ITEM 1. BUSINESS
American Express is a globally integrated payments company that provides our customers with access to products, insights and experiences that enrich lives and build business success. We are a leader in providing credit and charge cards to consumers, small businesses, mid-sized companies and large corporations around the world. American Express® cards issued by us, as well as by third-party banks and other institutions on the American Express network, can be used by Card Members to charge purchases at the millions of merchants around the world that accept cards bearing our logo.
Our various products and services are sold globally to diverse customer groups through various channels, including mobile and online applications, affiliate marketing, customer referral programs, third-party service providers and business partners, direct mail, telephone, in-house sales teams and direct response advertising.
We were founded in 1850 as a joint stock association and were incorporated in 1965 as a New York corporation. American Express Company and its principal operating subsidiary, American Express Travel Related Services Company, Inc. (TRS), are bank holding companies under the Bank Holding Company Act of 1956, as amended (the BHC Act), subject to supervision and examination by the Board of Governors of the Federal Reserve System (the Federal Reserve).
We principally engage in businesses comprising three reportable operating segments: Global Consumer Services Group (GCSG), Global Commercial Services (GCS) and Global Merchant and Network Services (GMNS). Corporate functions and certain other businesses are included in Corporate & Other. Our businesses are global in scope and function together to form our end-to-end integrated payments platform, which we believe is a differentiator that underpins our business model. While our business was significantly impacted by the COVID-19 pandemic in 2020, we believe our growth momentum through 2021 strengthens our focus on our strategic imperatives and the resilience of our differentiated business model.
For further information about our reportable operating segments, please see “Business Segment Results of Operations” under “MD&A.”
Our Integrated Payments Platform
Through our general-purpose card-issuing, merchant-acquiring and card network businesses, we are able to connect participants and provide differentiated value across the commerce path. We maintain direct relationships with both our Card Members (as a card issuer) and merchants (as an acquirer), and we handle all key aspects of those relationships. These relationships create a “closed loop” in that we have direct access to information at both ends of the card transaction, which distinguishes our integrated payments platform from the bankcard networks.
Our integrated payments platform allows us to analyze information on Card Member spending and build algorithms and other analytical tools that we use to underwrite risk, reduce fraud and provide targeted marketing and other information services for merchants and special offers and services to Card Members, all while respecting Card Member preferences and protecting Card Member and merchant data in compliance with applicable policies and legal requirements. Through contractual relationships, we also obtain information from third-party card issuers, merchant acquirers, aggregators and processors with whom we do business.
Card Issuing Businesses
Our global proprietary card-issuing businesses are conducted through our GCSG and GCS reportable operating segments. We offer a broad set of card products, rewards and services to a diverse consumer and commercial customer base, in the United States and internationally. We acquire and retain high-spending, engaged and creditworthy Card Members by:
•Designing innovative products and features that appeal to our target customer base and meet their spending and borrowing needs
•Using incentives to drive spending on our various card products and engender loyal Card Members, including our Membership Rewards® program, cash-back reward features and participation in loyalty programs sponsored by our cobrand and other partners
•Providing digital and mobile services and an array of benefits and experiences across card products, such as airport lounge access, dining experiences and other travel and lifestyle benefits, which we believe are difficult for others to replicate and help increase Card Member engagement
•Creating world-class service experiences by delivering exceptional customer care
•Developing a wide range of partner relationships, including with other corporations and institutions that sponsor certain of our cards under cobrand arrangements and provide benefits and services to our Card Members
Over the last several years, we have focused on broadening the appeal of our products to attract new customers, particularly Millennial and Gen Z customers, as well as expanding our position with small and mid-sized enterprise (SME) customers by providing more ways to help them manage and grow their businesses. During 2020, we enhanced our value propositions on many of our products, including adjusting our rewards programs and adding limited time offers and statement credits in categories that were relevant to how customer spending behaviors were changing, such as wireless telephone services, streaming services, business essentials and food delivery. We also enhanced and expanded our financial relief programs to assist our customers who faced financial hardships. As the pandemic continued, we made the decision to increase investments to drive customer acquisition, engagement and retention. These initiatives have driven retention and satisfaction metrics higher than pre-pandemic levels. During 2021, we relaunched our consumer Platinum Card and Business Platinum Card in the United States and introduced our first business checking account product and new digital capabilities, in part resulting from the Kabbage technology platform we acquired in 2020.
For the year ended December 31, 2021, worldwide billed business (spending on American Express cards issued by us) was $1.1 trillion and at December 31, 2021, we had 71.4 million proprietary cards-in-force worldwide.
Merchant Acquiring Business
Our GMNS reportable operating segment builds and manages relationships with millions of merchants around the world that choose to accept American Express cards. This includes signing new merchants to accept our cards, agreeing on the discount rate (a fee charged to the merchant for accepting our cards) and handling servicing for merchants. We also build and maintain relationships with merchant acquirers, aggregators and processors to manage aspects of our merchant services business. For example, through our OptBlue® merchant-acquiring program, third-party acquirers contract directly with small merchants for card acceptance on our network and determine merchant pricing. We continue to grow merchant acceptance of American Express cards around the world and work with merchant partners so that our Card Members are warmly welcomed and encouraged to spend in the millions of places where their American Express cards are accepted.
GMNS also provides fraud-prevention tools, marketing solutions, data analytics and other programs and services to merchants and other partners that leverage the capabilities of our integrated payments platform.
During the pandemic, we increased our investments in our Shop Small campaigns to support small businesses around the world, created a Stand for Small coalition and supported minority-owned small businesses in the United States. We launched debit capabilities on the American Express network and in 2021 introduced our first-ever proprietary debit card in connection with the business checking account product mentioned above.
Card Network Business
We operate a payments network through which we establish and maintain relationships with third-party banks and other institutions in approximately 103 countries and territories, licensing the American Express brand and extending the reach of our global network. These network partners are licensed to issue local currency American Express-branded cards in their countries and/or serve as the merchant acquirer for local merchants on our network.
During 2021, we continued to grow our business in China through our joint venture with Lianlian DigiTech Co., Ltd, a Chinese fintech services company.
For the year ended December 31, 2021, worldwide network services processed volume (spending on American Express cards issued by third parties) was $194.4 billion and at December 31, 2021, we had 50.3 million cards-in-force issued by third parties worldwide.
Diverse Customer Base and Global Footprint
Our broad and diverse customer base spans consumers, small businesses, mid-sized companies and large corporations around the world. The following charts provide a summary of our diverse set of customers and broad geographic footprint based on worldwide network volumes:
Partners and Relationships
Our integrated payments platform allows us to work with a range of business partners, and our partners in return help drive the scale and relevance of the platform.
There are many examples of how we connect partners with our integrated payments platform, including: issuing cards under cobrand arrangements with other corporations and institutions (e.g., Delta Air Lines, Marriott International, Hilton Worldwide Holdings and British Airways); offering innovative ways for our Card Members to earn and use points with our merchants (e.g., Pay with Points at Amazon.com); expanding merchant acceptance with third-party acquirers (e.g., OptBlue partners); developing new capabilities and features with our digital partners (e.g., PayPal); integrating into the supplier payment processes of our business customers (e.g., Bill.com, SAP Ariba and Coupa); and extending the platform into travel services with American Express leisure and business travel (e.g., Fine Hotels and Resorts).
Delta Air Lines is our largest strategic partner. Our relationships with, and revenues and expenses related to, Delta are significant and represent an important source of value for our Card Members. We issue cards under cobrand arrangements with Delta and the Delta cobrand portfolio represented approximately 9 percent of worldwide network volumes and approximately 21 percent of worldwide Card Member loans as of December 31, 2021. The Delta cobrand portfolio generates fee revenue and interest income from Card Members and discount revenue from Delta and other merchants for spending on Delta cobrand cards. The current Delta cobrand agreement runs through the end of 2029 and we expect to continue to make significant investments in this partnership. Among other things, Delta is also a key participant in our Membership Rewards program, provides travel-related benefits and services, including airport lounge access for certain American Express Card Members, accepts American Express cards as a merchant and is a corporate payments customer.
Working with all of our partners, we seek to provide value, choice and unique experiences across our customer base.
Our Spend-Centric Model and Revenue Mix
Our “spend-centric” business model focuses on generating revenues primarily by driving spending on our cards and secondarily through finance charges and fees. Spending on our cards, which is higher on average on a per-card basis versus our competitors, offers superior value to merchants in the form of loyal customers and larger transactions. Because of the revenues generated from having high-spending Card Members and the annual card fees we charge on many of our products, we are able to invest in attractive rewards and other benefits for Card Members, as well as targeted marketing and other programs and investments for merchants. This creates incentives for Card Members to spend more on their cards and positively differentiates American Express cards.
We believe our spend-centric model gives us the ability to provide differentiated value to Card Members, merchants and business partners.
The American Express Brand and Service Excellence
Our brand and its attributes—trust, security and service—are key assets. We invest heavily in managing, marketing, promoting and protecting our brand, including through the delivery of our products and services in a manner consistent with our brand promise. The American Express brand is ranked among the most valuable brands in the world. We place significant importance on trademarks, service marks and patents, and seek to secure our intellectual property rights around the world.
We aim to provide the world’s best customer experience every day and our reputation for world-class service has been recognized by numerous awards over the years. Our customer care professionals, travel consultants and partners treat servicing interactions as an opportunity to bring the brand to life for our customers, add meaningful value and deepen relationships.
Our Business Strategies
During 2021, we focused on investing to rebuild growth momentum by firing up our core business, scaling next-horizon opportunities and continuing to retain financial flexibility. Over the longer term, we seek to grow our business by focusing on four strategic imperatives:
First, we aim to expand our leadership in the premium consumer space by continuing to deliver membership benefits that span our customers’ everyday spending, borrowing, travel and lifestyle needs, expanding our roster of business partners around the globe and developing a range of experiences that attract high-spending customers.
Second, we seek to build on our strong position in commercial payments by evolving our card value propositions, further differentiating our corporate card and accounts payable expense management solutions and designing innovative products and features, including financing, banking and payment solutions for our business customers.
Third, we are focused on strengthening our global network to provide unique value by continuing to help merchants navigate the convergence of online and offline commerce with fraud protection services, marketing insights and digital connections to higher-spending Card Members and continuing to work with our network partners to offer expanded products and services.
Finally, we want to continue to make American Express an essential part of our customers’ digital lives by developing more digital features, solutions and services, expanding our digital partnerships and making targeted acquisitions.
We also have an Environmental, Social and Governance (ESG) strategy that focuses on three pillars. The Promoting Diversity, Equity and Inclusion (DE&I) pillar supports a diverse, equitable and inclusive workforce, marketplace and society. The Building Financial Confidence pillar seeks to provide responsible, secure and transparent products and services to help people and businesses build financial resilience. Finally, the Advancing Climate Solutions pillar focuses on enhancing our operations and capabilities to meet customer and community needs in the transition to a low-carbon future.
We are committed to delivering a great colleague experience every day. We work to foster an inclusive and diverse culture and help our colleagues grow in their careers and thrive both professionally and personally. As a result, we believe our colleagues are more engaged, committed, creative and effective in driving results. At the heart of our culture is what we call our Blue Box Values – a set of guiding principles that reflect who we are and what we stand for:
We Back Our Customers
We Embrace Diversity
We Make It Great
We Stand for Inclusion
We Do What's Right
We Win as A Team
We Respect People
We Support Our Communities
As of December 31, 2021, we employed approximately 64,000 people, whom we refer to as colleagues, with approximately 22,000 colleagues in the United States and approximately 42,000 colleagues outside the United States. To attract and retain the best talent, we continuously invest in programs, benefits and resources to foster the personal and professional growth of our colleagues. We provide learning opportunities in many forms, including tools and guidance for maximizing learning on the job; cross-border and cross-business unit assignments; career coaching, mentoring, and professional networking; rotation opportunities; virtual learning sessions; and formal classroom instruction. We take a holistic approach to well-being, providing resources that address the physical, financial and emotional health of our colleagues. Throughout the pandemic, one of our top priorities has been to ensure our colleagues have the flexibility and resources they need to stay safe, healthy and productive.
We conduct an annual Colleague Experience Survey to better understand our colleagues’ needs and overall experience at American Express and in 2021, 90 percent of colleagues who participated in the survey said they would recommend American Express as a great place to work. Our 2021 annual company scorecard included talent retention and diversity representation goals to increase minority and women representation and retain our key talent. While we experienced an increase in colleague attrition in 2021, our high potential and multi-year high performer retention rates met or exceeded our goals. As of December 31, 2021, women represented 52.9 percent of our global workforce and Asian, Black/African American and Hispanic/Latinx people represented 19.5 percent, 13.3 percent and 13.8 percent, respectively, of our U.S. workforce based on preliminary data for our 2021 U.S. EEO-1 submission.
We regularly review our compensation practices to ensure colleagues in the same job, level and location are compensated fairly regardless of gender globally, and race and ethnicity in the United States. These reviews consider several factors known to affect compensation, including role, level, tenure, performance and geography. In the instances where a review has found inconsistencies, we have made adjustments. After making these adjustments, we believe we maintained 100 percent pay equity in 2021 for colleagues across genders globally and across races and ethnicities in the United States.
Information About Our Executive Officers
Set forth below, in alphabetical order, is a list of our executive officers as of February 11, 2022, including each executive officer’s principal occupation and employment during the past five years and reflecting recent organizational changes. None of our executive officers has any family relationship with any other executive officer, and none of our executive officers became an officer pursuant to any arrangement or understanding with any other person. Each executive officer has been elected to serve until the next annual election of officers or until his or her successor is elected and qualified. Each officer’s age is indicated by the number in parentheses next to his or her name.
DOUGLAS E. BUCKMINSTER —
Vice Chairman and Group President, Global Consumer Services Group
Mr. Buckminster (61) has been Vice Chairman since April 2021 and Group President, Global Consumer Services Group since February 2018. Prior thereto, he had been President, Global Consumer Services Group since October 2015.
JEFFREY C. CAMPBELL —
Vice Chairman and Chief Financial Officer
Mr. Campbell (61) has been Vice Chairman since April 2021 and Chief Financial Officer since August 2013.
MONIQUE HERENA —
Chief Colleague Experience Officer
Ms. Herena (50) has been Chief Colleague Experience Officer since April 2019. Ms. Herena joined American Express from BNY Mellon, where she served as the Chief Human Resources Officer and Senior Executive Vice President, Human Resources, Marketing and Communications since 2014.
RAYMOND JOABAR —
Group President, Global Merchant and Network Services
Mr. Joabar (56) has been Group President, Global Merchant and Network Services since April 2021. Prior thereto, he had been President, Global Risk and Compliance and Chief Risk Officer since September 2019. He also served as President of International Consumer Services and Global Travel and Lifestyle Services from February 2018 to September 2019 and as Executive Vice President, Global Servicing Network from February 2016 to February 2018.
