TD Ameritrade 2018 Annual Report

14 ("DDOS") attacks, spurious spam attacks, intentional acts of vandalism and similar events. It could take several hours or more to restore full functionality following any of these events. Extraordinary trading volumes could cause our computer systems to operate at an unacceptably slow speed or even fail. Extraordinary Internet traffic caused by DDOS, spam attacks or extreme market volatility could cause our website or other trading applications to be unavailable or slow to respond. While we have made significant investments to upgrade the reliability and scalability of our systems and added hardware to address extraordinary Internet traffic, there can be no assurance that our systems will be sufficient to handle such extraordinary circumstances. Slowness or unavailability may not impact all trading channels evenly, and some trading channels may be impacted while others are not. Social media and media reports may conflate one channel being unavailable with all channels being unavailable. We may not be able to project accurately the rate, timing or cost of any increases in our business or to expand and upgrade our systems and infrastructure to accommodate any increases in a timely manner. Systems failures and delays could occur and could cause, among other things, unanticipated disruptions in service to our clients, substantial losses to our clients, slower system response time resulting in transactions not being processed as quickly as our clients desire, decreased levels of client service and client satisfaction and harm to our reputation. We are also dependent on the integrity and performance of securities exchanges, clearing houses and other intermediaries to which client orders are routed for execution and settlement. Systems failures and constraints and transaction errors at such intermediaries could result in delays and erroneous or unanticipated execution prices, cause substantial losses for us and our clients and subject us to claims from our clients for damages. The occurrence of any of these events could have a material adverse effect on our business, financial condition and results of operations. Further, a cybersecurity intrusion could occur and persist for an extended period of time without detection, and any investigation of a cybersecurity intrusion could require a substantial amount of time. During all this time we might not know the extent of the harmor how best to remediate it, and errors or omissions could be repeated or compounded before being discovered and remediated, all of which could aggravate the costs and consequences of the intrusion. As our business model relies heavily on our clients' use of their own personal computers, mobile devices and the Internet, our business and reputation could be harmed by security breaches of our clients and third parties. Computer viruses and other attacks on our clients' personal computer systems, home networks and mobile devices or against the third-party networks and systems of Internet and mobile service providers could create losses for our clients even without any breach in the security of our systems and could thereby harm our business and our reputation. As part of our asset protection guarantee, we may reimburse our clients for losses in their accounts caused by a breach of security of our clients' own computers (through no fault of the client). Such reimbursements may not be covered by applicable insurance and could have an adverse effect on our business, financial condition and results of operations. Failure to protect client data or prevent breaches of our information systems could expose us to liability or reputational damage. We are dependent on information technology networks and systems to securely process, transmit and store electronic information and to communicate among our locations and with our clients and vendors. As the breadth and complexity of this infrastructure continue to grow, the potential risk of security breaches and cyber-attacks increases. Developing and enhancing new products and services, which is necessary for us to remain competitive, may involve the use or creation of new technologies, exposes us to cybersecurity and privacy risks that cannot be completely anticipated and increases the risk of security breaches and cyber-attacks. As a financial services company, we are continuously subject to cyber-attacks, DDOS and ransomware attacks, malicious code and computer viruses by activists, hackers, organized crime, foreign state actors and other third parties. Such breaches could lead to shutdowns or disruptions of our systems, account takeovers and unauthorized gathering, monitoring, misuse, loss, total destruction and disclosure of data and confidential information of ours, our clients, our employees or other third parties, or otherwise materially disrupt our or our clients' or other third parties' network access or business operations. In addition, vulnerabilities of our external service providers and other third parties could pose security risks to client information. The secure transmission of confidential information over public networks is also a critical element of our operations. We, along with the financial services industry in general, have experienced losses related to clients' login and password information being compromised, generally caused by attacks capturing credentials directly from clients themselves, through phishing attacks, clients' use of non-secure public computers or vulnerabilities of clients' private computers andmobile devices. In 2007, we discovered and eliminated unauthorized code fromour computer systems that had allowed an unauthorized third party to retrieve client email addresses, names, addresses and phone numbers