ITEM 1. BUSINESS
American Express is a globally integrated payments company that provides our customers with access to products, insights and experiences that enrich lives and build business success. We are a leader in providing credit and charge cards to consumers, small businesses, mid-sized companies and large corporations around the world. American Express® cards issued by American Express as well as by third-party banks and other institutions on the American Express network permit Card Members to charge purchases of goods and services at the millions of merchants around the world that accept cards bearing our logo.
Our various products and services are sold globally to diverse customer groups through various channels, including mobile and online applications, affiliate marketing, customer referral programs, third-party vendors and business partners, direct mail, telephone, in-house sales teams and direct response advertising. Business travel-related services are offered through our non-consolidated joint venture, American Express Global Business Travel (the GBT JV).
We were founded in 1850 as a joint stock association and were incorporated in 1965 as a New York corporation. American Express Company and its principal operating subsidiary, American Express Travel Related Services Company, Inc. (TRS), are bank holding companies under the Bank Holding Company Act of 1956, as amended (the BHC Act), subject to supervision and examination by the Board of Governors of the Federal Reserve System (the Federal Reserve).
We principally engage in businesses comprising three reportable operating segments: Global Consumer Services Group (GCSG), Global Commercial Services (GCS) and Global Merchant and Network Services (GMNS). Corporate functions and certain other businesses are included in Corporate & Other. Our businesses are global in scope and function together to form our end-to-end integrated payments platform, which we believe is a differentiator that underpins our business model. The COVID-19 pandemic has brought unprecedented challenges to businesses and economies around the world. While our business was significantly impacted by the pandemic in 2020 as further described in this report, we believe our progress in managing through it confirms the resilience of our differentiated business model.
For further information about our reportable operating segments, please see “Business Segment Results of Operations” under “MD&A.”
Our Integrated Payments Platform
Through our general-purpose card-issuing, merchant-acquiring and card network businesses, we are able to connect participants and provide differentiated value across the commerce path. We maintain direct relationships with both our Card Members (as a card issuer) and merchants (as an acquirer), and we handle all key aspects of those relationships. These relationships create a “closed loop” in that we have direct access to information at both ends of the card transaction, which distinguishes our integrated payments platform from the bankcard networks.
Our integrated payments platform allows us to analyze information on Card Member spending and build algorithms and other analytical tools that we use to underwrite risk, reduce fraud and provide targeted marketing and other information services for merchants and special offers and services to Card Members, all while respecting Card Member preferences and protecting Card Member and merchant data in compliance with applicable policies and legal requirements. Through contractual relationships, we also obtain information from third-party card issuers, merchant acquirers, aggregators and processors with whom we do business.
Card Issuing Businesses
Our global proprietary card-issuing businesses are conducted through our GCSG and GCS reportable operating segments. We offer a broad set of card products, rewards and services to a diverse consumer and commercial customer base, in the United States and internationally. We acquire and retain high-spending, engaged and creditworthy Card Members by:
•Designing innovative products and features that appeal to our target customer base and meet their spending and borrowing needs
•Using incentives to drive spending on our various card products and engender loyal Card Members, including our Membership Rewards® program, cash-back reward features and participation in loyalty programs sponsored by our cobrand and other partners
•Providing digital and mobile services and an array of benefits and experiences across card products, such as airport lounge access and other travel and lifestyle benefits, which we believe are difficult for others to replicate and help increase Card Member engagement
•Creating world-class service experiences by delivering exceptional customer care
•Developing a wide range of partner relationships, including with other corporations and institutions that sponsor certain of our cards under cobrand arrangements and provide benefits and services to our Card Members
During 2020, we enhanced our value propositions on many of our card products, including adjusting our rewards programs and adding limited time offers and statement credits in categories that are relevant in the current environment, such as wireless, streaming services, business essentials and food delivery. We also created a Customer Pandemic Relief Program to provide short-term support for customers impacted by COVID-19, and we enhanced and expanded our longer-term Financial Relief Program for Card Members who need additional financial assistance during this time. Additionally, we participated in the U.S. Small Business Administration Paycheck Protection Program (PPP), designed to provide small businesses with support to cover payroll and certain other expenses.
For the year ended December 31, 2020, worldwide proprietary billed business (spending on American Express cards issued by us) was $870.7 billion and at December 31, 2020, we had 68.9 million proprietary cards-in-force worldwide.
Merchant Acquiring Business
Our GMNS reportable operating segment builds and manages relationships with millions of merchants around the world that choose to accept American Express cards. This includes signing new merchants to accept our cards, agreeing on the discount rate (a fee charged to the merchant for accepting our cards) and handling servicing for merchants. We also build and maintain relationships with merchant acquirers, aggregators and processors to manage aspects of our merchant services business. For example, through our OptBlue® merchant-acquiring program, third-party acquirers contract directly with small merchants for card acceptance on our network and determine merchant pricing. We continue to grow merchant acceptance of American Express cards around the world and work with merchant partners so that our Card Members are warmly welcomed and encouraged to spend in the millions of places where their American Express cards are accepted.
GMNS also provides fraud-prevention tools, marketing solutions, data analytics and other programs and services to merchants and other partners that leverage the capabilities of our integrated payments platform.
During 2020, we adjusted certain policies to back our merchant partners in the current environment, including raising contactless transaction thresholds and reminding them that we do not require Card Members’ signatures at the point of sale. We also launched our largest-ever Shop Small campaign to support small businesses around the world, which have been significantly impacted by the pandemic.
Card Network Business
We operate a payments network through which we establish and maintain relationships with third-party banks and other institutions in approximately 98 countries and territories, licensing the American Express brand and extending the reach of our global network. These network partners are licensed to issue local currency American Express-branded cards in their countries and/or serve as the merchant acquirer for local merchants on our network.
During 2020, our joint venture with Lianlian DigiTech Co., Ltd, a Chinese fintech services company, received approval from the People’s Bank of China for a network clearing license and began processing transactions in mainland China.
For the year ended December 31, 2020, worldwide network services billed business (spending on American Express cards issued by third parties) was $139.9 billion and at December 31, 2020, we had 43.1 million cards-in-force issued by third parties worldwide.
Diverse Customer Base and Global Footprint
Our broad and diverse customer base spans consumers, small businesses, mid-sized companies and large corporations around the world. The following charts provide a summary of our diverse set of customers and broad geographic footprint based on billed business volumes:
Partners and Relationships
Our integrated payments platform allows us to work with a range of business partners, and our partners in return help drive the scale and relevance of the platform.
There are many examples of how we connect partners with our integrated payments platform, including: issuing cards under cobrand arrangements with other corporations and institutions (e.g., Delta Air Lines, Marriott International, Hilton Worldwide Holdings and British Airways); offering innovative ways for our Card Members to earn and use points with our merchants (e.g., Pay with Points at Amazon.com); expanding merchant acceptance with third-party acquirers (e.g., OptBlue partners); developing new capabilities and features with our digital partners (e.g., PayPal); integrating into the supplier payment processes of our business customers (e.g., Bill.com, SAP Ariba and Coupa); and extending the platform into travel services with American Express leisure and business travel (e.g., Fine Hotels and Resorts).
Delta Air Lines is our largest strategic partner. Our relationships with, and revenues and expenses related to, Delta are significant and represent a significant source of value for our Card Members. We issue cards under cobrand arrangements with Delta and the Delta cobrand portfolio represented approximately 9 percent of our worldwide billed business and approximately 21 percent of worldwide Card Member loans as of December 31, 2020. The Delta cobrand portfolio generates fee revenue and interest income from Card Members and discount revenue from Delta and other merchants for spending on Delta cobrand cards. The current Delta cobrand agreement runs through the end of 2029 and we expect to continue to make significant investments in this partnership. Among other things, Delta is also a key participant in our Membership Rewards program, provides travel-related benefits and services, including airport lounge access for certain American Express Card Members, accepts American Express cards as a merchant and is a corporate payments customer.
Working with all of our partners, we seek to provide value, choice and unique experiences across our customer base.
Our Spend-Centric Model and Revenue Mix
Our “spend-centric” business model focuses on generating revenues primarily by driving spending on our cards and secondarily through finance charges and fees. Spending on our cards, which is higher on average on a per-card basis versus our competitors, offers superior value to merchants in the form of loyal customers and larger transactions. Because of the revenues generated from having high-spending Card Members and the annual card fees we charge on many of our products, we are able to invest in attractive rewards and other benefits for Card Members, as well as targeted marketing and other programs and investments for merchants. This creates incentives for Card Members to spend more on their cards and positively differentiates American Express cards.
We believe our spend-centric model gives us the ability to provide differentiated value to Card Members, merchants and business partners.
The American Express Brand and Service Excellence
Our brand and its attributes—trust, security and service—are key assets. We invest heavily in managing, marketing, promoting and protecting our brand, including through the delivery of our products and services in a manner consistent with our brand promise. The American Express brand is consistently ranked as one of the most valuable brands in the world. We place significant importance on trademarks, service marks and patents, and seek to secure our intellectual property rights around the world.
We aim to provide the world’s best customer experience every day and our reputation for world-class service has been recognized by numerous awards over the years. Our customer care professionals and partners treat servicing interactions as an opportunity to bring the brand to life for our customers, add meaningful value and deepen relationships.
Our Business Strategies
Our framework for managing through the pandemic and the challenging economic environment is built on four principles: supporting our colleagues and winning as a team; protecting our customers and our brand; structuring the company for growth in the future; and remaining financially strong. We remain focused on what we can control in the short term while identifying opportunities across our businesses to position ourselves for growth in the longer term. And we seek to grow our business over the longer term by focusing on four strategic imperatives:
First, we aim to expand our leadership in the premium consumer space by continuing to deliver membership benefits that span our customers’ everyday spending, borrowing, travel and lifestyle needs, expanding our roster of business partners around the globe and developing a range of experiences that attract high-spending customers.
Second, we seek to build on our strong position in commercial payments by evolving our card value propositions, further differentiating our corporate card and accounts payable expense management solutions and designing innovative products and features, including financing and supplier payment solutions for our business customers.
Third, we are focused on strengthening our global network to provide unique value by continuing to help merchants navigate the convergence of online and offline commerce with fraud protection services, marketing insights and digital connections to higher-spending Card Members and continuing to work with our network partners to offer expanded products and services.
Finally, we want to continue to make American Express an essential part of our customers’ digital lives by developing more digital features, solutions and services, expanding our digital partnerships and making targeted acquisitions.
We are committed to delivering a great colleague experience every day, cultivating the best talent and developing new ways of working to unlock enterprise value. We work to foster an inclusive and diverse culture and help our colleagues thrive both professionally and personally. When we do, our colleagues are more engaged, committed, creative and effective in driving results. At the heart of our culture is what we call our Blue Box Values – a set of guiding principles that reflect who we are and what we stand for. In 2020, we updated our Blue Box Values to be more explicit about our efforts to create an inclusive and diverse workforce:
We Back Our Customers
We Embrace Diversity
We Make It Great
We Stand for Inclusion
We Do What's Right
We Win as A Team
We Respect People
We Support Our Communities
We take a holistic approach to serving our colleagues by offering them a variety of resources that support their physical, financial, emotional, social and overall well-being. Throughout the pandemic, one of our top priorities has been to ensure our colleagues have the flexibility and resources they need to stay safe, healthy and productive.
As of December 31, 2020, we employed approximately 63,700 people, whom we refer to as colleagues, with approximately 22,700 colleagues in the United States and approximately 41,000 colleagues outside the United States. We conduct an annual Colleague Experience Survey to better understand our colleagues’ needs and overall experience at American Express and in 2020, 94 percent of colleagues who participated in the survey said they would recommend American Express as a great place to work. Our 2020 annual company scorecard included talent retention and diversity representation goals to globally increase minority and women representation at management levels and retain our key talent. As of December 31, 2020, female colleagues comprised 52 percent of our global workforce and Asian, Black/African American and Hispanic/Latinx people represented 19.7 percent, 12.0 percent and 13.0 percent, respectively, of our U.S. workforce based on preliminary data for our 2020 U.S. EEO-1 submission.
We regularly review our compensation practices to ensure colleagues in the same job, level and location are compensated fairly regardless of gender globally, and race and ethnicity in the United States. These reviews consider several factors known to affect compensation, including role, level, tenure, performance and geography. In the few instances where a review has found inconsistencies, we have made adjustments. After making these adjustments, we believe we achieved 100 percent pay equity in 2020 for colleagues across genders globally and across races and ethnicities in the United States.
Information About Our Executive Officers
Set forth below, in alphabetical order, is a list of our executive officers as of February 12, 2021, including each executive officer’s principal occupation and employment during the past five years and reflecting recent organizational changes. None of our executive officers has any family relationship with any other executive officer, and none of our executive officers became an officer pursuant to any arrangement or understanding with any other person. Each executive officer has been elected to serve until the next annual election of officers or until his or her successor is elected and qualified. Each officer’s age is indicated by the number in parentheses next to his or her name.
DOUGLAS E. BUCKMINSTER —
Group President, Global Consumer Services Group
Mr. Buckminster (60) has been Group President, Global Consumer Services Group since February 2018. Prior thereto, he had been President, Global Consumer Services Group since October 2015.
JEFFREY C. CAMPBELL —
Chief Financial Officer
Mr. Campbell (60) has been Chief Financial Officer since August 2013.
MARC D. GORDON —
Chief Information Officer
Mr. Gordon (60) has been Chief Information Officer since September 2012.
MONIQUE HERENA —
Chief Colleague Experience Officer
Ms. Herena (49) has been Chief Colleague Experience Officer since April 2019. Ms. Herena joined American Express from BNY Mellon, where she served as the Chief Human Resources Officer and Senior Executive Vice President, Human Resources, Marketing and Communications since 2014.
RAYMOND JOABAR —
Chief Risk Officer and President, Global Risk & Compliance
Mr. Joabar (55) has been Chief Risk Officer and President, Global Risk & Compliance since September 2019. Prior thereto, he had been President of International Consumer Services and Global Travel and Lifestyle Services since February 2018. He also served as Executive Vice President, Global Servicing Network from February 2016 to February 2018 and Executive Vice President, World Service from November 2015 to February 2016.
ANNA MARRS —
President, Global Commercial Services
Ms. Marrs (47) has been President, Global Commercial Services since September 2018. Ms. Marrs joined American Express from Standard Chartered Bank, where she served as Regional CEO, ASEAN and South Asia since November 2016 and CEO, Commercial and Private Banking since October 2015.
DENISE PICKETT —
President, Global Services Group
Ms. Pickett (55) has been President, Global Services Group since September 2019. Prior thereto, she had been Chief Risk Officer and President, Global Risk, Banking & Compliance since February 2018 and President, U.S. Consumer Services since October 2015.
ELIZABETH RUTLEDGE —
Chief Marketing Officer
Ms. Rutledge (59) has been Chief Marketing Officer since February 2018. Prior thereto, she had been Executive Vice President, Global Advertising & Media since February 2016 and Executive Vice President, Card Products & Benefits since May 2013.