ANNA MARRS —
Group President, Global Commercial Services and Credit & Fraud Risk
Ms. Marrs (48) has been Group President, Global Commercial Services and Credit & Fraud Risk since April 2021. Prior thereto, she had been President, Global Commercial Services since September 2018. Ms. Marrs joined American Express from Standard Chartered Bank, where she served as Regional CEO, ASEAN and South Asia since November 2016.
DAVID NIGRO —
Chief Risk Officer
Mr. Nigro (60) has been Chief Risk Officer since April 2021. Prior thereto, he had been Executive Vice President and Chief Credit Officer, Global Consumer Services and Credit and Fraud Risk Capability since April 2018 and Executive Vice President and Chief Credit Officer, U.S. Consumer Card Services since December 2013.
DENISE PICKETT —
President, Global Services Group
Ms. Pickett (56) has been President, Global Services Group since September 2019. Prior thereto, she had been Chief Risk Officer and President, Global Risk, Banking & Compliance since February 2018 and President, U.S. Consumer Services from October 2015 to February 2018.
RAVI RADHAKRISHNAN —
Chief Information Officer
Mr. Radhakrishnan (50) has been Chief Information Officer since January 2022. Mr. Radhakrishnan joined American Express from Wells Fargo & Company, where he served as Chief Information Officer for the Commercial Banking and Corporate & Investment Banking businesses since May 2020. Prior thereto, he had been Chief Information Officer, Wholesale, Wealth & Investment Management and Innovation from May 2019 to May 2020. He also served as Enterprise Chief Information Officer from March 2017 to May 2019 and as Chief Information Officer, Wholesale Banking from October 2015 to March 2017.
ELIZABETH RUTLEDGE —
Chief Marketing Officer
Ms. Rutledge (60) has been Chief Marketing Officer since February 2018. Prior thereto, she had been Executive Vice President, Global Advertising & Media since February 2016.
LAUREEN E. SEEGER —
Chief Legal Officer
Ms. Seeger (60) has been Chief Legal Officer since July 2014.
JENNIFER SKYLER —
Corporate Affairs Officer
Ms. Skyler (45) has been Corporate Affairs Officer since October 2019. Ms. Skyler joined American Express from WeWork, where she served as Chief Communications Officer from January 2018 to September 2019. Prior thereto, she had been Global Head of Public Affairs from January 2016 to January 2018.
STEPHEN J. SQUERI —
Chairman and Chief Executive Officer
Mr. Squeri (62) has been Chairman and Chief Executive Officer since February 2018. Prior thereto, he had been Vice Chairman since July 2015.
ANRÉ WILLIAMS —
Group President, Enterprise Services
Mr. Williams (56) has been Group President, Enterprise Services since April 2021. Prior thereto, he had been Group President, Global Merchant and Network Services since February 2018 and President of Global Merchant Services and Loyalty since October 2015. Mr. Williams also serves as the Chief Executive Officer of American Express National Bank.
We compete in the global payments industry with card networks, issuers and acquirers, paper-based transactions (e.g., cash and checks), bank transfer models (e.g., wire transfers and Automated Clearing House, or ACH), as well as evolving and growing alternative mechanisms, systems and products that leverage new technologies, business models and customer relationships to create payment or financing solutions. The payments industry continues to undergo dynamic changes in response to evolving technologies, consumer habits and merchant needs, some of which have accelerated as a result of the pandemic, such as an increased shift to e-commerce and demand for contactless payments.
As a card issuer, we compete with financial institutions that issue general-purpose credit and debit cards. We also encounter competition from businesses that issue private label cards, operate mobile wallets or extend credit. We face intense competition in the premium space and for cobrand relationships, as both card issuer and network competitors have targeted high-spending customers and key business partners with attractive value propositions. We also face competition for partners and other differentiated offerings, such as lounge space in U.S. and global hub airports.
Our global card network competes in the global payments industry with other card networks, including, among others, China UnionPay, Visa, Mastercard, JCB, Discover and Diners Club International (which is owned by Discover). We are the fourth largest general-purpose card network globally based on purchase volume, behind China UnionPay, Visa and Mastercard. In addition to such networks, a range of companies globally, including merchant acquirers, processors and web- and mobile-based payment platforms (e.g., Alipay, PayPal and Venmo), as well as regional payment networks (such as the National Payments Corporation of India), carry out some activities similar to those performed by our GMNS business.
The principal competitive factors that affect the card-issuing, merchant and network businesses include:
•The features, value and quality of the products and services, including customer care, rewards programs, partnerships, travel and lifestyle-related benefits, and digital and mobile services, as well as the costs associated with providing such features and services
•Reputation and brand recognition
•The number, spending characteristics and credit performance of customers
•The quantity, diversity and quality of the establishments where the cards can be used
•The attractiveness of the value proposition to card issuers, merchant acquirers, cardholders, corporate clients and merchants (including the relative cost of using or accepting the products and services, and capabilities such as fraud prevention and data analytics)
•The number and quality of other cards and other forms of payment and financing available to customers
•The success of marketing and promotional campaigns
•The speed of innovation and investment in systems, technologies, and product and service offerings
•The nature and quality of expense management tools, electronic payment methods and data capture and reporting capabilities, particularly for business customers
•The security of cardholder, merchant and network partner information
Another aspect of competition is the dynamic and rapid growth of alternative payment and financing mechanisms, systems and products, which include payment aggregators, digital payment and electronic wallet platforms, point-of-sale lenders and buy now, pay later products, real-time settlement and processing systems, financial technology companies, digital currencies developed by both central banks and the private sector, blockchain and similar distributed ledger technologies, prepaid systems and gift cards, and systems linked to customer accounts or that provide payment solutions. Various competitors are integrating more financial services into their product offerings and competitors are seeking to attain the benefits of closed-loop, loyalty and rewards functionalities, such as ours.
In addition to the discussion in this section, see “Our operating results may materially suffer because of substantial and increasingly intense competition worldwide in the payments industry” in “Risk Factors” for further discussion of the potential impact of competition on our business, and “Our business is subject to comprehensive government regulation and supervision, which could materially adversely affect our results of operations and financial condition” and “Legal proceedings regarding provisions in our merchant contracts, including non-discrimination and honor-all-cards provisions, could have a material adverse effect on our business and result in additional litigation and/or arbitrations, changes to our merchant agreements and/or business practices, substantial monetary damages and damage to our reputation and brand” in “Risk Factors” for a discussion of the potential impact on our ability to compete effectively due to government regulations or if ongoing legal proceedings limit our ability to prevent merchants from engaging in various actions to discriminate against our card products.
SUPERVISION AND REGULATION
We are subject to extensive government regulation and supervision in jurisdictions around the world, and the costs of compliance are substantial. The financial services industry is subject to rigorous scrutiny, high regulatory expectations, a range of regulations and a stringent and unpredictable enforcement environment.
Governmental authorities have focused, and we believe will continue to focus, considerable attention on reviewing compliance by financial services firms with laws and regulations, and as a result, we continually work to evolve and improve our risk management framework, governance structures, practices and procedures. Reviews by us and governmental authorities to assess compliance with laws and regulations, as well as our own internal reviews to assess compliance with internal policies, including errors or misconduct by colleagues or third parties or control failures, have resulted in, and are likely to continue to result in, changes to our products, practices and procedures, restitution to our customers and increased costs related to regulatory oversight, supervision and examination. We have also been subject to regulatory actions and may continue to be the subject of such actions, including governmental inquiries, investigations, enforcement proceedings and the imposition of fines or civil money penalties, in the event of noncompliance or alleged noncompliance with laws or regulations. External publicity concerning investigations can increase the scope and scale of those investigations and lead to further regulatory inquiries.
In addition, legislators and regulators in various countries in which we operate have focused on the offering of consumer financial products and the operation of payment networks, resulting in changes to certain practices or pricing of card issuers, merchant acquirers and payment networks, and, in some cases, the establishment of broad and ongoing regulatory oversight regimes.
See “Risk Factors—Legal, Regulatory and Compliance Risks” for a discussion of the potential impact legislative and regulatory changes may have on our results of operations and financial condition.
Federal and state banking laws, regulations and policies extensively regulate the Company (which, for purposes of this section, refers to American Express Company as a bank holding company), TRS and our U.S. bank subsidiary, American Express National Bank (AENB). Both the Company and TRS are subject to comprehensive consolidated supervision, regulation and examination by the Federal Reserve and AENB is supervised, regulated and examined by the Office of the Comptroller of the Currency (OCC). The Company and its subsidiaries are also subject to the rulemaking, enforcement and examination authority of the Consumer Financial Protection Bureau (CFPB). Banking regulators have broad examination and enforcement power, including the power to impose substantial fines, limit dividends and other capital distributions, restrict operations and acquisitions and require divestitures, any of which could compromise our competitive position. Many aspects of our business also are subject to rigorous regulation by other U.S. federal and state regulatory agencies and by non-U.S. government agencies and regulatory bodies.
The BHC Act generally limits bank holding companies to activities that are considered to be banking activities and certain closely related activities. As noted above, each of the Company and TRS is a bank holding company and each has elected to become a financial holding company, which is authorized to engage in a broader range of financial and related activities. In order to remain eligible for financial holding company status, we must meet certain eligibility requirements. Those requirements include that each of the Company and AENB must be “well capitalized” and “well managed,” and AENB must have received at least a “satisfactory” rating on its most recent assessment under the Community Reinvestment Act of 1977 (the CRA). The Company and TRS engage in various activities permissible only for financial holding companies, including, in particular, providing travel agency services, acting as a finder and engaging in certain insurance underwriting and agency services. If the Company fails to meet eligibility requirements for financial holding company status, it and its subsidiaries are likely to be barred from engaging in new types of financial activities or making certain types of acquisitions or investments in reliance on its status as a financial holding company, and ultimately could be required to either discontinue the broader range of activities permitted to financial holding companies or divest AENB. In addition, the Company and its subsidiaries are prohibited by law from engaging in practices that the relevant regulatory authority deems unsafe or unsound (which such authorities generally interpret broadly).
Acquisitions and Investments
Applicable federal and state laws place limitations on the ability of persons to invest in or acquire control of us without providing notice to or obtaining the approval of one or more of our regulators. In addition, we are subject to banking laws and regulations that limit our investments and acquisitions and, in some cases, subject them to the prior review and approval of our regulators, including the Federal Reserve and the OCC. Federal banking regulators have broad discretion in evaluating proposed acquisitions and investments that are subject to their prior review or approval.
Financial Regulatory Reform
The Company is subject to the U.S. federal bank regulatory agencies' rules that tailor the application of enhanced prudential standards to bank holding companies and depository institutions with $100 billion or more in total consolidated assets. Under these rules, each bank holding company, as well as its bank subsidiaries, is assigned to one of four categories based on its status as a U.S. global systemically important banking organization and five other risk-based indicators: (i) total assets, (ii) cross-jurisdictional activity, (iii) non-bank assets, (iv) off-balance sheet exposure, and (v) weighted short-term wholesale funding.
Under these rules, the Company (and its depository institution subsidiary, AENB) is subject to Category IV standards.
Because a firm’s categorization is determined by, and can change over time dependent upon, how the firm measures against the risk-based indicator thresholds, we are required to monitor and periodically report these risk-based indicators and there can be no assurance that the Company will continue to be a Category IV firm in the future.
Capital and Liquidity Regulation
The Company and AENB are required to comply with the applicable capital adequacy rules established by federal banking regulators. These rules are intended to ensure that bank holding companies and depository institutions (collectively, banking organizations) have adequate capital given their level of assets and off-balance sheet obligations. The federal banking regulators’ current capital rules (the Capital Rules) implement the Basel Committee on Banking Supervision’s (the Basel Committee) framework for strengthening international capital regulation, known as Basel III. For additional information regarding our capital ratios, see “Consolidated Capital Resources and Liquidity” under “MD&A.”
Under the Capital Rules, banking organizations are required to maintain minimum ratios for Common Equity Tier 1 (CET1 capital), Tier 1 capital (that is, CET1 capital plus additional Tier 1 capital) and Total capital (that is, Tier 1 capital plus Tier 2 capital) to risk-weighted assets. We report our capital adequacy ratios using risk-weighted assets calculated under the standardized approach. As a Category IV firm, we are not subject to the advanced approaches capital requirements.
In December 2017, the Basel Committee published standards that, among other things, revise the standardized approach for credit risk (including by recalibrating risk weights and introducing additional capital requirements for certain “unconditionally cancellable commitments” such as unused credit card lines of credit) and provide a new standardized calculation for operational risk capital requirements. If adopted in the United States as issued by the Basel Committee and applicable to us, the new standards are likely to result in higher capital requirements for us.
In December 2018, federal banking regulators issued a final rule that provides an optional three-year phase-in period for the adverse regulatory capital effects of adopting the Current Expected Credit Loss (CECL) methodology pursuant to new accounting guidance for the recognition of credit losses on certain financial instruments, which became effective January 1, 2020. In August 2020, federal banking regulators issued a final rule that provides an option to delay the estimated impact of the adoption of the CECL methodology on regulatory capital for up to two years, followed by the three-year phase-in period. We elected to adopt the two-year delay followed by the three-year phase-in period. Therefore, the Company began phasing in the cumulative amount that is not recognized in regulatory capital at 25 percent per year beginning January 1, 2022. See “Critical Accounting Estimates” under “MD&A” for additional information on CECL.
The Company and AENB must each maintain CET1 capital, Tier 1 capital and Total capital ratios of at least 4.5 percent, 6.0 percent and 8.0 percent, respectively. On top of these minimum capital ratios, the Company is subject to a dynamic stress capital buffer (SCB) composed entirely of CET1 capital with a floor of 2.5 percent and AENB is subject to a static 2.5 percent capital conservation buffer (CCB). The SCB equals (i) the difference between a bank holding company’s starting and minimum projected CET1 capital ratios under the supervisory severely adverse scenario under the Federal Reserve's stress tests described below, plus (ii) one year of planned common stock dividends as a percentage of risk-weighted assets.
On June 24, 2021, the Federal Reserve confirmed the SCB for the Company of 2.5 percent, which remained unchanged from the level announced in August 2020. As a result, the effective minimum ratios for the Company (taking into account the SCB requirement) and AENB (taking into account the CCB requirement) are 7.0 percent, 8.5 percent and 10.5 percent for the CET1 capital, Tier 1 capital and Total capital ratios, respectively. Banking organizations whose ratios of CET1 capital, Tier 1 capital or Total capital to risk-weighted assets are below these effective minimum ratios face constraints on discretionary distributions such as dividends, repurchases and redemptions of capital securities, and executive compensation. A bank holding company’s SCB requirement is generally effective on October 1 of each year and will remain in effect through September 30 of the following year unless it is reset in connection with resubmission of a capital plan, as discussed below.
