual property from time to time. No assurance can be given that such protection will be granted. In addition, given the competitive market environment of its business, the Bank must be vigilant in ensuring that its patents and other intellectual property are protected and not exploited by unlicensed third parties. The Bank must also protect itself and defend against intellectual property challenges initiated by third parties making various claims against it. With respect to these claims, regardless of whether we are pursuing our claims against perceived infringers or defending our intellectual property from third parties asserting various claims of infringement, it is possible that significant personnel time and monetary resources could be used to pursue or defend such claims. It should also be noted that intellectual property risks extend to foreign countries whose protections of such property are not as extensive as those in the United States. As such, the Bank may need to spend additional sums to ensure that its intellectual property protections aremaximized globally. Moreover, should there be amaterial, improper use of the Bank’s intellectual property, this could have an impact on our divisions' operations and the Bank. Costs of conforming products and services to the Payment Card Industry Data Security Standards (the “PCI DSS”) are costly and could continue to affect the operations of MPS. The PCI DSS is a multifaceted standard that includes data security management, policies and procedures as well as other protective measures, that was created by the largest credit card associations in the world in an effort to protect the nonpublic personal information of all types of cardholders, including prepaid cardholders and holders of network branded credit cards (such as Discover, MasterCard and Visa). The PCI DSS mandates a prescribed technical foundation for the collection, storage and transmission of cardholder data and also contains significant provisions regarding the testing of security protections by various entities in the payment card industry, including MPS. Compliance with the PCI DSS is costly and changes to the standards could have an equal, or greater, effect on profitability of the relevant business division. The potential for fraud in the card payment industry is significant. Issuers of prepaid and credit cards have suffered significant losses in recent years with respect to the theft of cardholder data that has been illegally exploited for personal gain. The theft of such information is regularly reported and affects not only individuals but businesses as well. Many types of credit card fraud exist, including the counterfeiting of cards and “skimming.” Losses from fraud have been substantial for certain card industry participants. Although fraud has not had a material impact on the profitability of the Bank, it is possible that such activity could adversely impact in the future, notwithstanding, our recent introduction of EMV (i.e., chip-enabled) cards and the broader acceptance of such cards in the U.S. and international markets. Part of our business depends on sales agents who do not sell our products exclusively. Our business model, to some degree, depends upon the use of sales agents who are not our employees. These agents sell the products and services of many different processors to merchants and other parties in need of card services. Failure to maintain good relations with such sales agents or the perceived or actual malfeasance of such agents could have a negative impact on our business. Products and services offered by MPS involve many business parties and the possibility of collusion exists. As described above, the theft of cardholder data is a significant threat in the industry in which MPS operates. This threat also includes the possibility that there is collusion between certain participants in the card system to act illegally. Although MPS is not aware of any instances to date, it is possible that such activities could occur in the future, thereby impacting its operation and profitability.