LAUREEN E. SEEGER —
Chief Legal Officer
Ms. Seeger (59) has been Chief Legal Officer since July 2014.
JENNIFER SKYLER —
Chief Corporate Affairs Officer
Ms. Skyler (44) has been Chief Corporate Affairs Officer since October 2019. Ms. Skyler joined American Express from The We Company, where she had been Chief Communications Officer from January 2018 to September 2019. Prior thereto, she had been Global Head of Public Affairs from January 2016 to January 2018.
STEPHEN J. SQUERI —
Chairman and Chief Executive Officer
Mr. Squeri (61) has been Chairman and Chief Executive Officer since February 2018. Prior thereto, he had been Vice Chairman since July 2015.
ANRÉ WILLIAMS —
Group President, Global Merchant and Network Services
Mr. Williams (55) has been Group President, Global Merchant and Network Services since February 2018. Prior thereto, he had been President of Global Merchant Services and Loyalty since October 2015.
We compete in the global payments industry with card networks, issuers and acquirers, paper-based transactions (e.g., cash and checks), bank transfer models (e.g., wire transfers and Automated Clearing House, or ACH), as well as evolving and growing alternative mechanisms, systems and products that leverage new technologies, business models and customer relationships to create payment or financing solutions. The payments industry continues to undergo dynamic changes in response to evolving technologies, consumer habits and merchant needs, some of which have accelerated as a result of the pandemic, such as an increased shift to e-commerce and demand for contactless payments.
As a card issuer, we compete with financial institutions that issue general-purpose credit and debit cards. We also encounter competition from businesses that issue private label cards, operate mobile wallets or extend credit. We face intense competition for cobrand relationships, as both card issuer and network competitors have targeted key business partners with attractive value propositions.
Our global card network competes in the global payments industry with other card networks, including, among others, China UnionPay, Visa, Mastercard, JCB, Discover and Diners Club International (which is owned by Discover). We are the fourth largest general-purpose card network globally based on purchase volume, behind China UnionPay, Visa and Mastercard. In addition to such networks, a range of companies globally, including merchant acquirers, processors and web- and mobile-based payment platforms (e.g., Alipay, PayPal and Venmo), as well as regional payment networks (such as the National Payments Corporation of India), carry out some activities similar to those performed by our GMNS business.
The principal competitive factors that affect the card-issuing, merchant and network businesses include:
•The features, value and quality of the products and services, including customer care, rewards programs, partnerships, benefits and digital and mobile services, and the costs associated with providing such features and services
•Reputation and brand recognition
•The number, spending characteristics and credit performance of customers
•The quantity, diversity and quality of the establishments where the cards can be used
•The attractiveness of the value proposition to card issuers, merchant acquirers, cardholders, corporate clients and merchants (including the relative cost of using or accepting the products and services, and capabilities such as fraud prevention and data analytics)
•The number and quality of other cards and other forms of payment and financing available to customers
•The success of marketing and promotional campaigns
•The speed of innovation and investment in systems, technologies, and product and service offerings
•The nature and quality of expense management tools, electronic payment methods and data capture and reporting capabilities, particularly for business customers
•The security of cardholder, merchant and network partner information
Another aspect of competition is the dynamic and rapid growth of alternative payment and financing mechanisms, systems and products, which include payment aggregators, digital payment and electronic wallet platforms, point-of-sale lenders, real-time settlement and processing systems, financial technology companies, digital currencies developed by both governments and the private sector, blockchain and similar distributed ledger technologies, prepaid systems and gift cards, and systems linked to customer accounts or that provide payment solutions. Various competitors are integrating more financial services into their product offerings and competitors are seeking to attain the benefits of closed-loop, loyalty and rewards functionalities, such as ours.
In addition to the discussion in this section, see “Our operating results may materially suffer because of substantial and increasingly intense competition worldwide in the payments industry” in “Risk Factors” for further discussion of the potential impact of competition on our business, and “Our business is subject to comprehensive government regulation and supervision, which could materially adversely affect our results of operations and financial condition” and “Legal proceedings regarding provisions in our merchant contracts, including non-discrimination and honor-all-cards provisions, could have a material adverse effect on our business and result in additional litigation and/or arbitrations, substantial monetary damages and damage to our reputation and brand” in “Risk Factors” for a discussion of the potential impact on our ability to compete effectively due to government regulations or if ongoing legal proceedings limit our ability to prevent merchants from engaging in various actions to discriminate against our card products.
SUPERVISION AND REGULATION
We are subject to extensive government regulation and supervision in jurisdictions around the world, and the costs of compliance are substantial. The financial services industry is subject to rigorous scrutiny, high regulatory expectations, a range of regulations and a stringent and unpredictable enforcement environment.
Governmental authorities have focused, and we believe will continue to focus, considerable attention on reviewing compliance by financial services firms with laws and regulations, and as a result, we continually work to evolve and improve our risk management framework, governance structures, practices and procedures. Reviews to assess compliance with laws and regulations by governmental authorities, as well as our own internal reviews, have resulted in, and are likely to continue to result in, changes to our products, practices and procedures, restitution to our customers and increased costs related to regulatory oversight, supervision and examination. We have also been subject to regulatory actions and may continue to be the subject of such actions, including governmental inquiries, investigations, enforcement proceedings and the imposition of fines or civil money penalties, in the event of noncompliance or alleged noncompliance with laws or regulations. In addition, legislators and regulators in various countries in which we operate have focused on the offering of consumer financial products and the operation of payment networks, resulting in changes to certain practices or pricing of card issuers, merchant acquirers and payment networks, and, in some cases, the establishment of broad and ongoing regulatory oversight regimes.
See “Risk Factors—Legal, Regulatory and Compliance Risks” for a discussion of the potential impact legislative and regulatory changes may have on our results of operations and financial condition.
Federal and state banking laws, regulations and policies extensively regulate the Company (which, for purposes of this section, refers to American Express Company as a bank holding company), TRS and our U.S. bank subsidiary, American Express National Bank (AENB). Both the Company and TRS are subject to comprehensive consolidated supervision, regulation and examination by the Federal Reserve and AENB is supervised, regulated and examined by the Office of the Comptroller of the Currency (OCC). The Company and its subsidiaries are also subject to the rulemaking, enforcement and examination authority of the Consumer Financial Protection Bureau (CFPB). Banking regulators have broad examination and enforcement power, including the power to impose substantial fines, limit dividends and other capital distributions, restrict operations and acquisitions and require divestitures, any of which could compromise our competitive position. Many aspects of our business also are subject to rigorous regulation by other U.S. federal and state regulatory agencies and by non-U.S. government agencies and regulatory bodies.
The BHC Act generally limits bank holding companies to activities that are considered to be banking activities and certain closely related activities. As noted above, each of the Company and TRS is a bank holding company and each has elected to become a financial holding company, which is authorized to engage in a broader range of financial and related activities. In order to remain eligible for financial holding company status, we must meet certain eligibility requirements. Those requirements include that each of the Company and AENB must be “well capitalized” and “well managed,” and AENB must have received at least a “satisfactory” rating on its most recent assessment under the Community Reinvestment Act of 1977 (the CRA). The Company and TRS engage in various activities permissible only for financial holding companies, including, in particular, providing travel agency services, acting as a finder and engaging in certain insurance underwriting and agency services. If the Company fails to meet eligibility requirements for financial holding company status, it and its subsidiaries are likely to be barred from engaging in new types of financial activities or making certain types of acquisitions or investments in reliance on its status as a financial holding company, and ultimately could be required to either discontinue the broader range of activities permitted to financial holding companies or divest AENB. In addition, the Company and its subsidiaries are prohibited by law from engaging in practices that the relevant regulatory authority deems unsafe or unsound (which such authorities generally interpret broadly).
Acquisitions and Investments
Applicable federal and state laws place limitations on the ability of persons to invest in or acquire control of us without providing notice to or obtaining the approval of one or more of our regulators. In addition, we are subject to banking laws and regulations that limit our investments and acquisitions and, in some cases, subject them to the prior review and approval of our regulators, including the Federal Reserve and the OCC. Federal banking regulators have broad discretion in evaluating proposed acquisitions and investments that are subject to their prior review or approval.
Financial Regulatory Reform
In October 2019, the U.S. federal bank regulatory agencies finalized rules that tailor the application of the enhanced prudential standards to bank holding companies and depository institutions (the Tailoring Rules) pursuant to the amendments to the Dodd-Frank Wall Street Reform and Consumer Protection Act of 2010 (Dodd Frank) introduced by the Economic Growth, Regulatory Relief, and Consumer Protection Act. The Tailoring Rules assign each U.S. bank holding company with $100 billion or more in total consolidated assets, as well as its bank subsidiaries, to one of four categories based on its status as a U.S. global systemically important banking organization and five other risk-based indicators: (i) size, (ii) cross-jurisdictional activity, (iii) non-bank assets, (iv) off-balance sheet exposure, and (v) weighted short-term wholesale funding.
Under the Tailoring Rules, the Company (and, pursuant to the Tailoring Rules, its depository institution subsidiary, AENB) is subject to Category IV standards.
Because a firm’s categorization under the Tailoring Rules is determined by, and can change over time dependent upon, how the firm measures against the risk-based indicator thresholds, we are required to monitor and periodically report these risk-based indicators and there can be no assurance that the Company will continue to be a Category IV firm in the future.
Capital and Liquidity Regulation
The Company and AENB are required to comply with the applicable capital adequacy rules established by federal banking regulators. These rules are intended to ensure that bank holding companies and depository institutions (collectively, banking organizations) have adequate capital given their level of assets and off-balance sheet obligations. The federal banking regulators’ current capital rules (the Capital Rules) implement the Basel Committee on Banking Supervision’s (the Basel Committee) framework for strengthening international capital regulation, known as Basel III. For additional information regarding our capital ratios, see “Consolidated Capital Resources and Liquidity” under “MD&A.”
Under the Capital Rules, banking organizations are required to maintain minimum ratios for Common Equity Tier 1 (CET1), Tier 1 capital (that is, CET1 plus additional Tier 1 capital) and Total capital (that is, Tier 1 capital plus Tier 2 capital) to risk-weighted assets. We report our capital adequacy ratios using risk-weighted assets calculated under the standardized approach. As a Category IV firm, we are not subject to the advanced approaches capital requirements.
In December 2017, the Basel Committee published standards that, among other things, revise the standardized approach for credit risk (including by recalibrating risk weights and introducing additional capital requirements for certain “unconditionally cancellable commitments” such as unused credit card lines of credit) and provide a new standardized calculation for operational risk capital requirements. If adopted in the United States as issued by the Basel Committee and applicable to us, the new standards could result in higher capital requirements for us.
In December 2018, federal banking regulators issued a final rule that provides an optional three-year phase-in period for the adverse regulatory capital effects of adopting the Current Expected Credit Loss (CECL) methodology pursuant to new accounting guidance for the recognition of credit losses on certain financial instruments, which became effective January 1, 2020. In August 2020, federal banking regulators issued a final rule that provides an option to delay the estimated impact of the adoption of the CECL methodology on regulatory capital for up to two years, followed by the three-year phase-in period. We elected to adopt the two-year delay followed by the three-year phase-in period. Therefore, the Company will begin phasing in the cumulative amount that is not recognized in regulatory capital at 25 percent per year beginning January 1, 2022. See "Critical Accounting Estimates" under "MD&A" for additional information on CECL.
The Company and AENB must each maintain CET1, Tier 1 capital and Total capital ratios of at least 4.5 percent, 6.0 percent and 8.0 percent, respectively. On top of these minimum capital ratios, the Company is subject to a dynamic stress capital buffer (SCB) composed entirely of CET1 with a floor of 2.5 percent and AENB is subject to a static 2.5 percent capital conservation buffer (CCB). The SCB equals (i) the difference between a bank holding company’s starting and minimum projected CET1 capital ratios under the supervisory severely adverse scenario under the Federal Reserve's stress tests described below, plus (ii) one year of planned common stock dividends as a percentage of risk-weighted assets.
In August 2020, the SCB requirement for the Company was set at 2.5 percent. A bank holding company’s SCB requirement is generally effective on October 1 of each year and will remain in effect through September 30 of the following year unless it is reset in connection with resubmission of a capital plan, as discussed below. As a result, the effective minimum ratios for the Company (taking into account the SCB requirement) and AENB (taking into account the CCB requirement) are 7.0 percent, 8.5 percent and 10.5 percent for the CET1, Tier 1 capital and Total capital ratios, respectively. Banking organizations whose ratios of CET1, Tier 1 Capital or Total capital to risk-weighted assets are below these effective minimum ratios face constraints on discretionary distributions such as dividends, repurchases and redemptions of capital securities, and executive compensation. The capital distribution restrictions for the first quarter of 2021 discussed under “Stress Testing and Capital Planning” below are in addition to the SCB distribution constraints for bank holding companies at least through March 31, 2021. The Federal Reserve is expected to announce by March 31, 2021 any recalibration of the SCB requirements announced in August 2020.
We are also required to comply with minimum leverage ratio requirements. The leverage ratio is the ratio of a banking organization’s Tier 1 capital to its average total consolidated assets (as defined for regulatory purposes). All banking organizations are required to maintain a leverage ratio of at least 4.0 percent.
The Federal Reserve’s enhanced prudential standards rule includes heightened liquidity and overall risk management requirements. The rule requires the maintenance of a liquidity buffer, consisting of highly liquid assets, that is sufficient to meet projected net outflows for 30 days over a range of liquidity stress scenarios, and a minimum liquidity coverage ratio (LCR) that measures a firm’s high-quality liquid assets to its projected net outflows. Under the Tailoring Rules, Category IV firms with less than $50 billion in weighted short-term wholesale funding, such as the Company, are not subject to any LCR requirement.
A second standard provided for in the Basel III liquidity framework, referred to as the net stable funding ratio (NSFR), requires a minimum amount of longer-term funding based on the assets and activities of banking entities. Under the final NSFR rule published in October 2020, Category IV firms with less than $50 billion in weighted short-term wholesale funding, such as the Company, are not subject to any NSFR requirement.
Stress Testing and Capital Planning
Under the Federal Reserve’s regulations, the Company is subject to supervisory stress testing requirements that are designed to evaluate whether a bank holding company has sufficient capital on a total consolidated basis to absorb losses and support operations under adverse economic conditions. As a Category IV firm, the Company was subject to the Federal Reserve’s supervisory stress tests in 2020 and will be required to participate in the supervisory stress tests every other year thereafter.
We are required to develop and submit to the Federal Reserve an annual capital plan. In January 2021, the Federal Reserve finalized changes to the capital plan rule, which will, among other things, provide firms subject to Category IV standards additional flexibility to develop their capital plans. In addition, these changes provide that for Category IV firms, such as the Company, the portion of the SCB based on the Federal Reserve's supervisory stress tests will be calculated every other year. During a year in which a Category IV firm does not undergo a supervisory stress test, the firm will receive an updated SCB that reflects the firm's updated planned common stock dividends. A Category IV firm will also be able to elect to participate in the supervisory stress test and consequently receive an updated SCB. The Company must notify the Federal Reserve by April 5, 2021 if it elects to participate in the 2021 supervisory stress test. As part of the Comprehensive Capital Analysis and Review (CCAR), the Federal Reserve evaluates whether the Company has sufficient capital to continue operations by assessing our pro-forma capital position and ratios under a scenario of economic and financial market stress, and uses that information to determine the size of the SCB for each CCAR participating firm.