We are also required to comply with minimum leverage ratio requirements. The leverage ratio is the ratio of a banking organization’s Tier 1 capital to its average total consolidated assets (as defined for regulatory purposes). All banking organizations are required to maintain a leverage ratio of at least 4.0 percent.
The Federal Reserve’s enhanced prudential standards rule includes heightened liquidity and overall risk management requirements. The rule requires the maintenance of a liquidity buffer, consisting of highly liquid assets, that is sufficient to meet projected net outflows for 30 days over a range of liquidity stress scenarios, and a minimum liquidity coverage ratio (LCR) that measures a firm’s high-quality liquid assets to its projected net outflows. Category IV firms with less than $50 billion in weighted short-term wholesale funding, such as the Company, are not subject to a specific LCR requirement.
A second standard provided for in the Basel III liquidity framework, referred to as the net stable funding ratio (NSFR), requires a minimum amount of longer-term funding based on the assets and activities of banking entities. Under the NSFR rule, Category IV firms with less than $50 billion in weighted short-term wholesale funding, such as the Company, are not subject to a specific NSFR requirement.
Stress Testing and Capital Planning
Under the Federal Reserve’s regulations, the Company is subject to supervisory stress testing requirements that are designed to evaluate whether a bank holding company has sufficient capital on a total consolidated basis to absorb losses and support operations under adverse economic conditions. As part of the Comprehensive Capital Analysis and Review (CCAR), the Federal Reserve uses pro-forma capital positions and ratios under such stress scenarios to determine the size of the SCB for each CCAR participating firm.
As a Category IV firm, the Company is required to participate in the supervisory stress tests every other year and is subject to the Federal Reserve’s supervisory stress tests in 2022. The Company is required to develop and submit to the Federal Reserve an annual capital plan on or before April 5 of each year.
For Category IV firms, such as the Company, the portion of the SCB based on the Federal Reserve's supervisory stress tests is calculated every other year. During a year in which a Category IV firm does not undergo a supervisory stress test, the firm receives an updated SCB that reflects the firm's updated planned common stock dividends. A Category IV firm can elect to participate in the supervisory stress test in an “off year” and consequently receive an updated SCB.
Due to the economic uncertainty related to the pandemic, the Federal Reserve prohibited share repurchases in the third and fourth quarters of 2020 for all bank holding companies participating in CCAR, but allowed them to pay common stock dividends provided (a) they did not increase the amount of the dividend and (b) the dividends did not exceed the average of a firm’s net income for the four preceding calendar quarters. During the first and second quarters of 2021, the Federal Reserve allowed bank holding companies participating in CCAR to repurchase common stock and pay common stock dividends provided (a) the repurchases and dividends, in the aggregate, did not exceed the average of a firm’s net income for the four preceding calendar quarters and (b) the firm did not increase the amount of its common stock dividends beyond the level paid in the second quarter of 2020. The Federal Reserve also permitted stock repurchases equal to the amount of share issuances related to expensed employee compensation. These capital distribution restrictions ceased to apply on July 1, 2021. For additional information regarding our capital distributions, see “Consolidated Capital Resources and Liquidity” under “MD&A.”
We may be required to revise and resubmit our capital plan following certain events or developments, such as a significant acquisition or an event that could result in a material change in our risk profile or financial condition. If we are required to resubmit our capital plan, we must receive prior approval from the Federal Reserve for any capital distributions (including common stock dividend payments and share repurchases), other than a capital distribution on a newly issued capital instrument.
Dividends and Other Capital Distributions
The Company and TRS, as well as AENB and the Company’s insurance and other regulated subsidiaries, are limited in their ability to pay dividends by statutes, regulations and supervisory policy.
Common stock dividend payments and share repurchases by the Company are subject to the oversight of the Federal Reserve, as described above. The Company will be subject to limitations and restrictions on capital distributions if, among other things, (i) the Company's regulatory capital ratios do not satisfy applicable minimum requirements and buffers or (ii) the Company is required to resubmit its capital plan.
In general, federal laws and regulations prohibit, without first obtaining the OCC’s approval, AENB from making dividend distributions to TRS, if such distributions are not paid out of available recent earnings or would cause AENB to fail to meet capital adequacy standards. In addition to specific limitations on the dividends AENB can pay to TRS, federal banking regulators have authority to prohibit or limit the payment of a dividend if, in the banking regulator’s opinion, payment of a dividend would constitute an unsafe or unsound practice in light of the financial condition of the institution.
Prompt Corrective Action
The Federal Deposit Insurance Act (FDIA) requires, among other things, that federal banking regulators take prompt corrective action in respect of depository institutions insured by the FDIC (such as AENB) that do not meet minimum capital requirements. The FDIA establishes five capital categories for FDIC-insured banks: well capitalized, adequately capitalized, undercapitalized, significantly undercapitalized and critically undercapitalized. The FDIA imposes progressively more restrictive constraints on operations, management and capital distributions, depending on the capital category in which an institution is classified. In order to be considered “well capitalized,” AENB must maintain CET1 capital, Tier 1 capital, Total capital and Tier 1 leverage ratios of 6.5 percent, 8.0 percent, 10.0 percent and 5.0 percent, respectively.
Under the FDIA, AENB could be prohibited from accepting brokered deposits (i.e., deposits raised through third-party brokerage networks) or offering interest rates on any deposits significantly higher than the prevailing rate in its normal market area or nationally (depending upon where the deposits are solicited), unless (1) it is well capitalized or (2) it is adequately capitalized and receives a waiver from the FDIC. A portion of our outstanding U.S. retail deposits are considered brokered deposits for bank regulatory purposes. If a federal regulator determines that we are in an unsafe or unsound condition or that we are engaging in unsafe or unsound banking practices, the regulator may reclassify our capital category or otherwise place restrictions on our ability to accept or solicit brokered deposits.
In December 2020, the FDIC issued a final rule intended to update and modernize the FDIC’s brokered deposit regulations. Effective April 1, 2021, the final rule, among other things, expanded the definition of “deposit broker” and updated the interest rate restrictions for less than well capitalized banks.
Certain bank holding companies are required to submit resolution plans to the Federal Reserve and FDIC providing for the company’s strategy for rapid and orderly resolution in the event of its material financial distress or failure. However, Category IV firms, such as the Company, are not required to submit a holding company resolution plan.
AENB continues to be required to prepare and provide a separate resolution plan to the FDIC that would enable the FDIC, as receiver, to effectively resolve AENB under the FDIA in the event of failure. The FDIC issued an Advance Notice of Proposed Rulemaking on potential revisions to this separate resolution plan requirement for insured depository institutions in April 2019 and temporarily suspended resolution planning requirements for insured depository institutions. In January 2021, the FDIC lifted the moratorium on resolution plan submissions for insured depository institutions with $100 billion or more in assets, including AENB.
On June 25, 2021, the FDIC released a statement outlining a modified approach to implementing the FDIC’s rule requiring insured depository institutions with $100 billion or more in total assets to submit resolution plans. Among other things, the modified approach (i) extends the resolution plan’s submission frequency to a three-year cycle; (ii) lays out new details regarding the FDIC’s emphasis on engagement with firms; and (iii) exempts filers from other content requirements that the FDIC has determined have been less useful or are obtainable through other supervisory channels.
Orderly Liquidation Authority
The Company could become subject to the Orderly Liquidation Authority (OLA), a resolution regime under which the Treasury Secretary may appoint the FDIC as receiver to liquidate a systemically important financial institution, if the Company is in danger of default and is determined to present a systemic risk to U.S. financial stability. As under the FDIC resolution model, under the OLA, the FDIC has broad power as receiver. Substantial differences exist, however, between the OLA and the FDIC resolution model for depository institutions, including the right of the FDIC under the OLA to disregard the strict priority of creditor claims in limited circumstances, the use of an administrative claims procedure to determine creditor claims (as opposed to the judicial procedure used in bankruptcy proceedings), and the right of the FDIC to transfer claims to a “bridge” entity.
The FDIC has developed a strategy under OLA, referred to as the “single point of entry” or “SPOE” strategy, under which the FDIC would resolve a failed financial holding company by transferring its assets (including shares of its operating subsidiaries) and, potentially, very limited liabilities to a “bridge” holding company; utilize the resources of the failed financial holding company to recapitalize the operating subsidiaries; and satisfy the claims of unsecured creditors of the failed financial holding company and other claimants in the receivership by delivering securities of one or more new financial companies that would emerge from the bridge holding company. Under this strategy, management of the failed financial holding company would be replaced and its shareholders and creditors would bear the losses resulting from the failure.
FDIC Powers upon Insolvency of AENB
If the FDIC is appointed the conservator or receiver of AENB, the FDIC has the power: (1) to transfer any of AENB’s assets and liabilities to a new obligor without the approval of AENB’s creditors; (2) to enforce the terms of AENB’s contracts pursuant to their terms; or (3) to repudiate or disaffirm any contract or lease to which AENB is a party, the performance of which is determined by the FDIC to be burdensome and the disaffirmation or repudiation of which is determined by the FDIC to promote the orderly administration of AENB. In addition, the claims of holders of U.S. deposit liabilities and certain claims for administrative expenses of the FDIC against AENB would be afforded priority over other general unsecured claims against AENB, including claims of debt holders and depositors in non-U.S. offices, in the liquidation or other resolution of AENB. As a result, whether or not the FDIC ever sought to repudiate any debt obligations of AENB, the debt holders and depositors in non-U.S. offices would be treated differently from, and could receive substantially less, if anything, than the depositors in the U.S. offices of AENB.
Other Banking Regulations
Source of Strength
The Company is required to act as a source of financial and managerial strength to its U.S. bank subsidiary, AENB, and may be required to commit capital and financial resources to support AENB. Such support may be required at times when, absent this requirement, the Company otherwise might determine not to provide it. Capital loans by the Company to AENB are subordinate in right of payment to deposits and to certain other indebtedness of AENB. In the event of the Company’s bankruptcy, any commitment by the Company to a federal banking regulator to maintain the capital of AENB will be assumed by the bankruptcy trustee and entitled to a priority of payment.
Transactions Between AENB and its Affiliates
Certain transactions (including loans and credit extensions from AENB) between AENB and its affiliates (including the Company, TRS and their other subsidiaries) are subject to quantitative and qualitative limitations, collateral requirements and other restrictions imposed by statute and regulation. Transactions subject to these restrictions are generally required to be made on an arm’s-length basis.
FDIC Deposit Insurance and Insurance Assessments
AENB accepts deposits that are insured by the FDIC up to the applicable limits. Under the FDIA, the FDIC may terminate the insurance of an institution’s deposits upon a finding that the institution has engaged in unsafe or unsound practices; is in an unsafe or unsound condition to continue operations; or has violated any applicable law, regulation, rule, order or condition imposed by the FDIC. We do not know of any practice, condition or violation that would lead to termination of deposit insurance at AENB. The FDIC’s deposit insurance fund is funded by assessments on insured depository institutions, including AENB, which are subject to adjustment by the FDIC.
Community Reinvestment Act
AENB is subject to the CRA, which imposes affirmative, ongoing obligations on depository institutions to meet the credit needs of their local communities, including low- and moderate-income neighborhoods, consistent with the safe and sound operation of the institution. In May 2020, the OCC issued a final rule intended to (i) clarify which activities qualify for CRA credit; (ii) update where activities count for CRA credit; and (iii) change the methods for CRA measurement, data collection, recordkeeping and reporting for national banks and federal savings associations. Effective January 1, 2022, that final rule was rescinded and replaced with a rule based on the rules adopted jointly by the federal banking agencies in 1995, as amended. This action was intended to promote consistency for all insured depository institutions while the agencies continue their ongoing work to modernize the CRA framework on an interagency basis.
Climate Risk Management
The U.S. banking agencies steadily increased their focus on climate risk-related supervision during 2021 and are expected to expand and formalize that focus in 2022. For example, on October 21, 2021, the Financial Stability Oversight Council (FSOC) issued its Report on Climate-Related Financial Risk, which contains 35 recommendations for FSOC’s member agencies and serves as a framework for next steps. In addition, on December 16, 2021, the OCC issued for public comment a set of proposed “Principles for Climate-Related Financial Risk Management for Large Banks.” The principles would apply to OCC-regulated institutions with more than $100 billion in total consolidated assets, like AENB, and are broadly designed to provide a high-level framework for the safe and sound management of exposures to climate-related financial risks consistent with existing OCC rules and guidance. The principles outline six key aspects of climate-related financial risk management: governance; policies, procedures and limits; strategic planning; risk management; data, risk measurement and reporting; and scenario analysis. In addition, the principles offer risk assessment guidance for incorporating climate-related financial risks in various traditional risk categories. It is too early to determine what regulations and policies may be adopted or apply to the Company and AENB and the effect of any such regulations or policies on the Company and AENB.
Consumer Financial Products Regulation
In the United States, our marketing, sale and servicing of consumer financial products and our compliance with certain federal consumer financial laws are supervised and examined by the CFPB, which has broad rulemaking and enforcement authority over providers of credit, savings and payment services and products, and authority to prevent “unfair, deceptive or abusive” acts or practices. The CFPB has the authority to write regulations under federal consumer financial protection laws, to enforce those laws and to examine for compliance. It is also authorized to collect fines and require consumer restitution in the event of violations, engage in consumer financial education, track consumer complaints, request data and promote the availability of financial services to underserved consumers and communities. In addition, a number of U.S. states have significant consumer credit protection, disclosure and other laws (in certain cases more stringent than U.S. federal laws). U.S. federal law also regulates abusive debt collection practices, which, along with bankruptcy and debtor relief laws, can affect our ability to collect amounts owed to us or subject us to regulatory scrutiny.
On November 30, 2021, the CFPB’s final rule that sets forth additional requirements for third-party debt collection agencies, which we use in the ordinary course of business, became effective. See “We are exposed to credit risk and trends that affect Card Member spending and the ability of customers and partners to pay us, which could have a material adverse effect on our results of operations and financial condition” under “Risk Factors” for potential impacts related to legal and regulatory changes on our ability to collect amounts owed to us.
We are also regulated in the United States under the “money transmitter” or “sale of check” laws in effect in most states. In addition, we are required by the laws of many states to comply with unclaimed and abandoned property laws, under which we must pay to states the face amount of any Travelers Cheque or prepaid card that is uncashed or unredeemed after a period of time depending on the type of product. Additionally, we are regulated under insurance laws in the United States and other countries where we offer insurance services.
In countries outside the United States, regulators continue to focus on a number of key areas impacting our card-issuing businesses, particularly consumer protection (such as in the European Union (EU), the United Kingdom and Canada) and responsible lending (such as in Australia, Mexico, New Zealand and Singapore), with increasing importance on and attention to customers and outcomes rather than just ensuring compliance with local rules and regulations. Regulators’ expectations of firms in relation to their compliance, risk and control frameworks continue to increase and regulators are placing significant emphasis on a firm’s systems and controls relating to the identification and resolution of issues.