Due to the continued economic uncertainty from the coronavirus pandemic, in June 2020, the Federal Reserve required all bank holding companies participating in CCAR to resubmit their capital plans in November 2020. In addition, the Federal Reserve prohibited share repurchases in the third and fourth quarters of 2020 for all bank holding companies participating in CCAR and allowed them to pay common stock dividends provided (a) they did not increase the amount of the dividend and (b) the dividends did not exceed the average of a firm’s net income for the four preceding calendar quarters. On December 18, 2020, the Federal Reserve released the results of its second round of supervisory stress tests for all bank holding companies participating in CCAR based on economic scenarios reflecting changes in financial markets and the macroeconomic outlook. The Federal Reserve announced that it would allow bank holding companies participating in CCAR to pay common stock dividends and repurchase common stock in the first quarter of 2021 provided (a) the dividends and repurchases, in the aggregate, do not exceed the average of a firm’s net income for the four preceding calendar quarters and (b) the firm does not increase the amount of its common stock dividends beyond the level paid in the second quarter of 2020. The Federal Reserve also announced that it would permit stock repurchases equal to the amount of share issuances related to expensed employee compensation. For additional information regarding our capital distributions, see “Consolidated Capital Resources and Liquidity” under “MD&A.”
We may be required to revise and resubmit our capital plan following certain events or developments, such as a significant acquisition or an event that could result in a material change in our risk profile or financial condition. If we are required to resubmit our capital plan, we must receive prior approval from the Federal Reserve for any capital distributions (including common stock dividend payments and share repurchases), other than a capital distribution on a newly issued capital instrument.
Dividends and Other Capital Distributions
The Company and TRS, as well as AENB and the Company’s insurance and other regulated subsidiaries, are limited in their ability to pay dividends by statutes, regulations and supervisory policy.
Common stock dividend payments and share repurchases by the Company are subject to the oversight of the Federal Reserve, as described above. The Company will be subject to limitations and restrictions on capital distributions if, among other things, (i) the Company's regulatory capital ratios do not satisfy applicable minimum requirements and buffers or (ii) the Company is required to resubmit its capital plan.
In general, federal laws and regulations prohibit, without first obtaining the OCC’s approval, AENB from making dividend distributions to TRS, if such distributions are not paid out of available recent earnings or would cause AENB to fail to meet capital adequacy standards. In addition to specific limitations on the dividends AENB can pay to TRS, federal banking regulators have authority to prohibit or limit the payment of a dividend if, in the banking regulator’s opinion, payment of a dividend would constitute an unsafe or unsound practice in light of the financial condition of the institution.
Prompt Corrective Action
The Federal Deposit Insurance Act (FDIA) requires, among other things, that federal banking regulators take prompt corrective action in respect of depository institutions insured by the FDIC (such as AENB) that do not meet minimum capital requirements. The FDIA establishes five capital categories for FDIC-insured banks: well capitalized, adequately capitalized, undercapitalized, significantly undercapitalized and critically undercapitalized. The FDIA imposes progressively more restrictive constraints on operations, management and capital distributions, depending on the capital category in which an institution is classified. In order to be considered “well capitalized,” AENB must maintain CET1, Tier 1 capital, Total capital and Tier 1 leverage ratios of 6.5 percent, 8.0 percent, 10.0 percent and 5.0 percent, respectively.
Under the FDIA, AENB could be prohibited from accepting brokered deposits (i.e., deposits raised through third-party brokerage networks) or offering interest rates on any deposits significantly higher than the prevailing rate in its normal market area or nationally (depending upon where the deposits are solicited), unless (1) it is well capitalized or (2) it is adequately capitalized and receives a waiver from the FDIC. A portion of our outstanding U.S. retail deposits are considered brokered deposits for bank regulatory purposes. If a federal regulator determines that we are in an unsafe or unsound condition or that we are engaging in unsafe or unsound banking practices, the regulator may reclassify our capital category or otherwise place restrictions on our ability to accept or solicit brokered deposits.
On December 15, 2020, the FDIC finalized a rule intended to update and modernize the FDIC’s brokered deposit regulations. The final rule, among other things, expands the definition of “deposit broker” and updates the interest rate restrictions for less than well capitalized banks. The final rule is expected to become effective on April 1, 2021.
Pursuant to Dodd Frank, certain bank holding companies are required to submit resolution plans to the Federal Reserve and FDIC providing for the company’s strategy for rapid and orderly resolution in the event of its material financial distress or failure. However, in connection with the release of the Tailoring Rules, the Federal Reserve and FDIC finalized rules in October 2019 which, among other things, adjust the review cycles and applicability of the agencies’ resolution planning requirements. Under these rules, Category IV firms such as the Company are not required to submit a holding company resolution plan.
AENB continues to be required to prepare and provide a separate resolution plan to the FDIC that would enable the FDIC, as receiver, to effectively resolve AENB under the FDIA in the event of failure. The FDIC issued an Advance Notice of Proposed Rulemaking on potential revisions to this separate resolution plan requirement for insured depository institutions in April 2019 and temporarily suspended resolution planning requirements for insured depository institutions. In January 2021, the FDIC lifted the moratorium on resolution plan submissions for insured depository institutions with $100 billion or more in assets, including AENB, and will provide at least 12-months advance notice to firms required to submit resolution plans.
Orderly Liquidation Authority
The Company could become subject to the Orderly Liquidation Authority (OLA), a resolution regime under which the Treasury Secretary may appoint the FDIC as receiver to liquidate a systemically important financial institution, if the Company is in danger of default and is determined to present a systemic risk to U.S. financial stability. As under the FDIC resolution model, under the OLA, the FDIC has broad power as receiver. Substantial differences exist, however, between the OLA and the FDIC resolution model for depository institutions, including the right of the FDIC under the OLA to disregard the strict priority of creditor claims in limited circumstances, the use of an administrative claims procedure to determine creditor claims (as opposed to the judicial procedure used in bankruptcy proceedings), and the right of the FDIC to transfer claims to a “bridge” entity.
The FDIC has developed a strategy under OLA, referred to as the “single point of entry” or “SPOE” strategy, under which the FDIC would resolve a failed financial holding company by transferring its assets (including shares of its operating subsidiaries) and, potentially, very limited liabilities to a “bridge” holding company; utilize the resources of the failed financial holding company to recapitalize the operating subsidiaries; and satisfy the claims of unsecured creditors of the failed financial holding company and other claimants in the receivership by delivering securities of one or more new financial companies that would emerge from the bridge holding company. Under this strategy, management of the failed financial holding company would be replaced and its shareholders and creditors would bear the losses resulting from the failure.
FDIC Powers upon Insolvency of AENB
If the FDIC is appointed the conservator or receiver of AENB, the FDIC has the power: (1) to transfer any of AENB’s assets and liabilities to a new obligor without the approval of AENB’s creditors; (2) to enforce the terms of AENB’s contracts pursuant to their terms; or (3) to repudiate or disaffirm any contract or lease to which AENB is a party, the performance of which is determined by the FDIC to be burdensome and the disaffirmation or repudiation of which is determined by the FDIC to promote the orderly administration of AENB. In addition, the claims of holders of U.S. deposit liabilities and certain claims for administrative expenses of the FDIC against AENB would be afforded priority over other general unsecured claims against AENB, including claims of debt holders and depositors in non-U.S. offices, in the liquidation or other resolution of AENB. As a result, whether or not the FDIC ever sought to repudiate any debt obligations of AENB, the debt holders and depositors in non-U.S. offices would be treated differently from, and could receive substantially less, if anything, than the depositors in the U.S. offices of AENB.
Other Banking Regulations
Source of Strength
The Company is required to act as a source of financial and managerial strength to its U.S. bank subsidiary, AENB, and may be required to commit capital and financial resources to support AENB. Such support may be required at times when, absent this requirement, the Company otherwise might determine not to provide it. Capital loans by the Company to AENB are subordinate in right of payment to deposits and to certain other indebtedness of AENB. In the event of the Company’s bankruptcy, any commitment by the Company to a federal banking regulator to maintain the capital of AENB will be assumed by the bankruptcy trustee and entitled to a priority of payment.
Transactions Between AENB and its Affiliates
Certain transactions (including loans and credit extensions from AENB) between AENB and its affiliates (including the Company, TRS and their other subsidiaries) are subject to quantitative and qualitative limitations, collateral requirements and other restrictions imposed by statute and regulation. Transactions subject to these restrictions are generally required to be made on an arm’s-length basis.
FDIC Deposit Insurance and Insurance Assessments
AENB accepts deposits that are insured by the FDIC up to the applicable limits. Under the FDIA, the FDIC may terminate the insurance of an institution’s deposits upon a finding that the institution has engaged in unsafe or unsound practices; is in an unsafe or unsound condition to continue operations; or has violated any applicable law, regulation, rule, order or condition imposed by the FDIC. We do not know of any practice, condition or violation that would lead to termination of deposit insurance at AENB. The FDIC’s deposit insurance fund is funded by assessments on insured depository institutions, including AENB, which are subject to adjustment by the FDIC.
Community Reinvestment Act
AENB is subject to the CRA, which imposes affirmative, ongoing obligations on depository institutions to meet the credit needs of their local communities, including low- and moderate-income neighborhoods, consistent with the safe and sound operation of the institution. In May 2020, the OCC issued a final rule intended to (i) clarify which activities qualify for CRA credit; (ii) update where activities count for CRA credit; and (iii) change the methods for CRA measurement, data collection, recordkeeping and reporting for national banks and federal savings associations. The final rule retains the current community development test for limited purpose banks, such as AENB, which evaluates a bank’s community development performance through its community development loans, investments and services. The final rule requires institutions like AENB to designate additional geographic assessment areas where CRA activities will be measured for significant concentrations of retail domestic deposits. AENB must comply with the final rule by January 1, 2023.
Consumer Financial Products Regulation
In the United States, our marketing, sale and servicing of consumer financial products and our compliance with certain federal consumer financial laws are supervised and examined by the CFPB, which has broad rulemaking and enforcement authority over providers of credit, savings and payment services and products, and authority to prevent “unfair, deceptive or abusive” acts or practices. In addition, a number of U.S. states have significant consumer credit protection, disclosure and other laws (in certain cases more stringent than U.S. federal laws). U.S. federal law also regulates abusive debt collection practices, which, along with bankruptcy and debtor relief laws, can affect our ability to collect amounts owed to us or subject us to regulatory scrutiny.
On October 30, 2020, the CFPB issued a final rule that sets forth additional requirements for third-party debt collection agencies, which we use in the ordinary course of business. See "We are exposed to credit risk and trends that affect Card Member spending and the ability of customers and partners to pay us, which could have a material adverse effect on our results of operations and financial condition" under "Risk Factors" for potential impacts related to legal and regulatory changes on our ability to collect amounts owed to us.
We are also regulated in the United States under the “money transmitter” or “sale of check” laws in effect in most states. In addition, we are required by the laws of many states to comply with unclaimed and abandoned property laws, under which we must pay to states the face amount of any Travelers Cheque or prepaid card that is uncashed or unredeemed after a period of time depending on the type of product.
In countries outside the United States, regulators continue to focus on a number of key areas impacting our card-issuing businesses, particularly consumer protection (such as in the European Union (EU), the United Kingdom and Canada) and responsible lending (such as in Australia, Mexico, New Zealand and Singapore), with increasing importance on and attention to customers and outcomes rather than just ensuring compliance with local rules and regulations. Regulators’ expectations of firms in relation to their compliance, risk and control frameworks continue to increase and regulators are placing significant emphasis on a firm’s systems and controls relating to the identification and resolution of issues.
Legislators and regulators in various countries in which we operate have focused on the operation of card networks, including through enforcement actions, legislation and regulations to change certain practices or pricing of card issuers, merchant acquirers and payment networks, and, in some cases, to establish broad and ongoing regulatory oversight regimes for payment systems.
The EU, Australia and other jurisdictions have focused on interchange fees (that is, the fee paid by the bankcard merchant acquirer to the card issuer in payment networks like Visa and Mastercard), as well as the rules, contract terms and practices governing merchant card acceptance.
Regulation and other governmental actions relating to pricing or practices could affect all networks directly or indirectly, as well as adversely impact consumers and merchants. Among other things, regulation of bankcard fees has negatively impacted and may continue to negatively impact the discount revenue we earn, including as a result of downward pressure on our discount rate from decreases in competitor pricing in connection with caps on interchange fees. In some cases, regulations also extend to certain aspects of our business, such as network and cobrand arrangements or the terms of card acceptance for merchants, and we have exited our network businesses in the EU and Australia as a result of regulation in those jurisdictions, for example. In addition, there is uncertainty as to when or how interchange fee caps and other provisions of the EU payments legislation might apply when we work with cobrand partners and agents in the EU. Given differing interpretations by regulators and participants in cobrand arrangements, we are subject to regulatory action, penalties and the possibility we will not be able to maintain our existing cobrand and agent relationships in the EU.
In various countries, such as certain Member States in the EU and Australia, merchants are permitted by law to surcharge card purchases. In addition, the laws of a number of states in the United States that prohibit surcharging have been challenged in litigation brought by merchant groups and some such laws have been overturned. Surcharging is an adverse customer experience and could have a material adverse effect on us if it becomes widespread, particularly where it only or disproportionately impacts credit card usage, our Card Members or our business. In addition, other steering or differential acceptance practices that are permitted by regulation in some countries could also have a material adverse effect on us if they become widespread. See “Surcharging or steering by merchants could materially adversely affect our business and results of operations” under “Risk Factors.”
In some countries, governments have established regulatory regimes that require international card networks to be locally licensed and/or to localize aspects of their operations. For example, the Reserve Bank of India, which has broad power under the Payment and Settlement Systems Act, 2007 to regulate the membership and operations of card networks, has issued a mandate requiring payment systems operators in India to store certain payments data locally. Governments in some countries also provide resources or protection to select domestic payment card networks. The development and enforcement of these and other similar laws, regulations and policies may adversely affect our ability to compete effectively and maintain and extend our global network.
Privacy, Data Protection, Data Governance, Information and Cyber Security
Regulatory and legislative activity in the areas of privacy, data protection, data governance and information and cyber security continues to increase worldwide. We have established and continue to maintain policies and a governance framework to comply with applicable privacy, data protection, data governance and information and cyber security laws and requirements, meet evolving customer and industry expectations and support and enable business innovation and growth.
Our regulators are increasingly focused on ensuring that our privacy, data protection, data governance and information and cyber security-related policies and practices are adequate to inform customers of our data collection, use, sharing and/or security practices, to provide them with choices, if required, about how we use and share their information, and to appropriately safeguard their personal information and account access. Regulators are also focused on data management, data governance and our third-party risk management policies and practices.
In the United States, certain of our businesses are subject to the privacy, disclosure and safeguarding provisions of the Gramm-Leach-Bliley Act (GLBA) and its implementing regulations and guidance. Among other things, GLBA imposes certain limitations on our ability to share consumers’ nonpublic personal information with nonaffiliated third parties and requires us to develop, implement and maintain a written comprehensive information security program containing safeguards that are appropriate to the size and complexity of our business, the nature and scope of our activities and the sensitivity of customer information that we process. We are required to offer expanded privacy rights to California residents who are not covered by GLBA, pursuant to the California Consumer Privacy Act. Various regulators, U.S. states and territories are considering similar requirements or have adopted laws, rules and regulations pertaining to privacy and/or information and cyber security that may be more stringent and/or expansive than federal requirements.
We are also subject to certain privacy, data protection, data governance and information and cyber security laws in other countries in which we operate (including countries in the EU, Australia, Canada, China, Japan, Hong Kong, India, Mexico, Singapore and the United Kingdom), some of which are more stringent and/or expansive than those in the United States. Some countries have also instituted laws requiring in-country data processing and/or in-country storage of data. Compliance with such laws could result in higher technology, administrative and other costs for us, could limit our ability to optimize the use of our closed-loop data, and could require use of local technology services. Certain laws also require us to provide foreign governments and other third parties broader access to our data and intellectual property. Data breach and operational outage notification laws or regulatory activities to encourage such notifications are also becoming more prevalent in jurisdictions outside the United States in which we operate.
In Europe, the EU General Data Protection Regulation (GDPR) imposes legal and compliance obligations on companies that process personal data of individuals in the EU, irrespective of the geographical location of the company, with significant fines for non-compliance (up to 4 percent of total annual worldwide revenue). We continue to rely on our binding corporate rules as the primary method for lawfully transferring data from our European affiliates to our affiliates in the United States and elsewhere globally. The GDPR includes, among other things, a requirement for prompt notice of data breaches, in certain circumstances, to affected individuals and supervisory authorities.
The GDPR was transposed into UK domestic law in January 2021 following the United Kingdom's exit from the EU. This is known as the UK GDPR and it supplements the United Kingdom's Data Protection Act of 2018. The UK GDPR mirrors the compliance requirements and fine structure of the GDPR.
In addition, the European Directive 2002/58/EC (the ePrivacy Directive) will continue to set out requirements for the processing of personal data and the protection of privacy in the electronic communications sector until the approval of the forthcoming ePrivacy Regulation. The ePrivacy Directive places restrictions on, among other things, the sending of unsolicited marketing communications, as well as on the collection and use of data about internet users.
The European Central Bank and the European Banking Authority have enacted or are considering secondary legislation focused on security breaches, outsourcing, resiliency, strong customer authentication and information security-related policies. Likewise, a network and information security directive has been implemented into national laws by Member States in the EU. The Revised Payment Services Directive (PSD2) also contains regulatory requirements on strong customer authentication, open access to customer data and payment capabilities, and measures to prevent security incidents.
Anti-Money Laundering, Sanctions and Anti-Corruption Compliance
We are subject to significant supervision and regulation, and an increasingly stringent enforcement environment, with respect to compliance with anti-money laundering (AML), sanctions and anti-corruption laws and regulations in the United States and in other jurisdictions in which we operate. Failure to maintain and implement adequate programs and policies and procedures for AML, sanctions and anti-corruption compliance could have material financial, legal and reputational consequences.
American Express is subject to a significant number of AML laws and regulations as a result of being a financial company headquartered in the United States, as well as having a global presence. In the United States, the majority of AML requirements are derived from the Currency and Foreign Transactions Reporting Act and the accompanying regulations issued by the U.S. Department of the Treasury (collectively referred to as the Bank Secrecy Act), as amended by the USA PATRIOT Act of 2001 (the Patriot Act). The Anti-Money Laundering Act of 2020 (the AMLA), enacted in January 2021, amended the Bank Secrecy Act and is intended to comprehensively reform and modernize U.S. AML laws. Many of the statutory provisions in the AMLA will require additional rulemakings, reports and other measures, the effects of which are not known at this time. In Europe, AML requirements are largely the result of countries transposing the 5th and 6th EU Anti-Money Laundering Directives (and preceding EU Anti-Money Laundering Directives) into local laws and regulations. Numerous other countries, such as Argentina, Australia, Canada, India, Mexico, New Zealand and Russia, have also enacted or proposed new or enhanced AML legislation and regulations applicable to American Express.
Among other things, these laws and regulations require us to establish AML programs that meet certain standards, including, in some instances, expanded reporting, particularly in the area of suspicious transactions, and enhanced information gathering and recordkeeping requirements. Our AML programs have become the subject of heightened scrutiny in some countries. Any errors, failures or delays in complying with federal, state or foreign AML and counter-terrorist financing laws or perceived deficiencies in our AML programs could result in significant criminal and civil lawsuits, penalties and forfeiture of significant assets or other enforcement actions.
Office of Foreign Assets Control Regulation
The United States has imposed economic sanctions that affect transactions with designated foreign countries, nationals and others. The United States prohibits U.S. persons from engaging with individuals and entities identified as “Specially Designated Nationals,” such as terrorists and narcotics traffickers. These prohibitions are administered by the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) and are typically known as the OFAC rules. The OFAC rules prohibit U.S. persons from engaging in financial transactions with or relating to the prohibited individual, entity or country, require the blocking of assets in which the individual, entity or country has an interest, and prohibit transfers of property subject to U.S. jurisdiction (including property in the possession or control of U.S. persons) to such individual, entity or country. Blocked assets (e.g., property or bank deposits) cannot be paid out, withdrawn, set off or transferred in any manner without a license from OFAC. We maintain a global sanctions program designed to ensure compliance with OFAC requirements. Failure to comply with such requirements could subject us to serious legal and reputational consequences, including criminal penalties.
Pursuant to Section 219 of the Iran Threat Reduction and Syria Human Rights Act of 2012, which added Section 13(r) to the Securities Exchange Act of 1934, as amended (the Exchange Act), an issuer is required to disclose in its annual or quarterly reports, as applicable, whether it or any of its affiliates knowingly engaged in certain activities, transactions or dealings relating to Iran or with individuals or entities designated pursuant to certain Executive Orders. Disclosure is generally required even where the activities, transactions or dealings were conducted outside the United States by non-U.S. affiliates in compliance with applicable law, and whether or not the activities are sanctionable under U.S. law.
In 2020, we became aware of credit card accounts opened with American Express International, Inc. (Hong Kong branch) by the Acting Consul General of the Iranian Consulate in Hong Kong, and his predecessor, the now-former Consul General. We believe these cards were used only for personal expenses. The Acting Consul General had two cards, both of which were opened in 2018 and one of which was closed by client request on or about April 3, 2019, and the other of which was cancelled by us on or about June 16, 2020. The former Consul General’s card was issued in January 2019 and cancelled by us on or about March 13, 2019. We had negligible gross revenues and net profits attributable to these accounts. As all of the accounts were cancelled, we do not intend to continue to engage in this activity.
We are subject to complex international and U.S. anti-corruption laws and regulations, including the U.S. Foreign Corrupt Practices Act (the FCPA), the UK Bribery Act and other laws that prohibit the making or offering of improper payments. The FCPA makes it illegal to corruptly offer or provide anything of value to foreign government officials, political parties or political party officials for the purpose of obtaining or retaining business or an improper advantage. The FCPA also requires us to strictly comply with certain accounting and internal controls standards. The UK Bribery Act also prohibits commercial bribery and the receipt of a bribe, and makes it a corporate offense to fail to prevent bribery by an associated person, in addition to prohibiting improper payments to foreign government officials. Failure of the Company, our subsidiaries, colleagues, contractors or agents to comply with the FCPA, the UK Bribery Act and other similar laws can expose us and/or individual colleagues to investigation, prosecution and potentially severe criminal and civil penalties.
Our compensation practices are subject to oversight by the Federal Reserve. The federal banking regulators’ guidance on sound incentive compensation practices sets forth three key principles for incentive compensation arrangements that are designed to help ensure that incentive compensation plans do not encourage imprudent risk-taking and are consistent with the safety and soundness of banking organizations. The three principles provide that a banking organization’s incentive compensation arrangements should (1) provide incentives that appropriately balance risk and financial results in a manner that does not encourage employees to expose their organizations to imprudent risks, (2) be compatible with effective internal controls and risk management, and (3) be supported by strong corporate governance, including active and effective oversight by the organization’s board of directors. Any deficiencies in our compensation practices that are identified by the Federal Reserve or other banking regulators in connection with their review of our compensation practices may be incorporated into our supervisory ratings, which can affect our ability to make acquisitions or perform other actions. Enforcement actions may be taken against us if our incentive compensation arrangements or related risk-management control or governance processes are determined to pose a risk to our safety and soundness, and we have not taken prompt and effective measures to correct the deficiencies.
In May 2016, the federal banking regulators, the Securities and Exchange Commission (SEC), the Federal Housing Finance Agency and the National Credit Union Administration re-proposed a rule, originally proposed in 2011, on incentive-based compensation practices. The re-proposed rule would apply deferral, downward adjustment and forfeiture, and clawback requirements to incentive-based compensation arrangements granted to senior executive officers and significant risk-takers of covered institutions, with specific requirements varying based on the asset size of the covered institution and the category of employee. If these or other regulations are adopted in a form similar to what has been proposed, they will impose limitations on the manner in which we may structure compensation for our colleagues, which could adversely affect our ability to hire, retain and motivate key colleagues.
We maintain an Investor Relations website at http://ir.americanexpress.com. We make available free of charge, on or through this website, our annual, quarterly and current reports and any amendments to those reports as soon as reasonably practicable following the time they are electronically filed with or furnished to the SEC.
In addition, we routinely post financial and other information, some of which could be material to investors, on our Investor Relations website. Information regarding our corporate responsibility and sustainability initiatives, including our Environmental, Social and Governance reports, are available on our Corporate Responsibility website at http://about.americanexpress.com/corporate-responsibility.
The content of any of our websites referred to in this report is not incorporated by reference into this report or any other report filed with or furnished to the SEC. We have included such website addresses only as inactive textual references and do not intend them to be active links.
You can find certain statistical disclosures required of bank holding companies starting on page A-1, which are incorporated herein by reference.
Our business as a whole has not experienced significant seasonal fluctuations, although card billed business tends to be moderately higher in the fourth quarter than in other quarters. As a result, the amount of Card Member loans and receivables outstanding tend to be moderately higher during that quarter. The average discount rate also tends to be slightly lower during the fourth quarter due to a higher level of retail-related billed business volumes.
ITEM 1A. RISK FACTORS
This section highlights certain risks that could affect us and our businesses, broadly categorized as “Strategic, Business and Competitive Risks,” “Legal, Regulatory and Compliance Risks” and “Credit, Liquidity and Market Risks.” You should carefully consider each of the following risks and all of the other information set forth in this Annual Report on Form 10-K, including the “Risk Management” section under “MD&A,” which describes our approach to identifying, monitoring and managing the risks we assume in conducting our businesses and provides certain quantitative and qualitative disclosures about market risks. The risks and uncertainties we face are not limited to those described below. Additional risks and uncertainties not presently known to us or that we currently believe to be immaterial may also adversely affect our business.
Strategic, Business and Competitive Risks
The impact of the COVID-19 pandemic and the measures implemented to contain the spread of the virus have had, and are expected to continue to have, a material adverse impact on our business and results of operations.
The COVID-19 pandemic is having widespread, rapidly evolving and unpredictable impacts on global society, economies, financial markets and business practices. The pandemic and containment measures have contributed to, among other things:
•Widespread changes to, and significant reductions in, household and business activity and consumer and business spending, as well as economic concerns and a rise in unemployment.
•Adverse impacts on our cobrand and other partners in the travel and airline industries, our GBT JV and on our third-party service providers, merchants, customer acquisition channels, processors, aggregators, network partners and other third parties that we rely on for services that are integral to our operations.
•Adverse impacts on the creditworthiness of our customers and other counterparties and their ability to pay amounts owed to us and our ability to collect such amounts and required increases in our reserves for credit losses.
•Adverse impacts on industries representing a significant portion of our billed business (including, but not limited to, travel and entertainment (T&E) spending).
•Adverse impacts on capital and credit market conditions and our deposit base, which may limit our access to funding, increase our cost of capital, and affect our ability to meet liquidity needs.
•An increased risk of significantly higher Card Member reimbursements for goods or services purchased from merchants that cease operations or are otherwise unable to ultimately provide those goods or services or, in the case of our business partners, impairments of rewards points we purchased from those partners.
•An increased strain on our risk management policies generally, including, but not limited to, the effectiveness and accuracy of our models, given the lack of data inputs and comparable precedent.
•An increased risk of impairment, restructuring or other charges, including as a result of impairment of the value of our investments and other assets.
•Adverse impacts on our daily business operations and our colleagues’ ability to perform necessary business functions, including as a result of illness, office closures and other limitations, or restrictions on movement.
•Increased challenges in growing or retaining our Card Member base and in launching new products or businesses or refreshing existing products in line with expectations or the current and changing needs of our customers.
•Increased spending on our business continuity efforts, such as technology, service centers and our supply chain, and readiness efforts for returning to our offices, which may in turn require that we further cut costs and investments in other areas.
•An increased risk of an information or cyber security incident, fraud, a failure to maintain the uninterrupted operation of our information systems or a failure in the effectiveness of our AML and other compliance programs due to, among other things, an increase in remote work.
These and other impacts of the COVID-19 pandemic may continue even after the outbreak has subsided and containment measures are lifted, and may exacerbate many of the other risks described in this “Risk Factors” section. The extent to which our business and results of operations will continue to be adversely affected will depend on numerous evolving factors and future developments that we are not able to predict, including the continued spread and severity of the virus and new variants; the imposition of further containment measures and their ability to control the spread of the virus; the availability, distribution and use of effective treatments and vaccines; the extent and duration of the effect on the economy, unemployment, consumer confidence and consumer and business spending; the availability and effectiveness of government stimulus measures; and how quickly and to what extent normal operating conditions and customer behaviors resume, such as with respect to travel, dining and in-person events.
Difficult conditions in the business and economic environment, including as a result of the COVID-19 pandemic, have had and are expected to continue to have a material adverse effect on our business and results of operations.
We offer a broad array of products and services to consumers, small businesses and commercial clients and thus are very dependent upon the level of consumer and business activity and the demand for payment and financing products. Slow
economic growth, economic contraction or shifts in broader consumer and business trends significantly impact customer behaviors, including spending on our cards, the ability and willingness of Card Members to borrow and pay amounts owed to us, and demand for fee-based products and services. Factors such as consumer spending and confidence, unemployment rates, business investment, geopolitical instability, public policy decisions, government spending, international trade relationships, interest rates, taxes, energy costs, the volatility and strength of the capital markets, inflation and deflation all affect the economic environment and, ultimately, our profitability. Such factors may also cause our earnings, billings, loan balances, credit metrics and margins to fluctuate and diverge from expectations of analysts and investors, who may have differing assumptions regarding their impact on our business, adversely affecting, and/or increasing the volatility of, the trading price of our common shares.