Legislators and regulators in various countries in which we operate have focused on the operation of card networks, including through enforcement actions, legislation and regulations to change certain practices or pricing of card issuers, merchant acquirers and payment networks, and, in some cases, to establish broad and ongoing regulatory oversight regimes for payment systems.
The EU, Australia, Canada and other jurisdictions have focused on interchange fees (that is, the fee paid by the bankcard merchant acquirer to the card issuer in payment networks like Visa and Mastercard), as well as the rules, contract terms and practices governing merchant card acceptance. Regulation and other governmental actions relating to pricing or practices could affect all networks directly or indirectly, as well as adversely impact consumers and merchants. Among other things, regulation of bankcard fees has negatively impacted and may continue to negatively impact the discount revenue we earn, including as a result of downward pressure on our discount rate from decreases in competitor pricing in connection with caps on interchange fees. In some cases, regulations also extend to certain aspects of our business, such as network and cobrand arrangements or the terms of card acceptance for merchants, and we have exited our network businesses in the EU and Australia as a result of regulation in those jurisdictions, for example. There is uncertainty as to when or how interchange fee caps and other provisions of the EU and UK payments legislation might apply when we work with cobrand partners and agents in the EU and the UK. Given differing interpretations by regulators and participants in cobrand arrangements, we are subject to regulatory action, penalties and the possibility we will not be able to maintain our existing cobrand and agent relationships in the EU or the UK.
In various countries, such as certain Member States in the EU and Australia, merchants are permitted by law to surcharge card purchases. In addition, the laws of a number of states in the United States that prohibit surcharging have been overturned and certain states have passed or are considering laws to permit surcharging by merchants. Surcharging is an adverse customer experience and could have a material adverse effect on us, particularly where it only or disproportionately impacts credit card usage or card usage generally, our Card Members or our business. In addition, other steering or differential acceptance practices that are permitted by regulation in some jurisdictions could also have a material adverse effect on us. See “Surcharging or steering by merchants could materially adversely affect our business and results of operations” under “Risk Factors.”
In some countries, governments have established regulatory regimes that require international card networks to be locally licensed and/or to localize aspects of their operations. For example, the Reserve Bank of India, which has broad power under the Payment and Settlement Systems Act, 2007 to regulate the membership and operations of card networks, has issued a mandate requiring payment systems operators in India to store certain payments data locally. On April 23, 2021, the Reserve Bank of India imposed restrictions on the ability of American Express Banking Corp. to engage in certain card issuing activities in India from May 1, 2021 until it complies with a regulation requiring storage of payment transaction data exclusively in India. This order does not impact existing customers. We are working towards complying with the regulation. Governments in some countries also provide resources or protection to select domestic payment card networks. The development and enforcement of these and other similar laws, regulations and policies may adversely affect our ability to compete effectively and maintain and extend our global network.
Privacy, Data Protection, Data Governance, Information and Cyber Security
Regulatory and legislative activity in the areas of privacy, data protection, data governance and information and cyber security continues to increase worldwide. We have established and continue to maintain policies and a governance framework to comply with applicable privacy, data protection, data governance and information and cyber security laws and requirements, meet evolving customer and industry expectations and support and enable business innovation and growth.
Our regulators are increasingly focused on ensuring that our privacy, data protection, data governance and information and cyber security-related policies and practices are adequate to inform customers of our data collection, use, sharing and/or security practices, to provide them with choices, if required, about how we use and share their information, and to appropriately safeguard their personal information and account access. Regulators are also focused on data management, data governance and our third-party risk management policies and practices.
In the United States, certain of our businesses are subject to the privacy, disclosure and safeguarding provisions of the Gramm-Leach-Bliley Act (GLBA) and its implementing regulations and guidance. Among other things, GLBA imposes certain limitations on our ability to share consumers’ nonpublic personal information with nonaffiliated third parties and requires us to develop, implement and maintain a written comprehensive information security program containing safeguards that are appropriate to the size and complexity of our business, the nature and scope of our activities and the sensitivity of customer information that we process. More recently, we have expanded privacy rights to California residents who are not covered by GLBA, pursuant to the California Consumer Privacy Act and the California Privacy Rights Act. Various regulators, U.S. states and territories are considering similar requirements or have adopted laws, rules and regulations pertaining to privacy and/or information and cyber security that may be more stringent and/or expansive than federal requirements.
We are also subject to certain privacy, data protection, data governance and information and cyber security laws in other countries in which we operate (including countries in the EU, Australia, Canada, China, Japan, Hong Kong, India, Mexico, Singapore and the United Kingdom), some of which are more stringent and/or expansive than those in the United States and some of which may conflict with each other. Some countries and the EU have instituted or are considering instituting requirements that make it onerous to transfer personal data to other jurisdictions. Other countries may require in-country data processing and/or in-country storage of data. Compliance with such laws results in higher technology, administrative and other costs for us, could limit our ability to optimize the use of our closed-loop data, and could require use of local technology services. Some of these laws also require us to provide foreign governments and other third parties broader access to our data and intellectual property. Data breach and operational outage notification laws or regulatory activities to encourage such notifications and regulatory activity and laws around resiliency, business continuity and third-party risk management are also becoming more prevalent in jurisdictions outside the United States in which we operate.
In Europe, the EU General Data Protection Regulation (GDPR) imposes legal and compliance obligations on companies that process personal data of individuals in the EU, irrespective of the geographical location of the company, with the potential for significant fines for non-compliance (up to 4 percent of total annual worldwide revenue). The GDPR includes, among other things, a requirement for prompt notice of data breaches, in certain circumstances, to affected individuals and supervisory authorities. The UK GDPR, which became effective in January 2021, mirrors the compliance requirements and fine structure of the GDPR.
Anti-Money Laundering, Sanctions and Anti-Corruption Compliance
We are subject to significant supervision and regulation, and an increasingly stringent enforcement environment, with respect to compliance with anti-money laundering (AML), sanctions and anti-corruption laws and regulations in the United States and in other jurisdictions in which we operate. Failure to maintain and implement adequate programs and policies and procedures for AML, sanctions and anti-corruption compliance could have material financial, legal and reputational consequences.
We are subject to a significant number of AML laws and regulations as a result of being a financial company headquartered in the United States, as well as having a global presence. In the United States, the majority of AML requirements are derived from the Currency and Foreign Transactions Reporting Act and the accompanying regulations issued by the U.S. Department of the Treasury (collectively referred to as the Bank Secrecy Act), as amended by the USA PATRIOT Act of 2001 (the Patriot Act). The Anti-Money Laundering Act of 2020 (the AMLA), enacted in January 2021, amended the Bank Secrecy Act and is intended to comprehensively reform and modernize U.S. AML laws. Many of the statutory provisions in the AMLA will require additional rulemakings, reports and other measures, the effects of which are not known at this time. In Europe, AML requirements are largely the result of countries transposing the 5th and 6th EU Anti-Money Laundering Directives (and preceding EU Anti-Money Laundering Directives) into local laws and regulations. Numerous other countries, such as Argentina, Australia, Canada, India, Mexico, New Zealand and Russia, have also enacted or proposed new or enhanced AML legislation and regulations applicable to American Express.
Among other things, these laws and regulations require us to establish AML programs that meet certain standards, including, in some instances, expanded reporting, particularly in the area of suspicious transactions, and enhanced information gathering and recordkeeping requirements. Our AML programs have become the subject of heightened scrutiny in some countries, including certain Member States in the EU. Any errors, failures or delays in complying with AML and counter-terrorist financing laws, perceived deficiencies in our AML programs or association of our business with money laundering, terrorist financing, tax fraud or other illicit activity can give rise to significant supervisory, criminal and civil proceedings and lawsuits, which could result in significant penalties and forfeiture of assets, loss of licenses or restrictions on business activities, or other enforcement actions.
Office of Foreign Assets Control Regulation
The United States has imposed economic sanctions that affect transactions with designated foreign countries, nationals and others. The United States prohibits U.S. persons from engaging with individuals and entities identified as “Specially Designated Nationals,” such as terrorists and narcotics traffickers. These prohibitions are administered by the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) and are typically known as the OFAC rules. The OFAC rules prohibit U.S. persons from engaging in financial transactions with or relating to the prohibited individual, entity or country, require the blocking of assets in which the individual, entity or country has an interest, and prohibit transfers of property subject to U.S. jurisdiction (including property in the possession or control of U.S. persons) to such individual, entity or country. Blocked assets (e.g., property or bank deposits) cannot be paid out, withdrawn, set off or transferred in any manner without a license from OFAC. We maintain a global sanctions program designed to ensure compliance with OFAC requirements. Failure to comply with such requirements could subject us to serious legal and reputational consequences, including criminal penalties.
We are subject to complex international and U.S. anti-corruption laws and regulations, including the U.S. Foreign Corrupt Practices Act (the FCPA), the UK Bribery Act and other laws that prohibit the making or offering of improper payments. The FCPA makes it illegal to corruptly offer or provide anything of value to foreign government officials, political parties or political party officials for the purpose of obtaining or retaining business or an improper advantage. The FCPA also requires us to strictly comply with certain accounting and internal controls standards. The UK Bribery Act also prohibits commercial bribery and the receipt of a bribe, and makes it a corporate offense to fail to prevent bribery by an associated person, in addition to prohibiting improper payments to foreign government officials. Failure of the Company, our subsidiaries, colleagues, contractors or agents to comply with the FCPA, the UK Bribery Act and other similar laws can expose us and/or individual colleagues to investigation, prosecution and potentially severe criminal and civil penalties.
Our compensation practices are subject to oversight by the Federal Reserve and the OCC. The federal banking regulators’ guidance on sound incentive compensation practices sets forth three key principles for incentive compensation arrangements that are designed to help ensure that incentive compensation plans do not encourage imprudent risk-taking and are consistent with the safety and soundness of banking organizations. The three principles provide that a banking organization’s incentive compensation arrangements should (1) provide incentives that appropriately balance risk and financial results in a manner that does not encourage employees to expose their organizations to imprudent risks, (2) be compatible with effective internal controls and risk management, and (3) be supported by strong corporate governance, including active and effective oversight by the organization’s board of directors. Any deficiencies in our compensation practices that are identified by the banking regulators in connection with their review of our compensation practices may be incorporated into our supervisory ratings, which can affect our ability to make acquisitions or perform other actions. Enforcement actions may be taken against us if our incentive compensation arrangements or related risk-management control or governance processes are determined to pose a risk to our safety and soundness, and we have not taken prompt and effective measures to correct the deficiencies.
In May 2016, the federal banking regulators, the Securities and Exchange Commission (SEC), the Federal Housing Finance Agency and the National Credit Union Administration re-proposed a rule, originally proposed in 2011, on incentive-based compensation practices. The re-proposed rule would apply deferral, downward adjustment and forfeiture, and clawback requirements to incentive-based compensation arrangements granted to senior executive officers and significant risk-takers of covered institutions, with specific requirements varying based on the asset size of the covered institution and the category of employee. If these or other regulations are adopted in a form similar to what has been proposed, they will impose limitations on the manner in which we may structure compensation for our colleagues, which could adversely affect our ability to hire, retain and motivate key colleagues.
We maintain an Investor Relations website at http://ir.americanexpress.com. We make available free of charge, on or through this website, our annual, quarterly and current reports and any amendments to those reports as soon as reasonably practicable following the time they are electronically filed with or furnished to the SEC.
In addition, we routinely post financial and other information, some of which could be material to investors, on our Investor Relations website. Information regarding our corporate responsibility and sustainability initiatives, including our Environmental, Social and Governance reports, are available on our Corporate Responsibility website at http://about.americanexpress.com/corporate-responsibility.
The content of any of our websites referred to in this report is not incorporated by reference into this report or any other report filed with or furnished to the SEC. We have included such website addresses only as inactive textual references and do not intend them to be active links.
You can find certain statistical disclosures required of bank holding companies starting on page A-1, which are incorporated herein by reference.
Our business as a whole has not experienced significant seasonal fluctuations, although network volumes tend to be moderately higher in the fourth quarter than in other quarters. As a result, the amount of Card Member loans and receivables outstanding tend to be moderately higher during that quarter. The average discount rate also tends to be slightly lower during the fourth quarter due to a higher level of retail-related billed business.
ITEM 1A. RISK FACTORS
This section highlights certain risks that could affect us and our businesses, broadly categorized as “Strategic, Business and Competitive Risks,” “Legal, Regulatory and Compliance Risks” and “Credit, Liquidity and Market Risks.” You should carefully consider each of the following risks and all of the other information set forth in this Annual Report on Form 10-K, including the “Risk Management” section under “MD&A,” which describes our approach to identifying, monitoring and managing the risks we assume in conducting our businesses and provides certain quantitative and qualitative disclosures about market risks. The risks and uncertainties we face are not limited to those described below. Additional risks and uncertainties not presently known to us or that we currently believe to be immaterial may also adversely affect our business.
Strategic, Business and Competitive Risks
Business and economic conditions are a major driver of our results of operations and difficult conditions in the business and economic environment, including as a result of the COVID-19 pandemic, have had a material adverse effect on our business.
We offer a broad array of products and services to consumers, small businesses and commercial clients and thus are very dependent upon the level of consumer and business activity and the demand for payment and financing products. Slow economic growth, economic contraction or shifts in broader consumer and business trends significantly impact customer behaviors, including spending on our cards, the ability and willingness of Card Members to borrow and pay amounts owed to us, and demand for fee-based products and services. Factors such as consumer spending and confidence, household income and housing prices, unemployment rates, business investment and inventory levels, bankruptcies, geopolitical instability, public policy decisions, government spending, international trade relationships, interest rates, taxes, energy costs, availability of capital and credit, inflation and deflation all affect the economic environment and, ultimately, our profitability. Such factors may also cause our earnings, billings, loan balances, credit metrics and margins to fluctuate and diverge from expectations of analysts and investors, who may have differing assumptions regarding their impact on our business, adversely affecting, and/or increasing the volatility of, the trading price of our common shares. The consequences of negative circumstances impacting us or the economic environment generally can be sudden and severe and can impact customer types and geographies in which we operate in very different ways.
The COVID-19 pandemic has had widespread, rapidly evolving and unpredictable impacts on global society, economies, financial markets and consumer and business spending. The pandemic and resulting containment measures adversely impacted a significant portion of our network volumes (including, but not limited to, travel and entertainment (T&E) spending) and spending in certain categories have still not recovered to pre-pandemic levels. For example, airline-related billed business was down 62 percent in 2021 relative to 2019 and spending by large and global corporate customers was down 45 percent relative to 2019. The global macroeconomic outlook continues to remain uncertain due to a variety of factors, including the Omicron variant, labor shortages, supply chain disruptions and inflation, and the impacts of the COVID-19 pandemic may continue even after the outbreak has subsided and containment measures are lifted, all of which may continue to exacerbate many of the other risks described in this “Risk Factors” section.
The extent to which our business and results of operations could be adversely affected by the continuing impacts of the pandemic will depend on numerous evolving factors and future developments that we are not able to predict, including the continued spread and severity of the virus and new variants; the imposition or concern of the possible imposition of further containment measures; the availability, distribution and use of effective treatments and vaccines; the extent to which vaccines are effective over the long term and against new, emerging variants; the extent and duration of the effect on the economy, inflation, consumer confidence and consumer and business spending; the impact on consumers and businesses as forbearance and government support programs end; the continued stress on businesses due to shutdowns, operational changes and staffing issues; and how quickly and to what extent normal operating conditions and customer behaviors resume, such as with respect to travel, dining and in-person events.
Our business is subject to the effects of geopolitical conditions, weather, natural disasters and other catastrophic events.
Geopolitical conditions, terrorist attacks, natural disasters, severe weather, widespread health emergencies or pandemics, information or cyber security incidents (including intrusion into or degradation of systems or technology by cyberattacks) and other catastrophic events can have a material adverse effect on our business. Political and social conditions, fiscal and monetary policies, trade wars and tariffs, labor shortages, prolonged or recurring government shutdowns, regional or domestic hostilities, economic sanctions and the prospect or occurrence of more widespread conflicts could also negatively affect our business, operations and partners, consumer and business spending, including travel patterns and business investment, and demand for credit.
As noted above, the COVID-19 pandemic has had, and may continue to have, a material adverse impact on our business and results of operations. Because of our proximity to the World Trade Center site, our headquarters were damaged as a result of the terrorist attacks of September 11, 2001. Recent hurricanes and other natural disasters have impacted spending and credit performance in the areas affected. Other disasters or catastrophic events in the future, and the impact of such events on certain industries or the overall economy, could have a negative effect on our business, results of operations and infrastructure,
including our technology and systems. Climate change may exacerbate certain of these threats, including the frequency and severity of weather-related events. Card Members in California, New York, Florida, Texas and Georgia account for a significant portion of U.S. Consumer billed business and Card Members loans, and our results of operations could be impacted by events or conditions that disproportionately or specifically affect one or more of those states.
Because we derive a portion of our revenues from travel-related spending, our business is sensitive to safety concerns related to travel and tourism, limitations on travel and mobility, and health-related risks, including travel restrictions and bans as a result of the COVID-19 pandemic, concerns that additional containment measures may be imposed on short notice and changes in customer behaviors that may continue even after the outbreak has subsided and containment measures are lifted, such as decisions to delay or forgo business or personal travel. In addition, disruptions in air travel and other forms of travel can result in the payment of claims under travel interruption insurance policies we offer.
Our operating results may materially suffer because of substantial and increasingly intense competition worldwide in the payments industry.
The payments industry is highly competitive, and we compete with card networks, issuers and acquirers, paper-based transactions (e.g., cash and checks), bank transfer models (e.g., wire transfers and ACH), as well as evolving and growing alternative payment and financing providers. If we are not able to differentiate ourselves from our competitors, develop compelling value propositions for our customers and/or effectively grow in areas such as mobile and online payments and emerging technologies, we may not be able to compete effectively.
We believe Visa and Mastercard are larger than we are in most countries based on purchase volume. As a result, card issuers and acquirers on the Visa and Mastercard networks may be able to benefit from the dominant position, scale, resources, marketing and pricing of those networks. Our business may also be negatively affected if we are unable to continue increasing merchant acceptance (including by merchants that accept cards on the Visa and Mastercard networks) and perceptions of coverage, or if our Card Members do not experience welcome acceptance of our cards.
Some of our competitors have developed, or may develop, substantially greater financial and other resources than we have and may offer richer value propositions or a wider range of programs and services than we offer or may use more effective strategies to acquire and retain more customers, capture a greater share of spending and borrowings, develop more attractive cobrand card and other partner programs and maintain greater merchant acceptance than we have. We may not be able to compete effectively against these threats or respond or adapt to changes in consumer spending and borrowing habits as effectively as our competitors. Costs such as Card Member rewards and Card Member services expenses could continue to increase as we evolve our value propositions, including in response to increased competition.
Spending on our cards could continue to be impacted by increasing consumer usage of credit and debit cards issued on other networks, as well as adoption of alternative payment mechanisms, systems and products. The fragmentation of customer spending to take advantage of different merchant or card incentives or for convenience with technological solutions may continue to increase. Revolving credit balances on our cards could also be impacted by alternative financing providers, such as point-of-sale lenders and buy now, pay later products. To the extent other payment and financing mechanisms, systems and products continue to successfully expand, our discount revenues earned from Card Member spending and our net interest income earned from Card Member borrowing could be negatively impacted. In addition, companies that control access to consumer and merchant payment method choices at the point of sale or through digital wallets, commerce-related experiences, mobile applications or other technologies could choose not to accept, suppress use of, or degrade the experience of using our products or could restrict our access to our customers and transaction data. Such companies could also require payments from us to participate in such digital wallets, experiences or applications or negotiate incentives or pricing concessions, impacting our profitability on transactions.
The competitive value of our closed-loop data may also be diminished as traditional and non-traditional competitors use other, new data sources and technologies to derive similar insights. Certain regulations, such as open banking initiatives, could also diminish the value of our closed-loop data or the demand for our products and services by disintermediating existing financial services providers.
To the extent we expand into new business areas and new geographic regions, such as mainland China, we will face competitors with more experience and more established relationships with relevant customers, regulators and industry participants, which could adversely affect our ability to compete. Laws and business practices that favor local competitors, require card transactions to be routed over domestic networks or prohibit or limit foreign ownership of certain businesses could limit our growth in international regions. We may face additional compliance and regulatory risks to the extent that we expand into new business areas, and we may need to dedicate more expense, time and resources to comply with regulatory requirements than our competitors, particularly those that are not regulated financial institutions.
Many of our competitors are subject to different, and in some cases, less stringent, legislative and regulatory regimes, and some may have lower cost structures and more agile business models and systems. More restrictive laws and regulations that do not apply to all of our competitors can put us at a disadvantage, including prohibiting us from engaging in certain transactions, regulating our business practices or adversely affecting our cost structure.
We face intense competition for partner relationships, which could result in a loss or renegotiation of these arrangements that could have a material adverse impact on our business and results of operations.
In the ordinary course of our business we enter into different types of contractual arrangements with business partners in a variety of industries. For example, we have partnered with Delta, Marriott, Hilton and British Airways, as well as many others globally, to offer cobranded cards for consumers and small businesses, and through our Membership Rewards program we have partnered with businesses in many industries, including Delta and others in the airline industry, to offer benefits to Card Member participants. See “Partners and Relationships” under “Business” for additional information on our business partnerships, including with Delta.
Competition for relationships with key business partners is very intense and there can be no assurance we will be able to grow or maintain these partner relationships or that they will remain as profitable or valued by our customers. Establishing and retaining attractive cobrand card partnerships is particularly competitive among card issuers and networks as these partnerships typically appeal to high-spending loyal customers. All of our cobrand portfolios in the aggregate accounted for approximately 19 percent of our worldwide network volumes for the year ended December 31, 2021. Card Member loans related to our cobrand portfolios accounted for approximately 40 percent of our worldwide Card Member loans as of December 31, 2021.
Cobrand arrangements are entered into for a fixed period, generally ranging from five to ten years, and will terminate in accordance with their terms, including at the end of the fixed period unless extended or renewed at the option of the parties, or upon early termination as a result of an event of default or otherwise. We face the risk that we could lose partner relationships, even after we have invested significant resources in the relationships. We may also choose to not renew certain cobrand relationships. Network volumes could decline and Card Member attrition could increase, in each case, significantly as a result of the termination of one or more cobrand partnership relationships. In addition, some of our cobrand arrangements provide that, upon expiration or termination, the cobrand partner may purchase or designate a third party to purchase the loans generated with respect to its program, which could result in the loss of the card accounts and a significant decline in our Card Member loans outstanding.
We regularly seek to extend or renew cobrand arrangements in advance of the end of the contract term and face the risk that existing relationships will be renegotiated with less favorable terms for us or that we may be unable to renegotiate on terms that are acceptable to us, as competition for such relationships continues to increase. We make payments to our cobrand partners, which can be significant, based primarily on the amount of Card Member spending and corresponding rewards earned on such spending and, under certain arrangements, on the number of accounts acquired and retained. The amount we pay to our cobrand partners has increased, particularly in the United States, and may continue to increase as arrangements are renegotiated due to increasingly intense competition for cobrand partners among card issuers and networks.
The loss of exclusivity arrangements with business partners, the loss of the partner relationship altogether (whether by non-renewal at the end of the contract period, such as the end of our relationship with Costco in the United States in 2016, or as the result of a merger, legal or regulatory action or otherwise, such as the withdrawal of American Airlines in 2014 from our Airport Club Access program for Centurion® and Platinum Card® Members) or the renegotiation of existing partnerships with terms that are significantly worse for us could have a material adverse impact on our business and results of operations. See “Our business is subject to comprehensive government regulation and supervision, which could materially adversely affect our results of operations and financial condition” for information on the uncertainty regarding our cobrand and agent relationships in the EU and the UK. In addition, any publicity associated with the loss of any of our key business partners could harm our reputation, making it more difficult to attract and retain Card Members and merchants, and could weaken our negotiating position with our remaining and prospective business partners.
Arrangements with our business partners represent a significant portion of our business. We are exposed to risks associated with our business partners, including reputational issues, business slowdowns, bankruptcies, liquidations, restructurings and consolidations, and the possible obligation to make payments to our partners.
Our success is, in many ways, dependent on the success of our partners. From customer acquisition to cobranding arrangements, from participation in our rewards programs to facilitating B2B supplier payments for our corporate clients, we rely on our business partners across many aspects of our company and our arrangements with business partners represent a significant portion of our business. Some of our partners manage certain aspects of our customer relationships, such as our OptBlue partners. To the extent any of our partners fail to effectively promote and support our products, experience a slowdown in their business, operational disruptions, reputational issues or loss of consumer confidence, or are otherwise unable to meet our expectations or those of their other stakeholders, our business may be materially negatively impacted. We face the risk that existing relationships will be renegotiated with less favorable terms for us or that we may be unable to renegotiate on terms that are acceptable to us. In addition, we may be obligated to make or accelerate payments to certain business partners such as cobrand partners upon the occurrence of certain triggering events such as a shortfall in certain performance and revenue levels. If we are not able to effectively manage these triggering events, we could unexpectedly have to make payments to these partners, which could have a negative effect on our financial condition and results of operations. See Note 12 to our “Consolidated Financial Statements” for additional information on financial commitments related to agreements with certain cobrand partners.
Similarly, we are exposed to risk from bankruptcies, liquidations, insolvencies, financial distress, restructurings, consolidations, operational outages, cyber security incidents and other similar events that may occur in any industry representing a significant portion of our network volumes, which could negatively impact particular card products and services (and volumes generally) and our financial condition and results of operations. During 2020, we pre-purchased a significant amount of loyalty points from certain of our travel cobrand partners, which we have used and intend to continue to use for promotions, rewards and incentive programs for our customers. To the extent such partners cease operations or the loyalty points are no longer desired by our customers, the value of any pre-purchased points we still have at that time may be diminished and may result in an impairment charge. We could also be materially impacted if we were obligated or elected to reimburse Card Members for products and services purchased from merchants that have ceased operations or stopped accepting our cards. For example, we are exposed to credit risk in the airline industry to the extent we protect Card Members against non-delivery of purchases, such as where we have remitted payment to an airline for a Card Member purchase of tickets that have not yet been used or “flown.” If we are unable to collect the amount from the airline, we may bear the loss for the amount credited to the Card Member. At December 31, 2021, our best estimate of the maximum amount of billed business for purchases that had yet to be delivered by, or could be charged back to, merchants was $24.5 billion. This amount assumes all such merchants worldwide cease operations and thus are no longer available to deliver such purchases or to accept such chargebacks, and that all such billed business results in claims-in-full by Card Members. Such a maximum amount has not been indicative of our actual loss exposure in the past and we have not experienced significant losses related to these exposures to date; however, our historical experience may not be representative in the current environment given the economic and financial disruptions, particularly to travel, caused by the COVID-19 pandemic and resulting containment measures and staff shortages. See Note 12 to the “Consolidated Financial Statements” for additional information regarding this exposure.
For additional information relating to the general risks related to the airline industry, see “Risk Management—Institutional Credit Risk—Exposure to the Airline and Travel Industry” under “MD&A.”
We face continued intense competitive pressure that may materially impact the prices we charge for accepting our cards for payment, as well as the risk of losing merchant relationships, which could have a material adverse impact on our business and results of operations.
We face pressure from competitors that primarily rely on sources of revenue other than discount revenue or have lower costs that can make their pricing for card acceptance more attractive. Merchants, business partners and third-party merchant acquirers and aggregators are also able to negotiate incentives, pricing concessions and other favorable contractual provisions from us as a condition to accepting our cards, being cobrand partners, offering benefits to our Card Members or signing merchants on our behalf. As merchants become even larger (such as the largest tech companies), we may have to increase the amount of incentives and/or concessions we provide to them. We also face the risk of losing a merchant relationship that could materially adversely affect our network volumes, ability to retain current Card Members and attract new Card Members and therefore, our business and results of operations.
Our average merchant discount rate has been impacted by regulatory changes affecting competitor pricing in certain international countries and may in the future be impacted by pricing regulation. We have also experienced erosion of our average merchant discount rate as we increase merchant acceptance. We may not be successful in significantly expanding merchant acceptance or offsetting rate erosion with volumes at new merchants. In addition, the regulatory environment and differentiated payment models and technologies from non-traditional players in the alternative payments space could pose challenges to our traditional payment model and adversely impact our average merchant discount rate. Some merchants continue to invest in their own payment solutions, such as proprietary-branded mobile wallets, using both traditional and new technology platforms. If merchants are able to drive broad consumer adoption and usage, it could adversely impact our average merchant discount rate and network volumes.
A continuing priority of ours is to drive greater and differentiated value to our merchants that, if not successful, could negatively impact our discount revenue and financial results. We may not succeed in maintaining merchant discount rates or offsetting the impact of declining merchant discount rates, for the reasons discussed above and others, which could materially and adversely affect our revenues and profitability, and therefore our ability to invest in innovation and in value-added services for merchants and Card Members.
Surcharging or steering by merchants could materially adversely affect our business and results of operations.
In certain countries, such as Australia and certain Member States in the EU, and in certain states in the U.S., merchants are expressly permitted by law to surcharge certain card purchases. In jurisdictions allowing surcharging, we have seen merchant surcharging on American Express cards in certain merchant categories, and in some cases, either the surcharge is greater than that applied to Visa and Mastercard cards or Visa and Mastercard cards are not surcharged at all (practices that are known as differential surcharging), even though there are many cards issued on competing networks that have an equal or greater cost of acceptance for the merchant.