Spending at T&E merchants, for example, is sensitive to business and personal discretionary spending levels and circumstances impacting travel. We experienced the effects of this sensitivity in 2020 as a result of the COVID-19 pandemic, with T&E spending decreasing 61 percent compared to 2019, while non-T&E spending decreased 1 percent. Likewise, spending by small businesses and corporate clients, which comprised approximately 40 percent of our worldwide billed business during 2020, depends in part on the economic environment and a favorable climate for continued business investment and new business formation, as well as on related volumes of business travel. During the pandemic, Card Member billed business decreased 19 percent in 2020 compared to 2019.
Increases in delinquencies and write-off rates as a result of increases in bankruptcies, unemployment rates, changes in customer behaviors or otherwise could also have a material adverse effect on our results of operations. We increased our reserves for credit losses significantly in 2020 due to the deterioration of the global macroeconomic outlook.
The consequences of negative circumstances impacting us or the environment generally can be sudden and severe, as we experienced from the end of the first quarter into the second quarter of 2020 due to the pandemic.
Our business is subject to the effects of geopolitical events, weather, natural disasters, other catastrophic events and other conditions.
Geopolitical events, terrorist attacks, natural disasters, severe weather conditions, health pandemics, information or cyber security incidents (including intrusion into or degradation of systems or technology by cyberattacks) and other catastrophic events can have a material adverse effect on our business. Political and social conditions, fiscal and monetary policies, trade wars and tariffs, prolonged or recurring government shutdowns, regional or domestic hostilities and the prospect or occurrence of more widespread conflicts could also negatively affect consumer and business spending, including travel patterns and business investment, and demand for credit.
As noted above, the COVID-19 pandemic has had, and is expected to continue to have, a material adverse impact on our business and results of operations. Because of our proximity to the World Trade Center site, our headquarters were damaged as a result of the terrorist attacks of September 11, 2001. Recent hurricanes and other natural disasters have impacted spending and credit performance in the areas affected. Other disasters or catastrophic events in the future, and the impact of such events on certain industries or the overall economy, could have a negative effect on our business, results of operations and infrastructure, including our technology and systems. Climate change may exacerbate certain of these threats, including the frequency and severity of weather-related events. Card Members in California, New York, Florida, Texas, Georgia and New Jersey account for a significant portion of U.S. Consumer billed business and Card Members loans, and our results of operations could be impacted by events or conditions that disproportionately or specifically affect one or more of those states.
Because we derive a portion of our revenues from travel-related spending, our business is sensitive to safety concerns related to travel and tourism, limitations on travel and mobility, and health-related risks, including travel restrictions and bans as a result of the COVID-19 pandemic and changes in customer behaviors that may continue even after the outbreak has subsided and containment measures are lifted, such as decisions to delay or forgo business or personal travel. In addition, disruptions in air travel and other forms of travel can result in the payment of claims under travel interruption insurance policies we offer.
The exit of the United Kingdom from the European Union could materially adversely impact our business, results of operations and financial condition.
Our business in the United Kingdom and elsewhere may be negatively impacted by the exit of the United Kingdom from the EU (commonly referred to as Brexit), including from a deterioration of the economic environment in the United Kingdom and other countries in which we operate. While a trade deal was agreed to between the United Kingdom and the EU at the end of 2020, the financial, trade and legal implications of Brexit remain uncertain. As of December 31, 2020, the United Kingdom constituted approximately 4 percent of our worldwide billed business and the EMEA (Europe, Middle East and Africa) region as a whole constituted approximately 9 percent.
Our operating results may materially suffer because of substantial and increasingly intense competition worldwide in the payments industry.
The payments industry is highly competitive, and we compete with card networks, issuers and acquirers, paper-based transactions (e.g., cash and checks), bank transfer models (e.g., wire transfers and ACH), as well as evolving and growing alternative payment and financing providers. If we are not able to differentiate ourselves from our competitors, develop compelling value propositions for our customers and/or effectively grow in areas such as mobile and online payments and emerging technologies, we may not be able to compete effectively.
We believe Visa and Mastercard are larger than we are in most countries based on billed business volumes. As a result, card issuers and acquirers on the Visa and Mastercard networks may be able to benefit from the dominant position, scale, resources, marketing and pricing of those networks. Our business may also be negatively affected if we are unable to continue increasing merchant acceptance (including by merchants that accept cards on the Visa and Mastercard networks) and perceptions of coverage, or if our Card Members do not experience welcome acceptance of our cards.
Some of our competitors have developed, or may develop, substantially greater financial and other resources than we have and may offer richer value propositions or a wider range of programs and services than we offer or may use more effective advertising, marketing or cross-selling strategies to acquire and retain more customers, capture a greater share of spending and borrowings, establish and develop more attractive cobrand card and other partner programs and maintain greater merchant acceptance than we have. We may not be able to compete effectively against these threats or respond or adapt to changes in consumer spending habits as effectively as our competitors. Costs such as Card Member rewards and Card Member services expenses could continue to increase as we improve our value propositions for Card Members, including in response to increased competition.
Spending on our cards could continue to be impacted by increasing consumer usage of credit and debit cards issued on other networks, as well as adoption of alternative payment mechanisms, systems and products. The fragmentation of customer spending to take advantage of different merchant or card incentives or for convenience with technological solutions may continue to increase. Revolving credit balances on our cards could also be impacted by alternative financing providers, such as point-of-sale lenders. To the extent other payment and financing mechanisms, systems and products continue to successfully expand, our discount revenues earned from Card Member spending and our net interest income earned from Card Member borrowing could be negatively impacted. In addition, companies that control access to consumer and merchant payment method choices at the point of sale or through digital wallets, commerce-related experiences, mobile applications or other technologies could choose not to accept, suppress use of, or degrade the experience of using our products or could restrict our access to our customers and transaction data. Such companies could also require payments from us to participate in such digital wallets, experiences or applications or negotiate incentives or pricing concessions, impacting our profitability on transactions.
The competitive value of our closed-loop data may also be diminished as traditional and non-traditional competitors use other, new data sources and technologies to derive similar insights. Certain regulations, such as PSD2 in Europe and open banking initiatives in various jurisdictions around the world, could also diminish the value of our closed-loop data or the demand for our products and services by disintermediating existing financial services providers.
To the extent we expand into new business areas and new geographic regions, such as mainland China, we will face competitors with more experience and more established relationships with relevant customers, regulators and industry participants, which could adversely affect our ability to compete. Laws and business practices that favor local competitors, require card transactions to be routed over domestic networks or prohibit or limit foreign ownership of certain businesses could limit our growth in international regions. We may face additional compliance and regulatory risks to the extent that we expand into new business areas, and we may need to dedicate more expense, time and resources to comply with regulatory requirements than our competitors, particularly those that are not regulated financial institutions.
Many of our competitors are subject to different, and in some cases, less stringent, legislative and regulatory regimes, and some may have lower cost structures and more agile business models and systems. More restrictive laws and regulations that do not apply to all of our competitors can put us at a disadvantage, including prohibiting us from engaging in certain transactions, regulating our business practices or adversely affecting our cost structure.
We face intense competition for partner relationships, which could result in a loss or renegotiation of these arrangements that could have a material adverse impact on our business and results of operations.
In the ordinary course of our business we enter into different types of contractual arrangements with business partners in a variety of industries. For example, we have partnered with Delta, Marriott, Hilton and British Airways, as well as many others globally, to offer cobranded cards for consumers and small businesses, and through our Membership Rewards program we have partnered with businesses in many industries, including Delta and others in the airline industry, to offer benefits to Card Member participants. See “Partners and Relationships” under “Business” for additional information on our business partnerships, including with Delta.
Competition for relationships with key business partners is very intense and there can be no assurance we will be able to grow or maintain these partner relationships or that they will remain as profitable. Establishing and retaining attractive cobrand card partnerships is particularly competitive among card issuers and networks as these partnerships typically appeal to high-spending
loyal customers. All of our cobrand portfolios in the aggregate accounted for approximately 19 percent of our worldwide billed business for the year ended December 31, 2020. Card Member loans related to our cobrand portfolios accounted for approximately 37 percent of our worldwide Card Member loans as of December 31, 2020.
Cobrand arrangements are entered into for a fixed period, generally ranging from five to ten years, and will terminate in accordance with their terms, including at the end of the fixed period unless extended or renewed at the option of the parties, or upon early termination as a result of an event of default or otherwise. We face the risk that we could lose partner relationships, even after we have invested significant resources in the relationships. We may also choose to not renew certain cobrand relationships. The volume of billed business could decline and Card Member attrition could increase, in each case, significantly as a result of the termination of one or more cobrand partnership relationships. In addition, some of our cobrand arrangements provide that, upon expiration or termination, the cobrand partner may purchase or designate a third party to purchase the loans generated with respect to its program, which could result in the loss of the card accounts and a significant decline in our Card Member loans outstanding.
We regularly seek to extend or renew cobrand arrangements in advance of the end of the contract term and face the risk that existing relationships will be renegotiated with less favorable terms for us or that we may be unable to renegotiate on terms that are acceptable to us, as competition for such relationships continues to increase. We make payments to our cobrand partners, which can be significant, based primarily on the amount of Card Member spending and corresponding rewards earned on such spending and, under certain arrangements, on the number of accounts acquired and retained. The amount we pay to our cobrand partners has increased, particularly in the United States, and may continue to increase as arrangements are renegotiated due to increasingly intense competition for cobrand partners among card issuers and networks. See "Off-Balance Sheet Arrangements and Contractual Obligations" under "MD&A" for additional information regarding commitments for payments to certain cobrand partners.
The loss of exclusivity arrangements with business partners, the loss of the partner relationship altogether (whether by non-renewal at the end of the contract period, such as the end of our relationship with Costco in the United States in 2016, or as the result of a merger, legal or regulatory action or otherwise, such as the withdrawal of American Airlines in 2014 from our Airport Club Access program for Centurion® and Platinum Card® Members) or the renegotiation of existing partnerships with terms that are significantly worse for us could have a material adverse impact on our business and results of operations. See "Our business is subject to comprehensive government regulation and supervision, which could materially adversely affect our results of operations and financial condition" for information on the uncertainty regarding our cobrand and agent relationships in the EU. In addition, any publicity associated with the loss of any of our key business partners could harm our reputation, making it more difficult to attract and retain Card Members and merchants, and could weaken our negotiating position with our remaining and prospective business partners.
Arrangements with our business partners represent a significant portion of our business. We are exposed to risks associated with our business partners, including reputational issues, business slowdowns, bankruptcies, liquidations, restructurings and consolidations, and the possible obligation to make payments to our partners.
Our success is, in many ways, dependent on the success of our partners. From customer acquisition to cobranding arrangements, from participation in our rewards programs to facilitating B2B supplier payments for our corporate clients, we rely on our business partners across many aspects of our company and our arrangements with business partners represent a significant portion of our business. Some of our partners manage certain aspects of our customer relationships, such as our OptBlue partners. To the extent any of our partners fail to effectively promote and support our products, experience a slowdown in their business, operational disruptions, reputational issues or loss of consumer confidence, or are otherwise unable to meet our expectations or those of their other stakeholders, our business may be materially negatively impacted. We face the risk that existing relationships will be renegotiated with less favorable terms for us or that we may be unable to renegotiate on terms that are acceptable to us. In addition, we may be obligated to make or accelerate payments to certain business partners such as cobrand partners upon the occurrence of certain triggering events such as a shortfall in certain performance and revenue levels. If we are not able to effectively manage these triggering events, we could unexpectedly have to make payments to these partners, which could have a negative effect on our financial condition and results of operations. See “Contractual Obligations” under “MD&A” for additional information on financial commitments related to agreements with certain cobrand partners.
Similarly, we are exposed to risk from bankruptcies, liquidations, insolvencies, financial distress, restructurings, consolidations and other similar events that may occur in any industry representing a significant portion of our billed business, which could negatively impact particular card products and services (and billed business generally) and our financial condition and results of operations. During 2020, we pre-purchased loyalty points from certain of our travel cobrand partners, which we may use for future promotions, rewards and incentive programs for our customers. To the extent such partners cease operations or the loyalty points are no longer desired by our customers, the value of the pre-purchased points may be diminished and may result in an impairment charge. We could also be materially impacted if we were obligated or elected to reimburse Card Members for products and services purchased from merchants that have ceased operations or stopped accepting our cards. For example, we are exposed to credit risk in the airline industry to the extent we protect Card Members against non-delivery of goods and
services, such as where we have remitted payment to an airline for a Card Member purchase of tickets that have not yet been used or “flown.” If we are unable to collect the amount from the airline, we may bear the loss for the amount credited to the Card Member. At December 31, 2020, our best estimate of the maximum amount of billed business volumes for goods and services that had yet to be delivered by, or could be charged back to, merchants was $19 billion. This amount assumes all such merchants worldwide cease operations and thus are no longer available to deliver such goods and services or to accept such chargebacks, and that all such billed business results in claims-in-full by Card Members. Such a maximum amount has not been indicative of our actual loss exposure in the past and we have not experienced significant losses related to these exposures to date; however, our historical experience may not be representative in the current environment given the economic and financial disruptions, particularly to travel, caused by the COVID-19 pandemic and resulting containment measures. See Note 12 to the “Consolidated Financial Statements” for additional information regarding this exposure.
For additional information relating to the general risks related to the airline industry, see “Risk Management—Institutional Credit Risk—Exposure to the Airline and Travel Industry” under “MD&A.”
We face continued intense competitive pressure that may materially impact the prices we charge for accepting our cards for payment for goods and services, as well as the risk of losing merchant relationships, which could have a material adverse impact on our business and results of operations.
We face pressure from competitors that primarily rely on sources of revenue other than discount revenue or have lower costs that can make their pricing for card acceptance more attractive. Merchants, business partners and third-party merchant acquirers and aggregators are also able to negotiate incentives, pricing concessions and other contractual benefits from us as a condition to accepting our cards, being cobrand partners or signing merchants on our behalf. As merchants become even larger (such as the largest tech companies), we may have to increase the amount of incentives and/or concessions we provide to such merchants. We also face the risk of losing a merchant relationship that could materially adversely affect our billed business volumes, ability to retain current Card Members and attract new Card Members and therefore, our business and results of operations.
Our average merchant discount rate has been impacted by regulatory changes affecting competitor pricing in certain international countries. We have also experienced erosion of our average merchant discount rate as we increase merchant acceptance. We may not be successful in significantly expanding merchant acceptance or offsetting rate erosion with volumes at new merchants.