We also encounter merchants that accept our cards, but tell their customers that they prefer to accept another type of payment or otherwise seek to suppress use of our cards or certain of our cards, which could become more prevalent with the introduction of debit cards on the American Express network. Our Card Members value the ability to use their cards where and when they want to, and we, therefore, take steps to meet our Card Members’ expectations and to protect the American Express brand by
prohibiting discrimination through provisions in our merchant contracts, including non-discrimination and honor-all-cards provisions, subject to local legal requirements. When we work with merchant acquirers, aggregators and processors to manage certain aspects of the merchant relationship, we are dependent on them to promote and support the acceptance and usage of our cards, but such third parties may have business interests, strategies or goals that are inconsistent with ours.
New products, such as debit cards on the American Express network, could fail to gain market acceptance and American Express cards could become less desirable to consumers and businesses generally due to surcharging, steering or other forms of discrimination, which could result in a decrease in cards-in-force and transaction volumes. The impact could vary depending on such factors as: the industry or manner in which a surcharge is levied; how Card Members are surcharged or steered to other card products or payment forms at the point of sale; the ease and speed of implementation for merchants, including as a result of new or emerging technologies; the size and recurrence of the underlying charges; and whether and to what extent these actions are applied to other forms of payment, including whether it varies depending on the type of card (e.g., credit or debit), product, network, acquirer or issuer. Discrimination against American Express cards could have a material adverse effect on our business, financial condition and results of operations, particularly where it only or disproportionately impacts credit card usage or card usage generally, our Card Members or our business.
We may not be successful in our efforts to promote card usage through marketing and promotion, merchant acceptance and Card Member rewards and services, or to effectively control the costs of such investments, both of which may materially impact our profitability.
Revenue growth is dependent on increasing consumer and business spending on our cards, growing loan balances and increasing fee revenue. We have been investing in a number of growth initiatives, including to attract new Card Members, retain existing Card Members and capture a greater share of customers’ total spending and borrowings. There can be no assurance that our investments will continue to be effective, particularly with changing consumer and business behaviors as a result of the COVID-19 pandemic. In addition, if we develop new products or offers that attract customers looking for short-term incentives rather than incentivize long-term loyalty, Card Member attrition and costs could increase. Increasing spending on our cards also depends on our continued expansion of merchant acceptance of our cards. If we are unable to continue growing merchant acceptance and perceptions of coverage or merchants decide to no longer accept American Express cards, our business could suffer. Expanding our service offerings, adding customer acquisition channels and forming new partnerships or renewing current partnerships could have higher costs than our current arrangements, fail to resonate with customers, adversely impact our average discount rate or dilute our brand.
Another way we invest in customer value is through our Membership Rewards program, as well as other Card Member benefits. Any significant change in, or failure by management to reasonably estimate, actual redemptions of Membership Rewards points and associated redemption costs could adversely affect our profitability. We rely on third parties for certain redemption options and may not be able to continue to offer such redemption options in the future, which could diminish the value of the program for our Card Members. Our two largest redemption partners are Amazon and Delta. In addition, many credit card issuers have instituted rewards and cobrand programs and may introduce programs and services that are similar to or more attractive than ours. Our inability to differentiate our products and services could materially adversely affect us.
We may not be able to cost-effectively manage and expand Card Member benefits, including containing the growth of marketing, promotion, rewards and Card Member services expenses in the future. If such expenses increase beyond our expectations, we will need to find ways to offset the financial impact by increasing other areas of revenues such as fee-based revenues, decreasing operating expenses or other investments in our business, or both. We may not succeed in doing so, particularly in the current competitive and regulatory environment. In addition, increased costs as a result of inflation, colleague retention and recruitment, supply chain issues and shortages of materials such as chips for our cards, and readiness efforts for returning to our offices may require that we reduce investments in other areas.
Our brand and reputation are key assets of our Company, and our business may be materially affected by how we are perceived in the marketplace.
Our brand and its attributes are key assets, and we believe our continued success depends on our ability to preserve, grow and realize the benefits of the value of our brand. Our ability to attract and retain consumer and small business Card Members and corporate clients is highly dependent upon the external perceptions of our level of service, trustworthiness, business practices, privacy and data protection, management, workplace culture, merchant acceptance, financial condition, response to political and social issues or catastrophic events (including our response to the COVID-19 pandemic and natural disasters) and other subjective qualities. Negative perceptions or publicity regarding these matters — even if related to seemingly isolated incidents and whether or not factually correct—could erode trust and confidence and damage our reputation among existing and potential Card Members, corporate clients, merchants and partners, which could make it difficult for us to attract new customers and maintain existing ones. Negative public opinion could result from actual or alleged conduct in any number of activities or circumstances, including card practices, regulatory compliance, the use and protection of customer information, conduct by our colleagues and policy engagement, including activities of the American Express Company Political Action Committee, and from actions taken by regulators or others in response thereto. Discussion about such matters in social media channels can also cause rapid, widespread reputational harm to our brand.
Our brand and reputation may also be harmed by actions taken by third parties that are outside our control. For example, any shortcoming of or controversy related to a third-party service provider, business partner, merchant acquirer or network partner may be attributed by Card Members and merchants to us, thus damaging our reputation and brand value. Acceptance of American Express cards by merchants in certain industries can also affect perceptions of us. The lack of acceptance, suppression of card usage or surcharging by merchants can also negatively impact perceptions of our brand and our products, lower overall transaction volume and increase the attractiveness of other payment products or systems. Adverse developments with respect to our industry may also, by association, negatively impact our reputation, or result in greater regulatory or legislative scrutiny or litigation against us. Furthermore, as a corporation with headquarters and operations located in the United States, a negative perception of the United States arising from its political or other positions could harm the perception of our company and our brand. Although we monitor developments for areas of potential risk to our reputation and brand, negative perceptions or publicity could materially and adversely affect our business volumes, revenues and profitability.
We publicly share certain information about our ESG initiatives. We may face increased scrutiny related to these activities, and our failure to achieve progress in these areas on a timely basis, if at all, could impact our reputation, colleague retention and public perceptions of our business.
A major information or cyber security incident or an increase in fraudulent activity could lead to reputational damage to our brand and material legal, regulatory and financial exposure, and could reduce the use and acceptance of our cards.
We and third parties collect, process, transfer, host, store, analyze, retain, provide access to and dispose of account information, payment transaction information, and certain types of personally identifiable and other information pertaining to our customers and colleagues in connection with our cards and other products and in the normal course of our business.
Global financial institutions like us, as well as our customers, colleagues, regulators, service providers and other third parties, have experienced a significant increase in information and cyber security risk in recent years and will likely continue to be the target of increasingly sophisticated cyberattacks, including computer viruses, malicious or destructive code, ransomware, social engineering attacks (including phishing, impersonation and identity takeover attempts), corporate espionage, hacking, website defacement, denial-of-service attacks, exploitation of vulnerabilities and other attacks and similar disruptions from the misconfiguration or unauthorized use of or access to computer systems. These threats can arise from external parties, as well as insiders who knowingly or unknowingly engage in or enable malicious cyber activities. There are a number of motivations for cyber threat actors, including criminal activities such as fraud, identity theft and ransom, corporate or nation-state espionage, political agendas, public embarrassment with the intent to cause financial or reputational harm, intent to disrupt information technology systems and supply chains, and to expose and exploit potential security and privacy vulnerabilities in corporate systems and websites.
Our networks and systems are subject to constant attempts to disrupt our business operations and capture, destroy, manipulate or expose various types of information relating to corporate trade secrets, customer information, including Card Member, travel and loyalty program data, colleague information and other sensitive business information, including acquisition activity, non-public financial results and intellectual property. For example, we and other U.S. financial services providers have been the target of distributed denial-of-service attacks from sophisticated third parties. We develop and maintain systems and processes aimed at detecting and preventing information and cyber security incidents and fraudulent activity, which require significant investment, maintenance and ongoing monitoring and updating as technologies and regulatory requirements change, new vulnerabilities and exploits are discovered and as efforts to overcome security measures become more sophisticated. In addition, we maintain cyber crisis response procedures and regularly test our procedures to remain prepared and reduce the risk of harm to our business operations, customers and third parties in the event of an information or cyber security incident.
Despite our efforts and the efforts of third parties that process, transmit or store our data and data of our customers and colleagues or support our operations, such as service providers, merchants and regulators, the possibility of information, operational and cyber security incidents, malicious social engineering, corporate espionage, fraudulent or other malicious activities and human error or malfeasance cannot be eliminated entirely and will evolve as new and emerging technology is deployed, including the increasing use of personal mobile and computing devices that are outside of our network and control environments. In addition, new products and services, such as checking accounts and non-card lending, may increase our exposure to fraud and other malfeasance. Risks associated with such incidents and activities include theft of funds and other monetary loss, disruption of our operations and the unauthorized disclosure, release, gathering, monitoring, misuse, modification, loss or destruction of confidential, proprietary, trade secret or other information (including account data information). An incident may not be detected until well after it occurs and the severity and potential impact may not be fully known for a substantial period of time after it has been discovered. Our ability to address incidents may also depend on the timing and nature of assistance that may be provided from relevant governmental or law enforcement agencies.
Information, operational or cyber security incidents, fraudulent activity and other actual or perceived failures to maintain confidentiality, integrity, availability of services, privacy and/or security has led to increased regulatory scrutiny and may lead to regulatory investigations and intervention (such as mandatory card reissuance), consent decrees, increased litigation (including class action litigation), response costs (including notification and remediation costs), fines, negative assessments of
us and our subsidiaries by banking regulators and rating agencies, reputational and financial damage to our brand, and reduced usage of our products and services, all of which could have a material adverse impact on our business. The disclosure of sensitive company information could also undermine our competitive advantage and divert management attention and resources.
Successful cyberattacks, data breaches, disruptions or other incidents related to the actual or perceived failures to maintain confidentiality, integrity, privacy and/or security at other large financial institutions, large retailers, travel and hospitality companies, government agencies or other market participants, whether or not we are impacted, could lead to a general loss of customer confidence that could negatively affect us, including harming the market perception of the effectiveness of our security measures or harming the reputation of the financial system in general, which could result in reduced use of our products and services. Such events could also result in legislation and additional regulatory requirements. Although we maintain cyber insurance, there can be no assurance that liabilities or losses we may incur will be covered under such policies or that the amount of insurance will be adequate.
The uninterrupted operation of our information systems is critical to our success and a significant disruption could have a material adverse effect on our business and results of operations.
Our information technology systems, including our transaction authorization, clearing and settlement systems, and data centers, may experience service disruptions or degradation because of technology malfunction, sudden increases in customer or automated transaction volume, natural disasters, accidents, power outages, internet outages, telecommunications failures, fraud, denial-of-service and other cyberattacks, terrorism, computer viruses, vulnerabilities in hardware or software, physical or electronic break-ins, or similar events. An increase in remote working as a result of the pandemic may increase the risk of such events occurring and the impact of such events on our business and operations. Service disruptions or degradations could prevent access to our online services and account information, compromise or limit access to company or customer data, impede or prevent transaction processing and financial reporting, and lead to regulatory investigations and fines, increased regulatory oversight and litigation (including class action litigation). Any such service disruption or degradation could adversely affect the perception of the reliability of our products and services and materially adversely affect our overall business, reputation and results of operations.
We rely on third-party providers for acquiring and servicing customers, technology, platforms and other services integral to the operations of our businesses. These third parties may act in ways that could materially harm our business.
We rely on third-party service providers, cobrand partners, merchants, affiliate marketing firms, processors, aggregators, network partners and other third parties for services that are integral to our operations and are subject to the risk that activities of such third parties may adversely affect our business. As outsourcing, specialization of functions, third-party digital services and technology innovation within the payments industry increase (including with respect to mobile technologies, tokenization, big data, artificial intelligence and cloud storage solutions), more third parties are involved in processing card transactions, handling our data and supporting our operations. For example, we rely on third parties for the timely transmission of accurate information across our global network, card acquisition and provision of services to our customers. If a service provider or other third party fails to fulfill its obligations to us, it could interrupt or compromise the quality of our services to customers or impact our business. A disruption or other event at a third party affecting one of our service providers or partners could also impede their ability to provide to us services or data on which we rely to operate our business. Service providers or other third parties could also cease providing data to us or use our data in a way that diminishes the value of our closed loop.
The confidentiality, integrity, privacy, availability and/or security of data communicated over third-party networks or platforms or held by, or accessible to, third parties, including merchants that accept our cards, payment processors, payment intermediaries and our third-party service providers and business partners, could become compromised, which could lead to operational disruptions, unauthorized use of our data or fraudulent transactions on our cards, as well as costs associated with responding to such an incident, including notification and remediation costs, regulatory investigations and fines, increased regulatory oversight and litigation.
The management and oversight of multiple service providers increases our operational complexity and governance challenges and decreases our control. A failure to exercise adequate oversight over service providers, including compliance with service level agreements or regulatory or legal requirements, could result in regulatory actions, fines, litigation, sanctions or economic and reputational harm to us. In addition, we may not be able to effectively monitor or mitigate operational risks relating to our third-party providers' service providers. We are also exposed to the risk that a service disruption at a service provider common to our third-party providers could impede their ability to provide services to us. Notwithstanding any attempts to diversify our reliance on third parties, we may not be able to effectively mitigate operational risks relating to the service providers of our third-party providers.
If we are not able to invest successfully in, and compete at the leading edge of, technological developments across all our businesses, our revenue and profitability could be materially adversely affected.
Our industry is subject to rapid and significant technological changes. In order to compete in our industry, we need to continue to invest in technology across all areas of our business, including in transaction processing, data management and analytics, machine learning and artificial intelligence, customer interactions and communications, open banking and alternative payment and financing mechanisms, authentication technologies and digital identification, tokenization, real-time settlement, and risk
management and compliance systems. Incorporating new technologies into our products and services, including developing the appropriate governance and controls consistent with regulatory expectations, requires substantial expenditures and takes considerable time, and ultimately may not be successful. We expect that new technologies in the payments industry will continue to emerge, and these new technologies may be superior to, or render obsolete, our existing technology.
The process of developing new products and services, enhancing existing products and services and adapting to technological changes and evolving industry standards is complex, costly and uncertain, and any failure by us to anticipate customers’ changing needs and emerging technological trends accurately could significantly impede our ability to compete effectively. Consumer and merchant adoption is a key competitive factor and our competitors may develop products, platforms or technologies that become more widely adopted than ours. In addition, we may underestimate the resources needed and our ability to develop new products and services, particularly beyond our traditional card products and travel-related services. Our use of artificial intelligence and machine learning is subject to risks related to flaws in our algorithms and datasets that may be insufficient or contain biased information. These deficiencies could undermine the decisions, predictions or analysis such technologies produce, subjecting us to competitive harm, legal liability, and brand or reputational harm.