In addition, the regulatory environment and differentiated payment models and technologies from non-traditional players in the alternative payments space could pose challenges to our traditional payment model and adversely impact our average merchant discount rate. Some merchants continue to invest in their own payment solutions, such as proprietary-branded mobile wallets, using both traditional and new technology platforms. If merchants are able to drive broad consumer adoption and usage, it could adversely impact our average merchant discount rate and billed business volumes.
A continuing priority of ours is to drive greater and differentiated value to our merchants that, if not successful, could negatively impact our discount revenue and financial results. We may not succeed in maintaining merchant discount rates or offsetting the impact of declining merchant discount rates, for the reasons discussed above and others, which could materially and adversely affect our revenues and profitability, and therefore our ability to invest in innovation and in value-added services for merchants and Card Members.
Surcharging or steering by merchants could materially adversely affect our business and results of operations.
In certain countries, such as Australia and certain Member States in the EU, merchants are expressly permitted by law to surcharge certain card purchases. In jurisdictions allowing surcharging, we have seen merchant surcharging on American Express cards in certain merchant categories, and in some cases, either the surcharge is greater than that applied to Visa and Mastercard cards or Visa and Mastercard cards are not surcharged at all (practices that are known as differential surcharging), even though there are many cards issued on competing networks that have an equal or greater cost of acceptance for the merchant. In addition, the laws of a number of states in the United States that prohibit surcharging have been overturned in litigation brought by merchant groups.
We also encounter merchants that accept our cards, but tell their customers that they prefer to accept another type of payment or otherwise seek to suppress use of our cards. Our Card Members value the ability to use their cards where and when they want to, and we, therefore, take steps to meet our Card Members’ expectations and to protect the American Express brand by prohibiting this form of discrimination, subject to local legal requirements. When we work with merchant acquirers, aggregators and processors to manage certain aspects of the merchant relationship, we are dependent on them to promote and support the acceptance and usage of our cards, but such third parties may have business interests, strategies or goals that are inconsistent with ours.
If surcharging, steering or other forms of discrimination become widespread, American Express cards and credit and charge cards generally could become less desirable to consumers, which could result in a decrease in cards-in-force and transaction
volumes. The impact could vary depending on such factors as: the industry or manner in which a surcharge is levied; how Card Members are surcharged or steered to other card products or payment forms at the point of sale; the ease and speed of implementation for merchants, including as a result of new or emerging technologies; the size and recurrence of the underlying charges; and whether and to what extent these actions are applied to other forms of payment, including whether it varies depending on the type of card (e.g., credit or debit), product, network, acquirer or issuer. Discrimination against American Express cards could have a material adverse effect on our business, financial condition and results of operations, particularly where it only or disproportionately impacts credit card usage, our Card Members or our business.
We may not be successful in our efforts to promote card usage through marketing and promotion, merchant acceptance and Card Member rewards and services, or to effectively control the costs of such investments, both of which may materially impact our profitability.
Revenue growth is dependent on increasing consumer and business spending on our cards, growing loan balances and increasing fee revenue. We have been investing in a number of growth initiatives, including to attract new Card Members, reduce Card Member attrition and capture a greater share of customers’ total spending and borrowings. There can be no assurance that our investments to acquire Card Members, provide differentiated features and services and increase usage of our cards will continue to be effective, particularly with changing consumer and business behaviors as a result of the COVID-19 pandemic. In addition, if we develop new products or offers that attract customers looking for short-term incentives rather than incentivize long-term loyalty, Card Member attrition and costs could increase. Increasing spending on our cards also depends on our continued expansion of merchant acceptance of our cards. If we are unable to continue growing merchant acceptance and perceptions of coverage or merchants decide to no longer accept American Express cards, our business could suffer. Expanding our service offerings, adding customer acquisition channels and forming new partnerships or renewing current partnerships could have higher costs than our current arrangements, and could adversely impact our average discount rate or dilute our brand.
Another way we invest in customer value is through our Membership Rewards program, as well as other Card Member benefits. Any significant change in, or failure by management to reasonably estimate, actual redemptions of Membership Rewards points and associated redemption costs could adversely affect our profitability. We rely on third parties for certain redemption options and may not be able to continue to offer such redemption options in the future, which could diminish the value of the program for our Card Members. Our two largest redemption partners are Amazon and Delta. In addition, many credit card issuers have instituted rewards and cobrand programs and may introduce programs and services that are similar to or more attractive than ours. Our inability to differentiate our products and services could materially adversely affect us.
We may not be able to cost-effectively manage and expand Card Member benefits, including containing the growth of marketing, promotion, rewards and Card Member services expenses in the future. If such expenses increase beyond our expectations, we will need to find ways to offset the financial impact by increasing payment volumes, increasing other areas of revenues such as fee-based revenues, or both. We may not succeed in doing so, particularly in the current competitive and regulatory environment.
Our brand and reputation are key assets of our Company, and our business may be materially affected by how we are perceived in the marketplace.
Our brand and its attributes are key assets, and we believe our continued success depends on our ability to preserve, grow and realize the benefits of the value of our brand. Our ability to attract and retain consumer and small business Card Members and corporate clients is highly dependent upon the external perceptions of our level of service, trustworthiness, business practices, privacy and data protection, management, workplace culture, merchant acceptance, financial condition, response to political and social issues or catastrophic events (including our response to the COVID-19 pandemic and natural disasters) and other subjective qualities. Negative perceptions or publicity regarding these matters — even if related to seemingly isolated incidents and whether or not factually correct—could erode trust and confidence and damage our reputation among existing and potential Card Members, corporate clients, merchants and partners, which could make it difficult for us to attract new customers and maintain existing ones. Negative public opinion could result from actual or alleged conduct in any number of activities or circumstances, including card practices, regulatory compliance, the use and protection of customer information, conduct by our colleagues and policy engagement, including activities of the American Express Company Political Action Committee, and from actions taken by regulators or others in response thereto. Discussion about such matters in social media channels can also cause rapid, widespread reputational harm to our brand.
Our brand and reputation may also be harmed by actions taken by third parties that are outside our control. For example, any shortcoming of or controversy related to a third-party vendor, business partner, merchant acquirer or network partner may be attributed by Card Members and merchants to us, thus damaging our reputation and brand value. Acceptance of American Express cards by merchants in certain industries can also affect perceptions of us. The lack of acceptance, suppression of card usage or surcharging by merchants can also negatively impact perceptions of our brand and our products, lower overall transaction volume and increase the attractiveness of other payment products or systems. Adverse developments with respect to our industry may also, by association, negatively impact our reputation, or result in greater regulatory or legislative scrutiny or
litigation against us. Furthermore, as a corporation with headquarters and operations located in the United States, a negative perception of the United States arising from its political or other positions could harm the perception of our company and our brand. Although we monitor developments for areas of potential risk to our reputation and brand, negative perceptions or publicity could materially and adversely affect our business volumes, revenues and profitability.
A major information or cyber security incident or an increase in fraudulent activity could lead to reputational damage to our brand and material legal, regulatory and financial exposure, and could reduce the use and acceptance of our cards.
We and third parties process, transmit, store and provide access to account information in connection with our charge and credit cards and other products, and in the normal course of our business, we collect, analyze and retain significant volumes of certain types of personally identifiable and other information pertaining to our customers and colleagues.
Our networks and systems are subject to constant attempts to identify and exploit potential vulnerabilities in our operating environment with intent to disrupt our business operations and capture, destroy, manipulate or expose various types of information relating to corporate trade secrets, customer information, including Card Member, travel and loyalty program data, colleague information and other sensitive business information, including acquisition activity, non-public financial results and intellectual property. There are a number of motivations for cyber threat actors, including criminal activities such as fraud, identity theft and ransom, corporate or nation-state espionage, political agendas, public embarrassment with the intent to cause financial or reputational harm, intent to disrupt information technology systems, and to expose and exploit potential security and privacy vulnerabilities in corporate systems and websites.
Global financial institutions like us, as well as our customers, colleagues, regulators, vendors and other third parties, have experienced a significant increase in information and cyber security risk in recent years and will likely continue to be the target of increasingly sophisticated cyberattacks, including computer viruses, malicious or destructive code, ransomware, social engineering attacks (including phishing, impersonation and identity takeover attempts), corporate espionage, hacking, website defacement, denial-of-service attacks, exploitation of vulnerabilities and other attacks and similar disruptions from the misconfiguration or unauthorized use of or access to computer systems. For example, we and other U.S. financial services providers have been the target of distributed denial-of-service attacks from sophisticated third parties. These threats can arise from external parties as well as insiders who knowingly or unknowingly engage in or enable malicious cyber activities.
We develop and maintain systems and processes aimed at detecting and preventing information and cyber security incidents and fraudulent activity, which require significant investment, maintenance and ongoing monitoring and updating as technologies and regulatory requirements change and as efforts to overcome security measures become more sophisticated. Despite our efforts, the possibility of information and cyber security incidents, malicious social engineering, corporate espionage, fraudulent or other malicious activities and human error or malfeasance cannot be eliminated entirely and will evolve as new and emerging technology is deployed, including the increasing use of personal mobile and computing devices that are outside of our network and control environments. Risks associated with such incidents and activities include theft of funds and other monetary loss, the disruption of our operations and the unauthorized disclosure, release, gathering, monitoring, misuse, modification, loss or destruction of confidential, proprietary, trade secret or other information (including account data information), the effects of which could be compounded if not detected or reported quickly. Indeed, an information or cyber security incident may not be detected until well after it occurs and the severity and potential impact may not be fully known for a substantial period of time after it has been discovered.
Information or cyber security incidents, fraudulent activity and other actual or perceived failures to maintain confidentiality, integrity, privacy and/or security has led to increased regulatory scrutiny and may lead to regulatory investigations and intervention (such as mandatory card reissuance), increased litigation (including class action litigation), remediation, fines and response costs, negative assessments of us and our subsidiaries by banking regulators and rating agencies, reputational and financial damage to our brand, and reduced usage of our products and services, all of which could have a material adverse impact on our business. The disclosure of sensitive company information could also undermine our competitive advantage and divert management attention and resources.
Successful cyberattacks, data breaches, disruptions or other incidents related to the actual or perceived failures to maintain confidentiality, integrity, privacy and/or security at other large financial institutions, large retailers, travel and hospitality companies, government agencies or other market participants, whether or not we are impacted, could lead to a general loss of customer confidence that could negatively affect us, including harming the market perception of the effectiveness of our security measures or harming the reputation of the financial system in general, which could result in reduced use of our products and services. Such events could also result in legislation and additional regulatory requirements. Although we maintain cyber insurance, there can be no assurance that liabilities or losses we may incur will be covered under such policies or that the amount of insurance will be adequate.
The uninterrupted operation of our information systems is critical to our success and a significant disruption could have a material adverse effect on our business and results of operations.
Our information technology systems, including our transaction authorization, clearing and settlement systems, and data centers, may experience service disruptions or degradation because of technology malfunction, sudden increases in customer transaction volume, natural disasters, accidents, power outages, internet outages, telecommunications failures, fraud, denial-of-service and other cyberattacks, terrorism, computer viruses, vulnerabilities in hardware or software, physical or electronic break-ins, or similar events. Service disruptions or degradations could prevent access to our online services and account information, compromise or limit access to company or customer data, impede transaction processing and financial reporting, and lead to regulatory investigations and fines, increased regulatory oversight and litigation (including class action litigation). Any such service disruption or degradation could adversely affect the perception of the reliability of our products and services and materially adversely affect our overall business, reputation and results of operations.
We rely on third-party providers for acquiring and servicing customers, technology, platforms and other services integral to the operations of our businesses. These third parties may act in ways that could materially harm our business.
We rely on third-party service providers, cobrand partners, merchants, customer acquisition channels, processors, aggregators, network partners and other third parties for services that are integral to our operations and are subject to the risk that activities of such third parties may adversely affect our business. As outsourcing, specialization of functions, third-party digital services and technology innovation within the payments industry increase (including with respect to mobile technologies, tokenization, big data, artificial intelligence and cloud storage solutions), more third parties are involved in processing card transactions and handling our data. For example, we rely on third parties for the timely transmission of accurate information across our global network, card acquisition and provision of services to our customers. If a service provider or other third party ceases to provide the data quality or communications capacity we expect or services upon which we rely, as a result of natural disaster, operational disruptions or errors, including as a result of the impacts of COVID-19, terrorism, information or cyber security incidents, or any other reason, the failure could interrupt or compromise the quality of our services to customers or impact our business. A disruption or other event at a third party affecting one of our service providers or partners could also impede their ability to provide to us services or data on which we rely to operate our business. Service providers or other third parties could also cease providing data to us or use our data in a way that diminishes the value of our closed loop.
The confidentiality, integrity, privacy, availability and/or security of data communicated over third-party networks or platforms or held by, or accessible to, third parties, including merchants that accept our cards, payment processors, payment intermediaries and our third-party vendors and business partners, could become compromised, which could lead to unauthorized use of our data or fraudulent transactions on our cards, as well as costs associated with responding to such an incident, including regulatory investigations and fines, increased regulatory oversight and litigation.
The management and oversight of multiple vendors increases our operational complexity and governance challenges and decreases our control. A failure to exercise adequate oversight over service providers, including compliance with service level agreements or regulatory or legal requirements, could result in regulatory actions, fines, litigation, sanctions or economic and reputational harm to us. In addition, we may not be able to effectively monitor or mitigate operational risks relating to our third-party providers' service providers. We are also exposed to the risk that a service disruption at a service provider common to our third-party providers could impede their ability to provide services to us. Notwithstanding any attempts to diversify our reliance on third parties, we may not be able to effectively mitigate operational risks relating to our third-party providers’ use of common service providers.
If we are not able to invest successfully in, and compete at the leading edge of, technological developments across all our businesses, our revenue and profitability could be materially adversely affected.
Our industry is subject to rapid and significant technological changes. In order to compete in our industry, we need to continue to invest in technology across all areas of our business, including in transaction processing, data management and analytics, machine learning and artificial intelligence, customer interactions and communications, open banking and alternative payment and financing mechanisms, authentication technologies and digital identification, tokenization, real-time settlement, and risk management and compliance systems. Incorporating new technologies into our products and services, including developing the appropriate governance and controls consistent with regulatory expectations, requires substantial expenditures and takes considerable time, and ultimately may not be successful. We expect that new technologies in the payments industry will continue to emerge, and these new technologies may be superior to, or render obsolete, our existing technology.
The process of developing new products and services, enhancing existing products and services and adapting to technological changes and evolving industry standards is complex, costly and uncertain, and any failure by us to anticipate customers’ changing needs and emerging technological trends accurately could significantly impede our ability to compete effectively. Consumer and merchant adoption is a key competitive factor and our competitors may develop products, platforms or technologies that become more widely adopted than ours. In addition, we may underestimate the time and expense we must invest in new products and services before they generate significant revenues, if at all. Our use of artificial intelligence and machine learning is subject to risks related to flaws in our algorithms and datasets that may be insufficient or contain biased information. These deficiencies could undermine the decisions, predictions or analysis such technologies produce, subjecting us to competitive harm, legal liability, and brand or reputational harm.
Our ability to develop, acquire or access competitive technologies or business processes on acceptable terms may also be limited by intellectual property rights that third parties, including those that current and potential competitors, may assert. In addition, our ability to adopt new technologies may be inhibited by the emergence of industry-wide standards, a changing legislative and regulatory environment, an inability to develop appropriate governance and controls, a lack of internal product and engineering expertise, resistance to change from Card Members or merchants, lack of appropriate change management processes or the complexity of our systems.
We may not be successful in realizing the benefits associated with our acquisitions, strategic alliances, joint ventures and investment activity, and our business and reputation could be materially adversely affected.
We have acquired a number of businesses, including Kabbage, and have made a number of strategic investments, and continue to evaluate potential transactions. There is no assurance that we will be able to successfully identify suitable candidates, value potential investment or acquisition opportunities accurately, negotiate acceptable terms for those opportunities, or complete proposed acquisitions and investments. The process of integrating an acquired company, business or technology could create unforeseen operating difficulties and expenditures, result in unanticipated liabilities, including legal claims, violations of laws, commercial disputes and information security vulnerabilities or breaches (including from not integrating the acquired company, business or technology quickly or appropriately, from activities that occurred prior to the acquisition, and from exposure to third party relationships of the acquired company or business or new laws and regulations), and harm our business generally. It may take us longer than expected to fully realize the anticipated benefits of these transactions, and those benefits may ultimately be smaller than anticipated or may not be realized at all, which could materially adversely affect our business and operating results, including as a result of write-downs of goodwill and other intangible assets.
We may also face risks with other types of strategic transactions, such as the sale to InComm of the operations relating to our prepaid reloadable and gift card business. The reloadable operations have experienced disruptions in the past, impacting the ability of our prepaid customers to load and use their cards. If such operations are interrupted, suspended or terminated in the future, it could further negatively impact our customers’ experience, result in additional costs, litigation and regulatory action, and harm our business and reputation.
Joint ventures, including our GBT JV and our joint venture in China, and minority investments inherently involve a lesser degree of control over business operations, thereby potentially increasing the financial, legal, operational and/or compliance risks associated with the joint venture or minority investment, including as a result of becoming subject to different laws or regulations. In addition, we may be dependent on joint venture partners, controlling shareholders or management who may have business interests, strategies or goals that are inconsistent with ours. For example, trade secrets and other proprietary information we may provide to a joint venture may become available to third parties beyond our control. The ability to enforce intellectual property and contractual rights to prevent disclosure of our trade secrets and other proprietary information may be limited in certain jurisdictions. Business decisions or other actions or omissions of the joint venture partner, controlling shareholders or management may adversely affect the value of our investment, result in litigation or regulatory action against us and otherwise damage our reputation and brand.
Our success is dependent on maintaining a culture of integrity and respect, the resilience of our colleagues through the pandemic, and upon our executive officers and other key personnel, and misconduct by or loss of key personnel could materially adversely affect our business.
We rely upon our key personnel not only for business success, but also to lead with integrity and promote a culture of respect. To the extent our leaders behave in a manner that does not comport with our company’s values, the consequences to our brand and reputation could be severe and could negatively affect our financial condition and results of operations. Our colleagues have had to adapt to rapidly changing conditions during the pandemic, and if we are unable to continue addressing the safety, health and productivity of our colleagues, our business could suffer.
The market for qualified individuals is highly competitive, and we may not be able to attract and retain qualified personnel or candidates to replace or succeed members of our senior management team or other key personnel who voluntarily or involuntarily leave the company. Changes in immigration and work permit laws and regulations or the administration or enforcement of such laws or regulations or other changes in the legal or regulatory environment, including as a result of Brexit, can also impair our ability to attract and retain qualified personnel, or to employ such personnel in the location(s) of our choice. Our compensation practices are subject to review and oversight by the Federal Reserve and the compensation practices of AENB are subject to review and oversight by the OCC. This regulatory review and oversight could further affect our ability to attract and retain our executive officers and other key personnel. The loss of key personnel could materially adversely affect our business.
Legal, Regulatory and Compliance Risks
Our business is subject to comprehensive government regulation and supervision, which could materially adversely affect our results of operations and financial condition.
We are subject to comprehensive government regulation and supervision in jurisdictions around the world, which significantly affects our business and requires continual enhancement of our compliance efforts. Supervision efforts and the enforcement of existing laws and regulations impact the scope and profitability of our existing business activities, limit our ability to pursue certain business opportunities and adopt new technologies, compromise our competitive position, and affect our relationships with Card Members, partners, merchants, vendors and other third parties. New laws or regulations could similarly affect our business, increase our costs of doing business and require us to change certain of our business practices and invest significant management attention and resources, all of which could adversely affect our results of operations and financial condition. Legislators and regulators around the world are aware of each other’s approaches to the regulation of the payments industry. Consequently, a development in one country, state or region may influence regulatory approaches in another. To the extent that different regulatory systems impose overlapping or inconsistent requirements on the conduct of our business, we face complexity and additional costs in our compliance efforts.
If we fail to satisfy regulatory requirements or maintain our financial holding company status, our financial condition and results of operations could be adversely affected, and we may be restricted in our ability to take certain capital actions (such as declaring dividends or repurchasing outstanding shares) or engage in certain business activities or acquisitions, which could compromise our competitive position. Additionally, our banking regulators have wide discretion in the examination and the enforcement of applicable banking statutes and regulations and may restrict our ability to engage in certain business activities or acquisitions or require us to maintain more capital.
In recent years, legislators and regulators have focused on the operation of card networks, including interchange fees paid to card issuers in payment networks such as Visa and Mastercard and the fees merchants are charged to accept cards. Even where we are not directly regulated, regulation of bankcard fees significantly negatively impacts the discount revenue derived from our business, including as a result of downward pressure on our discount rate from decreases in competitor pricing in connection with caps on interchange fees. In some cases, regulations also extend to certain aspects of our business, such as network and cobrand arrangements or the terms of card acceptance for merchants, including terms relating to non-discrimination and honor-all-cards. For example, we have exited our network businesses in the EU and Australia as a result of regulation in those jurisdictions. In addition, there is uncertainty as to when or how interchange fee caps and other provisions of the EU payments legislation might apply when we work with cobrand partners and agents in the EU. In a ruling issued on February 7, 2018, the EU Court of Justice confirmed the validity of the application of the fee caps and other provisions in circumstances where three-party networks issue cards with a cobrand partner or through an agent, although the ruling provided only limited guidance as to when or how the provisions might apply in such circumstances and remains subject to differing interpretations by regulators and participants in cobrand arrangements. As a result, we are subject to regulatory action, penalties and the possibility we will not be able to maintain our existing cobrand and agent relationships in the EU.
We are subject to certain provisions of the Bank Secrecy Act, as amended by the Patriot Act and the AMLA, with regard to maintaining effective AML programs. Similar AML requirements apply under the laws of most jurisdictions where we operate. As regulators increase their focus in this area, we are likely to face increased costs related to oversight, supervision and fines and changes to our business practices, including restrictions with respect to the types of products and services we may offer, the countries in which our cards may be used, and the types of customers and merchants who can obtain or accept our cards. Emerging technologies, such as digital currencies, could limit our ability to track the movement of funds. Money laundering, terrorist financing and other illicit activities involving our business could result in enforcement action, and our reputation may suffer due to our customers’ association with certain countries, persons or entities or the existence of any such transactions.
Various regulatory agencies and legislatures are also considering regulations and legislation covering identity theft, account management guidelines, credit bureau reporting, disclosure rules, security and marketing that would impact us directly, in part due to increased scrutiny of our underwriting and account management standards. These new requirements may restrict our ability to issue charge and credit cards or partner with other financial institutions, which could adversely affect our revenue growth.
See “Supervision and Regulation” for more information about certain laws and regulations to which we are subject and their impact on us.
Litigation and regulatory actions could subject us to significant fines, penalties, judgments and/or requirements resulting in significantly increased expenses, damage to our reputation and/or a material adverse effect on our business.
Businesses in the financial services and payments industries have historically been subject to significant legal actions, including class action lawsuits. Many of these actions have included claims for substantial compensatory or punitive damages. While we have historically relied on our arbitration clause in agreements with customers to limit our exposure to class action litigation, there can be no assurance that we will continue to be successful in enforcing our arbitration clause in the future, including as a result of regulation that would require that our consumer arbitration clause not apply to cases filed in court as class actions, and claims of the type we previously arbitrated could be subject to the complexities, risks and costs associated with class action cases. The continued focus of merchants on issues relating to the acceptance of various forms of payment may lead to additional litigation and other legal actions. Given the inherent uncertainties involved in litigation, and the very large or indeterminate
damages sought in some matters asserted against us, there is significant uncertainty as to the ultimate liability we may incur from litigation.
We have been subject to regulatory actions and may continue to be subject to such actions, including governmental inquiries, investigations and enforcement proceedings, in the event of noncompliance or alleged noncompliance with laws or regulations. External publicity concerning investigations, including those that are narrow in scope, can increase their scope and scale and lead to further regulatory inquiries. Beginning in May 2020, we began responding to a regulatory review led by the OCC and the Department of Justice Civil Division regarding historical sales practices relating to certain small business card sales. We also conducted an internal review of certain sales from 2015 and 2016 and have taken appropriate disciplinary and remedial actions, including voluntarily providing remediation to certain current and former customers. Information regarding our investigation has been provided to our other regulators, including the Federal Reserve. In January 2021, we received a grand jury subpoena from the United States Attorney’s Office for the Eastern District of New York regarding the sales practices for small business cards and a Civil Investigative Demand from the CFPB seeking information on sales practices related to consumers. We are cooperating with all of these inquiries and have continued to enhance our controls related to our sales practices. We do not believe this matter will have a material adverse impact on our business or results of operations.
We expect that regulators will continue taking formal enforcement actions against financial institutions in addition to addressing supervisory concerns through non-public supervisory actions or findings, which could involve restrictions on our activities, among other limitations that could adversely affect our business. In addition, a violation of law or regulation by another financial institution could give rise to an investigation by regulators and other governmental agencies of the same or similar practices by us. Further, a single event may give rise to numerous and overlapping investigations and proceedings. Regulatory action could subject us to significant fines, penalties or other requirements resulting in Card Member reimbursements, increased expenses, limitations or conditions on our business activities, and damage to our reputation and our brand, all of which could adversely affect our results of operations and financial condition.
Governmental authorities have adopted or proposed measures to provide economic assistance to individual households and businesses, stabilize markets and support economic growth. The future success of these measures is unknown and they may not be sufficient to mitigate the negative impact of the pandemic. Additionally, some measures, such as a suspension of loan payments and encouragement of forbearances, may have a negative impact on our business, results of operations and financial condition. We also face an increased risk of litigation and governmental and regulatory scrutiny as a result of the effects of the pandemic on market and economic conditions, such as a renewed focus on fair lending laws, and actions governmental authorities take in response to those conditions, including participation in the PPP.
Legal proceedings regarding provisions in our merchant contracts, including non-discrimination and honor-all-cards provisions, could have a material adverse effect on our business and result in additional litigation and/or arbitrations, substantial monetary damages and damage to our reputation and brand.
We are, and have been in the past, a defendant in a number of actions, including legal proceedings and proposed class actions filed by merchants, challenging certain provisions of our card acceptance agreements. See Note 12 to the "Consolidated Financial Statements" for a description of our outstanding material legal proceedings.
An adverse outcome in these proceedings could have a material adverse effect on our business and results of operations, require us to change our merchant agreements in a way that could expose our cards to increased merchant steering and other forms of discrimination that could impair the Card Member experience, result in additional litigation and/or arbitrations, impose substantial monetary damages and damage our reputation and brand. Even if we were not required to change our merchant agreements, changes in Visa’s and Mastercard’s policies or practices as a result of legal proceedings, lawsuit settlements or regulatory actions pending against them could result in changes to our business practices and materially and adversely impact our profitability.
We are subject to capital adequacy and liquidity rules, and if we fail to meet these rules, our business would be materially adversely affected.
Failure to meet current or future capital or liquidity requirements could compromise our competitive position and could result in restrictions imposed by the Federal Reserve, including limiting our ability to pay dividends, repurchase our capital stock, invest in our business, expand our business or engage in acquisitions. Some elements of the capital and liquidity regimes are not yet final and certain developments could significantly impact the requirements applicable to financial institutions. For example, the Basel Committee finalized revisions to the standardized approach for credit risk and operational risk capital requirements. If these revisions are adopted in the United States, we could be required to hold significantly more capital. In addition, it may be necessary for us to hold additional capital because of an increase in the SCB requirement based on the results from a supervisory stress test.
Compliance with capital adequacy and liquidity rules requires a material investment of resources. An inability to meet regulatory expectations regarding our compliance with applicable capital adequacy and liquidity rules may also negatively impact the assessment of us and our U.S. bank subsidiary by federal banking regulators.
For more information on capital adequacy requirements, see “Capital and Liquidity Regulation” under “Supervision and Regulation.”
We are subject to restrictions that limit our ability to pay dividends and repurchase our capital stock. Our subsidiaries are also subject to restrictions that limit their ability to pay dividends to us, which may adversely affect our liquidity.
We are limited in our ability to pay dividends and repurchase capital stock by our regulators, who have broad authority to prohibit any action that would be considered an unsafe or unsound banking practice. For example, the Federal Reserve prohibited share repurchases in the third and fourth quarters of 2020 for all banking organizations participating in CCAR and has limited distributions for the first quarter of 2021. We are subject to a requirement to submit capital plans to the Federal Reserve for review that include, among other things, projected dividend payments and repurchases of capital stock. As part of the capital planning and stress testing process, our proposed capital actions are assessed against our ability to satisfy applicable capital requirements in the event of a stressed market environment. If we fail to satisfy applicable capital requirements, including the stress capital buffer, our ability to undertake capital actions may be restricted.
Our ability to declare or pay dividends on, or to purchase, redeem or otherwise acquire, shares of our common stock will be prohibited, subject to certain exceptions, in the event that we do not declare and pay in full dividends for the last preceding dividend period of our Series B and Series C preferred stock.
American Express Company relies on dividends from its subsidiaries for liquidity, and such dividends may be limited by law, regulation or supervisory policy. For example, our U.S. bank subsidiary, AENB, is subject to various statutory and regulatory limitations on its declaration and payment of dividends. These limitations may hinder our ability to access funds we may need to make payments on our obligations, make dividend payments on outstanding American Express Company capital stock or otherwise achieve strategic objectives.
Any future reduction or elimination of our common stock dividend or share repurchase program could adversely affect the market price of our common stock and market perceptions of American Express. For more information on bank holding company and depository institution dividend restrictions, see “Stress Testing and Capital Planning” and “Dividends and Other Capital Distributions” under “Supervision and Regulation,” as well as “Consolidated Capital Resources and Liquidity—Dividends and Share Repurchases” under “MD&A” and Note 22 to our “Consolidated Financial Statements.”