Our ability to develop, acquire or access competitive technologies or business processes on acceptable terms may also be limited by intellectual property rights that third parties, including those that current and potential competitors, may assert. In addition, our ability to adopt new technologies may be inhibited by the emergence of industry-wide standards, a changing legislative and regulatory environment, an inability to develop appropriate governance and controls, a lack of internal product and engineering expertise, resistance to change from Card Members or merchants, lack of appropriate change management processes or the complexity of our systems.
We may not be successful in realizing the benefits associated with our acquisitions, strategic alliances, joint ventures and investment activity, and our business and reputation could be materially adversely affected.
We have acquired a number of businesses, including Kabbage, and have made a number of strategic investments, and continue to evaluate potential transactions. There is no assurance that we will be able to successfully identify suitable candidates, value potential investment or acquisition opportunities accurately, negotiate acceptable terms for those opportunities, or complete proposed acquisitions and investments. The process of integrating an acquired company, business or technology could create unforeseen operating difficulties and expenditures, result in unanticipated liabilities, including legal claims, violations of laws, commercial disputes and information security vulnerabilities or breaches (including from not integrating the acquired company, business or technology quickly or appropriately, from activities that occurred prior to the acquisition, and from exposure to third party relationships of the acquired company or business or new laws and regulations), and harm our business generally. It may take us longer than expected to fully realize the anticipated benefits of these transactions, and those benefits may ultimately be smaller than anticipated or may not be realized at all, which could materially adversely affect our business and operating results, including as a result of write-downs of goodwill and other intangible assets.
Joint ventures, including our joint venture in China, and minority investments in companies such as American Express Global Business Travel (GBT) inherently involve a lesser degree of control over business operations, thereby potentially increasing the financial, legal, operational and/or compliance risks associated with the joint venture or minority investment, including as a result of being subject to different laws or regulations. In addition, we may be dependent on joint venture partners, controlling shareholders or management who may have business interests, strategies or goals that are inconsistent with ours. GBT has entered into a business combination agreement with a third party, the consummation of which will result in GBT becoming a public company. GBT currently plans to continue to conduct its day-to-day business under its existing name and brand pursuant to a license from us even after it becomes a public company. Business decisions or other actions or omissions of a joint venture partner, other shareholders or management of our joint ventures and companies in which we have minority investments may adversely affect the value of our investment, result in litigation or regulatory action against us and otherwise damage our reputation and brand. In addition, trade secrets and other proprietary information we may provide to a joint venture may become available to third parties beyond our control. The ability to enforce intellectual property and contractual rights to prevent disclosure of our trade secrets and other proprietary information may be limited in certain jurisdictions.
We may also face risks with other types of strategic transactions, such as the sale to InComm of the operations relating to our prepaid reloadable and gift card business. The reloadable operations have experienced disruptions in the past, impacting the ability of our prepaid customers to load and use their cards. If such operations are interrupted, suspended or terminated in the future, it could further negatively impact our customers’ experience, result in additional costs, litigation and regulatory action, and harm our business and reputation.
Our success is dependent on maintaining a culture of integrity and respect, the resilience of our colleagues through the pandemic, and upon our executive officers and other key personnel, and misconduct by or loss of personnel could materially adversely affect our business.
We rely upon our personnel not only for business success, but also to act with integrity and promote a culture of respect. To the extent our colleagues behave in a manner that does not comport with our company’s values, the consequences to our brand and reputation could be severe and could negatively affect our financial condition and results of operations. Our colleagues have had to adapt to rapidly changing conditions during the pandemic, and if we are unable to continue addressing the safety, health and productivity of our colleagues, our business could suffer. The pandemic may also have long-term effects on the nature of
the office environment and remote working, which may result in increased costs and present operational and workplace culture challenges that may also adversely affect our business.
The market for qualified individuals with diverse perspectives and reflecting the diversity of our communities is highly competitive, and we may not be able to attract and retain such individuals. We have and may continue to experience increased costs related to compensation and other benefits necessary to attract and retain qualified personnel. Changes in immigration and work permit laws and regulations or the administration or enforcement of such laws or regulations or other changes in the legal or regulatory environment, including as a result of the exit of the United Kingdom from the EU (commonly referred to as Brexit), can also impair our ability to attract and retain qualified personnel, or to employ colleagues in the location(s) of our choice. Our compensation practices are subject to review and oversight by the Federal Reserve and the compensation practices of AENB are subject to review and oversight by the OCC. This regulatory review and oversight could further affect our ability to attract and retain our executive officers and other key personnel. Our inability to attract and retain highly skilled, motivated and diverse personnel could materially adversely affect our business and our culture.
Our operations, business, customers and partners could be materially adversely affected by climate change.
There are increasing and rapidly evolving concerns over the risks of climate change and related environmental sustainability matters. The physical risks of climate change include rising average global temperatures, rising sea levels and an increase in the frequency and severity of extreme weather events and natural disasters. Such events and disasters could disrupt our operations or the operations of customers or third parties on which we rely and could result in market volatility or negatively impact our customers’ spending behaviors or ability to pay outstanding loans. Additionally, we may face risks related to the transition to a low-carbon economy. Changes in consumer preferences, travel patterns and legal requirements could increase expenses or otherwise adversely impact our business, our customers and partners. We could also experience increased expenses resulting from strategic planning, litigation and changes to our technology, operations, products and services, as well as reputational harm as a result of negative public sentiment, regulatory scrutiny and reduced stakeholder confidence, due to our response to climate change and our efforts relating to the Advancing Climate Solutions pillar of our ESG strategy.
Legal, Regulatory and Compliance Risks
Our business is subject to comprehensive government regulation and supervision, which could materially adversely affect our results of operations and financial condition.
We are subject to comprehensive government regulation and supervision in jurisdictions around the world, which significantly affects our business and requires continual enhancement of our compliance efforts. Supervision efforts and the enforcement of existing laws and regulations impact the scope and profitability of our existing business activities, limit our ability to pursue certain business opportunities and adopt new technologies, compromise our competitive position, and affect our relationships with Card Members, partners, merchants, service providers and other third parties. New laws or regulations could similarly affect our business, increase our costs of doing business, impact what we are able to charge for, or offer in connection with, our products and services, and require us to change certain of our business practices and invest significant management attention and resources, all of which could adversely affect our results of operations and financial condition. Legislators and regulators around the world are aware of each other’s approaches to the regulation of the financial services industry. Consequently, a development in one country, state or region may influence regulatory approaches in another.
In preparation for the completion of Brexit, numerous EU laws and regulations were separately adopted into UK domestic legislation in order to ensure continuity. However, the UK plans to evaluate the extent to which these EU-legacy laws and regulations should change going forward and has already indicated some areas where it may take a different approach from the EU. To the extent that different regulatory systems impose overlapping or inconsistent requirements on the conduct of our business, we face complexity and additional costs in our compliance efforts, as well as potential regulatory enforcement actions and penalties.
If we fail to satisfy regulatory requirements or maintain our financial holding company status, our financial condition and results of operations could be adversely affected, and we may be restricted in our ability to take certain capital actions (such as declaring dividends or repurchasing outstanding shares) or engage in certain business activities or acquisitions, which could compromise our competitive position. Additionally, our banking regulators have wide discretion in the examination and the enforcement of applicable banking statutes and regulations and may restrict our ability to engage in certain business activities or acquisitions or require us to maintain more capital.
Legislators and regulators continue to focus on the operation of card networks, including interchange fees paid to card issuers in payment networks such as Visa and Mastercard and the fees merchants are charged to accept cards. Even where we are not directly regulated, regulation of bankcard fees significantly negatively impacts the discount revenue derived from our business, including as a result of downward pressure on our discount rate from decreases in competitor pricing in connection with caps on interchange fees. In some cases, regulations also extend, or may extend, to certain aspects of our business, such as network and cobrand arrangements, new products or services we may offer, or the terms of card acceptance for merchants, including terms relating to non-discrimination and honor-all-cards. For example, we have exited our network businesses in the EU and Australia as a result of regulation in those jurisdictions. In addition, there is uncertainty as to when or how interchange fee caps and other provisions of payments legislation might apply when we work with cobrand partners and agents in the EU and the UK. In a
ruling issued on February 7, 2018, the EU Court of Justice confirmed the validity of the application of the fee caps and other provisions in circumstances where three-party networks issue cards with a cobrand partner or through an agent, although the ruling provided only limited guidance as to when or how the provisions might apply in such circumstances and remains subject to differing interpretations by regulators and participants in cobrand arrangements. As a result, we are subject to regulatory action, penalties and the possibility we will not be able to maintain our existing cobrand and agent relationships in the EU or the UK.
We are subject to certain provisions of the Bank Secrecy Act, as amended by the Patriot Act and the AMLA, with regard to maintaining effective AML programs. Similar AML requirements apply under the laws of most jurisdictions where we operate. As regulators increase their focus in this area, new technologies such as digital currencies develop and we introduce new products like checking accounts, we face increased costs related to oversight, supervision and potential fines. Our AML programs have become the subject of heightened scrutiny in some countries, including certain Member States in the EU. Any errors, failures or delays in complying with AML and counter-terrorist financing laws, perceived deficiencies in our AML programs or association of our business with money laundering, terrorist financing, tax fraud or other illicit activities can give rise to significant supervisory, criminal and civil proceedings and lawsuits, which could result in significant penalties and forfeiture of assets, loss of licenses or restrictions on business activities, or other enforcement actions, and our reputation may suffer due to our customers’ association with certain countries, persons or entities or the existence of any such transactions.
Various regulatory agencies and legislatures are also considering regulations and legislation covering identity theft, account management guidelines, credit bureau reporting, disclosure rules, security and marketing that would impact us directly, in part due to increased scrutiny of our underwriting and account management standards. Any new requirements may restrict our ability to issue cards or partner with other financial institutions, which could adversely affect our revenue growth.
See “Supervision and Regulation” for more information about certain laws and regulations to which we are subject and their impact on us.
Litigation and regulatory actions could subject us to significant fines, penalties, judgments and/or requirements resulting in significantly increased expenses, damage to our reputation and/or a material adverse effect on our business.
At any given time, we are involved in a number of legal proceedings, including class action lawsuits. Many of these actions have included claims for substantial compensatory or punitive damages. While we have historically relied on our arbitration clause in agreements with customers to limit our exposure to class action litigation, there can be no assurance that we will continue to be successful in enforcing our arbitration clause in the future, including as a result of regulation that would require that our consumer arbitration clause not apply to cases filed in court as class actions, and claims of the type we previously arbitrated could be subject to the complexities, risks and costs associated with class action cases. The continued focus of merchants on issues relating to the acceptance of various forms of payment may lead to additional litigation and other legal actions. Given the inherent uncertainties involved in litigation, and the very large or indeterminate damages sought in some matters asserted against us, there is significant uncertainty as to the ultimate liability we may incur from litigation.
We are also involved at any given time with governmental and regulatory inquiries, investigations and proceedings. Regulatory action could subject us to significant fines, penalties or other requirements resulting in Card Member reimbursements, increased expenses, limitations or conditions on our business activities, and damage to our reputation and our brand, all of which could adversely affect our results of operations and financial condition. We expect that financial institutions, such as us, will continue to face significant regulatory scrutiny, with regulators taking formal enforcement actions against financial institutions in addition to addressing supervisory concerns through non-public supervisory actions or findings, which could involve restrictions on our activities, among other limitations, that could adversely affect our business. In addition, a violation of law or regulation by another financial institution could give rise to an investigation by regulators and other governmental agencies of the same or similar practices by us. Further, a single event may give rise to numerous and overlapping investigations and proceedings. External publicity concerning investigations can increase the scope and scale of investigations and lead to further regulatory inquiries. For example, as previously disclosed, beginning in May 2020, we began responding to a regulatory review led by the OCC and the Department of Justice Civil Division regarding historical sales practices relating to certain small business card sales. We also conducted an internal review of certain sales from 2015 and 2016 and have taken appropriate disciplinary and remedial actions, including voluntarily providing remediation to certain current and former customers. Information regarding our investigation has been provided to our other regulators, including the Federal Reserve. In January 2021, we received a grand jury subpoena from the United States Attorney’s Office for the Eastern District of New York regarding the sales practices for small business cards and a Civil Investigative Demand from the CFPB seeking information on sales practices related to consumers. We are cooperating with all of these inquiries into our sales practices and related compliance practices and continue to review and enhance our processes and controls related to our sales practices and business conduct generally. We do not believe this matter will have a material adverse impact on our business or results of operations.
We also face an increased risk of litigation and governmental and regulatory scrutiny as a result of the effects of the pandemic on market and economic conditions, such as a renewed focus on fair lending laws, and actions governmental authorities take in response to those conditions, including participation in the paycheck protection program.
Legal proceedings regarding provisions in our merchant contracts, including non-discrimination and honor-all-cards provisions, could have a material adverse effect on our business and result in additional litigation and/or arbitrations, changes to our merchant agreements and/or business practices, substantial monetary damages and damage to our reputation and brand.
We are, and have been in the past, a defendant in a number of actions, including legal proceedings and proposed class actions, challenging certain provisions of our card acceptance agreements. See Note 12 to the “Consolidated Financial Statements” for a description of certain outstanding legal proceedings.
An adverse outcome in these proceedings could have a material adverse effect on our business and results of operations, require us to change our merchant agreements in a way that could expose our cards to increased merchant steering and other forms of discrimination that could impair the Card Member experience, result in additional litigation and/or arbitrations, impose substantial monetary damages and damage our reputation and brand. Even if we were not required to change our merchant agreements, changes in Visa’s and Mastercard’s policies or practices as a result of legal proceedings, lawsuit settlements or regulatory actions pending against them could result in changes to our business practices and materially and adversely impact our profitability.
We are subject to capital adequacy and liquidity rules, and if we fail to meet these rules, our business would be materially adversely affected.
Failure to meet current or future capital or liquidity requirements could compromise our competitive position and could result in restrictions imposed by the Federal Reserve, including limiting our ability to pay dividends, repurchase our capital stock, invest in our business, expand our business or engage in acquisitions. Some elements of the capital and liquidity regimes are not yet final and certain developments could significantly impact the requirements applicable to financial institutions. For example, if the 2017 Basel Committee revisions to the standardized approach for credit risk and operational risk capital requirements are adopted in the United States, we could be required to hold significantly more capital. In addition, it may be necessary for us to hold additional capital because of an increase in the SCB requirement based on results from a supervisory stress test.
Compliance with capital adequacy and liquidity rules requires a material investment of resources. An inability to meet regulatory expectations regarding our compliance with applicable capital adequacy and liquidity rules may also negatively impact the assessment of us and our U.S. bank subsidiary by federal banking regulators.