Regulation in the areas of privacy, data protection, data governance, account access and information and cyber security could increase our costs and affect or limit our business opportunities and how we collect and/or use personal information.
Legislators and regulators in the United States and other countries in which we operate are increasingly adopting or revising privacy, data protection, data governance, account access and information and cyber security laws, including data localization, authentication and notification laws. As such laws are interpreted and applied (in some cases, with significant differences or conflicting requirements across jurisdictions), compliance and technology costs will continue to increase, particularly in the context of ensuring that adequate data governance, data protection, data transfer and account access mechanisms are in place.
Compliance with current or future privacy, data protection, data governance, account access and information and cyber security laws could significantly impact our collection, use, sharing, retention and safeguarding of consumer and/or colleague information and could restrict our ability to fully maximize our closed-loop capability or provide certain products and services, which could materially and adversely affect our profitability. Our failure to comply with such laws could result in potentially significant regulatory and/or governmental investigations and/or actions, litigation, fines, sanctions, ongoing regulatory monitoring, customer attrition, decreases in the use or acceptance of our cards and damage to our reputation and our brand. In recent years, there has been increasing regulatory enforcement and litigation activity in the areas of privacy, data protection and information and cyber security in the United States, the EU and various other countries in which we operate.
For more information on regulatory and legislative activity in this area, see “Privacy, Data Protection, Data Governance, Information and Cyber Security” under “Supervision and Regulation.”
We may not be able to effectively manage the operational and compliance risks to which we are exposed.
We consider operational risk to be the risk of loss due to, among other things, inadequate or failed processes, people or information systems, or impacts from the external environment (e.g., natural disasters). Operational risk includes, among others, the risk that error or misconduct could result in a material financial misstatement, a failure to monitor a third party’s compliance with regulatory or legal requirements, or a failure to adequately monitor and control access to, or use of, data in our systems we grant to third parties. As processes or organizations are changed, or new products and services are introduced, we may not fully appreciate or identify new operational risks that may arise from such changes. Through human error, fraud or malfeasance, conduct risk can result in harm to customers, broader markets and the company and its employees.
Compliance risk arises from the failure to adhere to applicable laws, rules, regulations and internal policies and procedures. We need to continually update and enhance our control environment to address operational and compliance risks. Operational and compliance failures or deficiencies in our control environment can expose us to reputational and legal risks as well as fines,
civil money penalties or payment of damages and can lead to diminished business opportunities and diminished ability to expand key operations.
If we are not able to protect our intellectual property, or successfully defend against any infringement or misappropriation assertions brought against us, our revenue and profitability could be negatively affected.
We rely on a variety of measures to protect our intellectual property and control access to, and distribution of, our trade secrets and other proprietary information. These measures may not prevent infringement of our intellectual property rights or misappropriation of our proprietary information and a resulting loss of competitive advantage. The ability to enforce intellectual property rights to prevent disclosure of our trade secrets and other proprietary information may be limited in certain jurisdictions. In addition, competitors or other third parties may allege that our products, systems, processes or technologies infringe on their intellectual property rights. Given the complex, rapidly changing and competitive technological and business environments in which we operate, and the potential risks and uncertainties of intellectual property-related litigation, a future assertion of an infringement or misappropriation claim against us could cause us to lose significant revenues, incur significant defense, license, royalty or technology development expenses, and/or pay significant monetary damages.
Tax legislative initiatives or assessments could adversely affect our results of operations and financial condition.
We are subject to income and other taxes in the United States and in various foreign jurisdictions. The laws and regulations related to tax matters are extremely complex and subject to varying interpretations. Although management believes our positions are reasonable, we are subject to audit by the Internal Revenue Service in the United States and by tax authorities in all the jurisdictions in which we conduct business operations. We are being challenged in a number of countries regarding our application of value-added taxes (VAT) to certain transactions. While we believe we comply with all applicable VAT and other tax laws, rules and regulations in the relevant jurisdictions, the tax authorities may determine that we owe additional taxes or apply existing laws and regulations more broadly, which could result in a significant increase in liabilities for taxes and interest in excess of accrued liabilities.
New tax legislative initiatives, including increases in the corporate tax rate, may be enacted, impacting our effective tax rate and potentially adversely affecting our tax positions or tax liabilities. In addition, unilateral or multi-jurisdictional actions by various tax authorities, including an increase in tax audit activity, could have an adverse impact on our tax liabilities.
Credit, Liquidity and Market Risks
Our risk management policies and procedures may not be effective.
Our risk management framework seeks to identify and mitigate risk and appropriately balance risk and return. Although we have devoted significant resources to develop our risk management policies and procedures and expect to continue to do so in the future, these policies and procedures, as well as our risk management techniques, such as our hedging strategies, may not be fully effective. There may also be risks that exist, or develop in the future, that we have not appropriately identified or mitigated. As regulations and competition continue to evolve, our risk management framework may not always keep sufficient pace with those changes. If our risk management framework does not effectively identify or mitigate our risks, we could suffer unexpected losses and could be materially adversely affected.
Management of our risks in some cases depends upon the use of analytical and/or forecasting models. Although we have a governance framework for model development and independent model validation, the modeling methodology or key assumptions could be erroneous or the models could be misused. In addition, issues with the quality or effectiveness of our data aggregation and validation procedures, as well as the quality and integrity of data inputs, could result in ineffective or inaccurate model outputs and reports. For example, models based on historical data sets might not be accurate predictors of future outcomes and their ability to appropriately predict future outcomes may degrade over time. The CECL methodology requires measurement of expected credit losses for the estimated life of certain financial instruments, not only based on historical experience and current conditions, but also by including forecasts incorporating forward-looking information. Our ability to accurately forecast future losses under that methodology may be impaired by the significant uncertainty surrounding the pandemic and the lack of comparable precedent. If our business decisions or estimates for credit losses are based on incorrect or misused models and assumptions or we fail to manage data inputs effectively and to aggregate or analyze data in an accurate and timely manner, our results of operations and financial condition may be materially adversely affected.
We are exposed to credit risk and trends that affect Card Member spending and the ability of customers and partners to pay us, which could have a material adverse effect on our results of operations and financial condition.
We are exposed to both individual credit risk, principally from consumer and small business Card Member loans and receivables, and institutional credit risk, principally from corporate Card Member loans and receivables, merchants, network partners, loyalty coalition partners and treasury and investment counterparties. Third parties may default on their obligations to us due to bankruptcy, lack of liquidity, operational failure or other reasons. General economic factors, such as GDP, unemployment, inflation and interest rates, may result in greater delinquencies that lead to greater credit losses. A customer’s ability and willingness to repay us can be negatively impacted not only by economic, market, political and social conditions but
also by a customer’s other payment obligations, and increasing leverage can result in a higher risk that customers will default or become delinquent in their obligations to us. Our caution about the potential for a significant downturn in the pace of economic recovery is reflected in the macroeconomic outlook that informs our reserves for credit losses.
We rely principally on the customer’s creditworthiness for repayment of loans or receivables and therefore have no other recourse for collection. Our ability to assess creditworthiness may be impaired if the criteria or models we use to manage our credit risk prove inaccurate in predicting future losses, which could cause our losses to rise and have a negative impact on our results of operations. Further, our pricing strategies may not offset the negative impact on profitability caused by increases in delinquencies and losses; thus any material increases in delinquencies and losses beyond our current estimates could have a material adverse impact on us. Although we make estimates to provide for credit losses in our outstanding portfolio of loans and receivables, these estimates may not be accurate. In addition, the information we use in managing our credit risk may be inaccurate or incomplete.
Rising delinquencies and rising rates of bankruptcy are often precursors of future write-offs and may require us to increase our reserve for credit losses. Higher write-off rates and the resulting increase in our reserves for credit losses adversely affect our profitability and the performance of our securitizations, and may increase our cost of funds.
Although we regularly review our credit exposure to specific clients and counterparties and to specific industries, countries and regions that we believe may present credit concerns, default risk may arise from events or circumstances that are difficult to foresee or detect, such as fraud. In addition, our ability to manage credit risk or collect amounts owed to us may be adversely affected by legal or regulatory changes (such as restrictions on collections or changes in bankruptcy laws, minimum payment regulations and re-age guidance). Increased credit risk, whether resulting from underestimating the credit losses inherent in our portfolio of loans and receivables, deteriorating economic conditions (particularly in the United States where, for example, Card Members were responsible for approximately 87 percent of our total Card Member loans outstanding as of December 31, 2020), increases in the level of loan balances, changes in our mix of business or otherwise, could require us to increase our provisions for losses and could have a material adverse effect on our results of operations and financial condition.
Interest rate changes could materially adversely affect our earnings.
Our interest expense was approximately $2.1 billion for the year ended December 31, 2020. If the rate of interest we pay on our borrowings increases more or decreases less than the rate of interest we earn on our loans, our net interest yield, and consequently our net interest income, could decrease. As of December 31, 2020, a hypothetical immediate 100 basis point increase in market interest rates would have a detrimental impact on our annual net interest income of up to $113 million. A hypothetical immediate 100 basis point decrease in market interest rates would have a smaller but still detrimental impact on our annual net interest income. We expect the rates we pay on our deposits will change if benchmark interest rates change. In addition, interest rate changes may affect customer behavior, such as impacting the loan balances Card Members carry on their credit cards or their ability to make payments as higher interest rates lead to higher payment requirements, further impacting our results of operations. For a further discussion of our interest rate risk, see “Risk Management ― Market Risk Management Process” under “MD&A.”
The discontinuance of LIBOR may negatively impact our access to funding and the value of our financial instruments and commercial agreements.
Central banks and global regulators have called for financial market participants to prepare for the discontinuance of the London interbank offered rate (LIBOR) and the establishment of alternative reference rates. Certain of our financial instruments and commercial agreements reference LIBOR, which will need to be amended or otherwise modified to replace LIBOR with an alternative reference rate. Some of those instruments and agreements contain provisions to replace LIBOR as the benchmark following the occurrence of specified transition events. Such provisions may not be sufficient to trigger a change in the benchmark at all times when LIBOR is no longer representative of market interest rates, or that these events will align with similar events in the market generally or in other parts of the financial markets, such as the derivatives market.
Alternative reference rates are calculated using components different from those used in the calculation of LIBOR and may fluctuate differently than, and not be representative of, LIBOR. In order to compensate for these differences, certain of our financial instruments and commercial agreements allow for a benchmark replacement adjustment. However, there is no assurance that any benchmark replacement adjustment will be sufficient to produce the economic equivalent of LIBOR, either at the benchmark replacement date or over the life of such instruments and agreements.
Uncertainty as to the nature and timing of the potential discontinuance or modification of LIBOR, the replacement of LIBOR with one or more alternative reference rates or other reforms may negatively impact market liquidity, our access to funding and the trading market for our financial instruments. Furthermore, the timing of implementation and use of alternative reference rates and corresponding adjustments or other reforms could be subject to disputes, could cause the interest payable on our outstanding financial instruments and commercial agreements to be materially different than expected and may impact the value of such instruments and agreements.
Adverse market conditions may significantly affect our access to, and cost of, capital and ability to meet liquidity needs.
Our ability to obtain financing in the debt capital markets for unsecured term debt and asset securitizations is dependent on financial market conditions. Disruptions, uncertainty or volatility across the financial markets, as well as adverse developments affecting our competitors and the financial industry generally, could negatively impact market liquidity and limit our access to funding required to operate our business. Such market conditions may also limit our ability to replace, in a timely manner, maturing liabilities, satisfy regulatory capital requirements and access the funding necessary to grow our business. In some circumstances, we may incur an unattractive cost to raise capital, which could decrease profitability and significantly reduce financial flexibility. For a further discussion of our liquidity and funding needs, see “Consolidated Capital Resources and Liquidity” under “MD&A.”
Any reduction in our and our subsidiaries’ credit ratings could increase the cost of our funding from, and restrict our access to, the capital markets and have a material adverse effect on our results of operations and financial condition.
Rating agencies regularly evaluate us and our subsidiaries, and their ratings of our and our subsidiaries’ long-term and short-term debt and deposits are based on a number of factors, including financial strength, as well as factors not within our control, including conditions affecting the financial services industry generally, and the wider state of the economy. Our and our subsidiaries’ ratings could be downgraded at any time and without any notice by any of the rating agencies, which could, among other things, adversely limit our access to the capital markets and adversely affect the cost and other terms upon which we and our subsidiaries are able to obtain funding.
Adverse currency fluctuations and foreign exchange controls could decrease earnings we receive from our international operations and impact our capital.
During 2020, approximately 22 percent of our total revenues net of interest expense were generated from activities outside the United States. We are exposed to foreign exchange risk from our international operations, and accordingly the revenue we generate outside the United States is subject to unpredictable fluctuations if the values of other currencies change relative to the U.S. dollar (including as a result of Brexit), which could have a material adverse effect on our results of operations.
Foreign exchange regulations or capital controls might restrict or prohibit the conversion of other currencies into U.S. dollars or our ability to transfer them. Political and economic conditions in other countries could also impact the availability of foreign exchange for the payment to us by the local card issuer for obligations arising out of local Card Members’ spending outside such country and for the payment by Card Members who are billed in a currency other than their local currency. Substantial and sudden devaluation of local Card Members’ currency can also affect their ability to make payments to the local issuer of the card in connection with spending outside the local country. The occurrence of any of these circumstances could further impact our results of operations.
An inability to accept or maintain deposits due to market demand or regulatory constraints could materially adversely affect our liquidity position and our ability to fund our business.
Our U.S. bank subsidiary, AENB, accepts deposits directly from consumers, as well as from individuals through third-party brokerage networks, and uses the proceeds as a source of funding. As of December 31, 2020, we had approximately $86 billion in total U.S. retail deposits, a portion of which had been raised through third-party brokerage networks. We face strong and increasing competition with regard to deposits, and pricing and product changes may adversely affect our ability to attract and retain cost-effective deposit balances. To the extent we offer higher interest rates to attract or maintain deposits, our funding costs will be adversely impacted.
Our ability to obtain deposit funding and offer competitive interest rates on deposits is also dependent on AENB’s capital levels. The FDIA’s brokered deposit provisions and related FDIC rules in certain circumstances prohibit banks from accepting or renewing brokered deposits and apply other restrictions, such as a cap on interest rates that can be paid. Additionally, our regulators can adjust applicable capital requirements at any time and have authority to place limitations on our deposit businesses. An inability to attract or maintain deposits in the future could materially adversely affect our ability to fund our business.
The value of our investments may be adversely impacted by economic, political or market conditions.
Market risk includes the loss in value of portfolios and financial instruments due to adverse changes in market variables, which could negatively impact our financial condition. We held approximately $22 billion of investment securities as of December 31, 2020. In the event that actual default rates of these investment securities were to significantly change from historical patterns due to economic conditions or otherwise, it could have a material adverse impact on the value of our investment portfolio, potentially resulting in impairment charges. Defaults or economic disruptions, even in countries or territories in which we do not have material investment exposure, conduct business or have operations, could adversely affect us.