For more information on capital adequacy requirements, see “Capital and Liquidity Regulation” under “Supervision and Regulation.”
We are subject to restrictions that limit our ability to pay dividends and repurchase our capital stock. Our subsidiaries are also subject to restrictions that limit their ability to pay dividends to us, which may adversely affect our liquidity.
We are limited in our ability to pay dividends and repurchase capital stock by our regulators, who have broad authority to prohibit any action that would be considered an unsafe or unsound banking practice. We are subject to a requirement to submit capital plans to the Federal Reserve for review that include, among other things, projected dividend payments and repurchases of capital stock. As part of the capital planning and stress testing process, our proposed capital actions are assessed against our ability to satisfy applicable capital requirements in the event of a stressed market environment. If we fail to satisfy applicable capital requirements, including the stress capital buffer, our ability to undertake capital actions may be restricted.
Our ability to declare or pay dividends on, or to purchase, redeem or otherwise acquire, shares of our common stock will be prohibited, subject to certain exceptions, in the event that we do not declare and pay in full dividends for the last preceding dividend period of our preferred stock.
American Express Company relies on dividends from its subsidiaries for liquidity, and such dividends may be limited by law, regulation or supervisory policy. For example, our U.S. bank subsidiary, AENB, is subject to various statutory and regulatory limitations on its declaration and payment of dividends. These limitations may hinder our ability to access funds we may need to make payments on our obligations, make dividend payments on outstanding American Express Company capital stock or otherwise achieve strategic objectives.
Any future reduction or elimination of our common stock dividend or share repurchase program could adversely affect the market price of our common stock and market perceptions of American Express. For more information on bank holding company and depository institution dividend restrictions, see “Stress Testing and Capital Planning” and “Dividends and Other Capital Distributions” under “Supervision and Regulation,” as well as “Consolidated Capital Resources and Liquidity—Dividends and Share Repurchases” under “MD&A” and Note 22 to our “Consolidated Financial Statements.”
Regulation in the areas of privacy, data protection, data governance, account access and information and cyber security could increase our costs and affect or limit our business opportunities and how we collect and/or use personal information.
Legislators and regulators in the United States and other countries in which we operate are increasingly adopting or revising privacy, data protection, data governance, account access and information and cyber security laws, including data localization, authentication and notification laws. As such laws are interpreted and applied (in some cases, with significant differences or conflicting requirements across jurisdictions), compliance and technology costs will continue to increase, particularly in the
context of ensuring that adequate data governance, data protection, incident management, resiliency, third party management, data transfer, security controls and account access mechanisms are in place.
Compliance with current or future privacy, data protection, data governance, resiliency, data transfer, account access and information and cyber security laws could significantly impact our collection, use, sharing, retention and safeguarding of consumer and/or colleague information and could restrict our ability to fully maximize our closed-loop capability or provide certain products and services or work with certain service providers, which could materially and adversely affect our profitability. Our failure to comply with such laws could result in potentially significant regulatory and/or governmental investigations and/or actions, litigation, fines, sanctions, ongoing regulatory monitoring, customer attrition, decreases in the use or acceptance of our cards and damage to our reputation and our brand. In recent years, there has been increasing regulatory enforcement and litigation activity in the areas of privacy, data protection and information and cyber security in the United States, the EU and various other countries in which we operate.
For more information on regulatory and legislative activity in this area, see “Privacy, Data Protection, Data Governance, Information and Cyber Security” under “Supervision and Regulation.”
We may not be able to effectively manage the operational and compliance risks to which we are exposed.
We consider operational risk to be the risk of loss due to, among other things, inadequate or failed processes, people or information systems, or impacts from the external environment (e.g., natural disasters). Operational risk includes, among others, the risk that error or misconduct could result in a material financial misstatement, a failure to monitor a third party’s compliance with regulatory or legal requirements, or a failure to adequately monitor and control access to, or use of, data in our systems we grant to third parties. As processes or organizations are changed, or new products and services are introduced, such as new lending features, debit products and checking accounts, we may not fully appreciate or identify new operational risks that may arise from such changes. Through human error, fraud or malfeasance, conduct risk can result in harm to customers, legal liability, fines, sanctions, customer remediation and brand damage.
Compliance risk arises from violations of, or failure to conform or comply with, laws, rules, regulations, internal policies and procedures, and ethical standards. We need to continually update and enhance our control environment to address operational and compliance risks. Operational and compliance failures, deficiencies in our control environment or an inability to maintain an ethical workplace and high standards of business conduct can expose us to reputational and legal risks as well as fines, civil money penalties or payment of damages and can lead to diminished business opportunities and diminished ability to expand key operations.
If we are not able to protect our intellectual property, or successfully defend against any infringement or misappropriation assertions brought against us, our revenue and profitability could be negatively affected.
We rely on a variety of measures to protect our intellectual property and control access to, and distribution of, our trade secrets and other proprietary information. These measures may not prevent infringement of our intellectual property rights or misappropriation of our proprietary information and a resulting loss of competitive advantage. The ability to enforce intellectual property rights to prevent disclosure of our trade secrets and other proprietary information may be limited in certain jurisdictions. In addition, competitors or other third parties may allege that our products, systems, processes or technologies infringe on their intellectual property rights. Given the complex, rapidly changing and competitive technological and business environments in which we operate, and the potential risks and uncertainties of intellectual property-related litigation, a future assertion of an infringement or misappropriation claim against us could cause us to lose significant revenues, incur significant defense, license, royalty or technology development expenses, and/or pay significant monetary damages.
Tax legislative initiatives or assessments could adversely affect our results of operations and financial condition.
We are subject to income and other taxes in the United States and in various foreign jurisdictions. The laws and regulations related to tax matters are extremely complex and subject to varying interpretations. Although management believes our positions are reasonable, we are subject to audit by the Internal Revenue Service in the United States and by tax authorities in all the jurisdictions in which we conduct business operations. We are being challenged in a number of countries regarding our application of value-added taxes (VAT) to certain transactions. While we believe we comply with all applicable VAT and other tax laws, rules and regulations in the relevant jurisdictions, the tax authorities may determine that we owe additional taxes or apply existing laws and regulations more broadly, which could result in a significant increase in liabilities for taxes and interest in excess of accrued liabilities.
New tax legislative initiatives, including increases in the corporate tax rate, are currently being considered and may be enacted. In addition, new guidelines issued by the Organization for Economic Cooperation and Development (OECD) could have an impact on how multinational enterprises are taxed on their global profits. These potential changes could adversely impact our effective tax rate, our tax positions and tax liabilities. In addition, actions by tax authorities, including an increase in tax audit activity, could have an adverse impact on our tax liabilities.
Credit, Liquidity and Market Risks
Our risk management policies and procedures may not be effective.
Our risk management framework seeks to identify and mitigate risk and appropriately balance risk and return. Although we have devoted significant resources to develop our risk management policies and procedures and expect to continue to do so in the future, these policies and procedures, as well as our risk management techniques, such as our hedging strategies, may not be fully effective. There may also be risks that exist, or develop in the future, that we have not appropriately identified or mitigated. As regulations, technology and competition continue to evolve, our risk management framework may not always keep sufficient pace with those changes. If our risk management framework does not effectively identify or mitigate our risks, we could suffer unexpected losses and could be materially adversely affected.
Management of our risks in some cases depends upon the use of analytical and/or forecasting models. Although we have a governance framework for model development and independent model validation, the modeling methodology or key assumptions could be erroneous or the models could be misused. In addition, issues with the quality or effectiveness of our data aggregation and validation procedures, as well as the quality and integrity of data inputs, could result in ineffective or inaccurate model outputs and reports. For example, models based on historical data sets might not be accurate predictors of future outcomes and their ability to appropriately predict future outcomes may degrade over time. The CECL methodology requires measurement of expected credit losses for the estimated life of certain financial instruments, not only based on historical experience and current conditions, but also by including forecasts incorporating forward-looking information. Our ability to accurately forecast future losses under that methodology may be impaired by the significant uncertainty surrounding the pandemic and the lack of comparable precedent. If our business decisions or estimates for credit losses are based on incorrect or misused models and assumptions or we fail to manage data inputs effectively and to aggregate or analyze data in an accurate and timely manner, our results of operations and financial condition may be materially adversely affected.
We are exposed to credit risk and trends that affect Card Member spending and the ability of customers and partners to pay us, which could have a material adverse effect on our results of operations and financial condition.
We are exposed to both individual credit risk, principally from consumer and small business Card Member loans and receivables, and institutional credit risk, principally from corporate Card Member loans and receivables, merchants, network partners, loyalty coalition partners and treasury and investment counterparties. Third parties may default on their obligations to us due to bankruptcy, lack of liquidity, operational failure or other reasons. General economic factors, such as gross domestic product, unemployment, inflation and interest rates, may result in greater delinquencies that lead to greater credit losses. A customer’s ability and willingness to repay us can be negatively impacted not only by economic, market, political and social conditions but also by a customer’s other payment obligations, and increasing leverage can result in a higher risk that customers will default or become delinquent in their obligations to us. Further, our credit performance may be negatively impacted as forbearance and government support programs broadly available during the pandemic come to an end, to the extent customers relied on such programs and stimulus funds to stay current on their obligations to us.
We rely principally on the customer’s creditworthiness for repayment of loans or receivables and therefore often have no other recourse for collection. Our ability to assess creditworthiness may be impaired if the criteria or models we use to manage our credit risk prove inaccurate in predicting future losses, which could have a negative impact on our results of operations. This may be exacerbated to the extent information we have historically relied upon to make credit decisions does not accurately portray a customer's creditworthiness as a result of forbearance programs or the reported consumer deleveraging that occurred during the pandemic. Further, our pricing strategies, particularly for new lending features and non-card lending products, may not offset the negative impact on profitability caused by increases in delinquencies and losses; thus any material increases in delinquencies and losses beyond our current estimates could have a material adverse impact on us. Although we make estimates to provide for credit losses in our outstanding portfolio of loans and receivables, these estimates may not be accurate. In addition, the information we use in managing our credit risk may be inaccurate or incomplete.
Rising delinquencies and rising rates of bankruptcy are often precursors of future write-offs and may require us to increase our reserve for credit losses. Higher write-off rates and the resulting increase in our reserves for credit losses adversely affect our profitability and the performance of our securitizations, and may increase our cost of funds.
Although we regularly review our credit exposure to specific clients and counterparties and to specific industries, countries and regions that we believe may present credit concerns, default risk may arise from events or circumstances that are difficult to foresee or detect, such as fraud. In addition, our ability to manage credit risk or collect amounts owed to us may be adversely affected by legal or regulatory changes (such as restrictions on collections or changes in bankruptcy laws, minimum payment regulations and re-age guidance). Increased credit risk, whether resulting from underestimating the credit losses inherent in our portfolio of loans and receivables, deteriorating economic conditions (particularly in the United States where, for example, Card Members were responsible for approximately 87 percent of our total Card Member loans outstanding as of December 31, 2021), increases in the level of loan balances, changes in our mix of business or otherwise, could require us to increase our provisions for losses and could have a material adverse effect on our results of operations and financial condition.
Interest rate changes could materially adversely affect our earnings.
Our interest expense was approximately $1.3 billion for the year ended December 31, 2021. If the rate of interest we pay on our borrowings increases more or decreases less than the rate of interest we earn on our loans, our net interest yield, and consequently our net interest income, could decrease. As of December 31, 2021, a hypothetical immediate 100 basis point increase in market interest rates would have a detrimental impact on our annual net interest income of up to $206 million. A hypothetical immediate 100 basis point decrease in market interest rates would have a smaller but still detrimental impact on our annual net interest income. We expect the rates we pay on our deposits will change if benchmark interest rates change. In addition, interest rate changes may affect customer behavior, such as impacting the loan balances Card Members carry on their credit cards or their ability to make payments as higher interest rates lead to higher payment requirements, further impacting our results of operations. For a further discussion of our interest rate risk, see “Risk Management ― Market Risk Management Process” under “MD&A.”
The discontinuance of LIBOR may negatively impact our access to funding and the value of our financial instruments and commercial agreements.
Certain of our financial instruments and commercial agreements will need to be amended or otherwise modified to replace references to the London interbank offered rate (LIBOR) with an alternative reference rate, as the LIBOR tenors referenced are expected to be quoted only through June 2023. Alternative reference rates, such as the secured overnight financing rate, are calculated using components different from those used in the calculation of LIBOR and may fluctuate differently than, and not be representative of, LIBOR. In order to compensate for these differences, certain of our financial instruments and commercial agreements allow for a benchmark replacement adjustment. However, there is no assurance that any benchmark replacement adjustment will be sufficient to produce the economic equivalent of LIBOR, either at the benchmark replacement date or over the life of such instruments and agreements.
Uncertainty as to the replacement of LIBOR with alternative reference rates and the discontinuance of LIBOR generally may negatively impact market liquidity, our access to funding and the trading market for our financial instruments. Furthermore, the timing of implementation and use of alternative reference rates and corresponding adjustments or other reforms could be subject to disputes, could cause the interest payable on our outstanding financial instruments and commercial agreements to be materially different than expected and may impact the value of such instruments and agreements.
Adverse market conditions may significantly affect our access to, and cost of, capital and ability to meet liquidity needs.
Our ability to obtain financing in the debt capital markets for unsecured term debt and asset securitizations is dependent on financial market conditions. Disruptions, uncertainty or volatility across the financial markets, as well as adverse developments affecting our competitors and the financial industry generally, could negatively impact market liquidity and limit our access to funding required to operate our business. Such market conditions may also limit our ability to replace, in a timely manner, maturing liabilities, satisfy regulatory capital requirements and access the funding necessary to grow our business. In some circumstances, we may incur an unattractive cost to raise capital, which could decrease profitability and significantly reduce financial flexibility. Additional factors affecting the extent to which we may securitize loans and receivables in the future include the overall credit quality of our loans and receivables, the costs of securitizing our loans and receivables, the demand for credit card asset-backed securities and the legal, regulatory, accounting or tax rules affecting securitization transactions and asset-backed securities, generally. Our liquidity and cost of funds would also be adversely affected by the occurrence of events that could result in the early amortization of our existing securitization transactions. For a further discussion of our liquidity and funding needs, see “Consolidated Capital Resources and Liquidity” under “MD&A.”
Any reduction in our credit ratings could increase the cost of our funding from, and restrict our access to, the capital markets and have a material adverse effect on our results of operations and financial condition.
Ratings of our long-term and short-term debt and deposits are based on a number of factors, including financial strength, as well as factors not within our control, including conditions affecting the financial services industry, and the macroeconomic environment. Our ratings could be downgraded at any time and without any notice by any of the rating agencies, which could, among other things, adversely limit our access to the capital markets and adversely affect the cost and other terms upon which we are able to obtain funding. Our ability to raise funding through the securitization market also depends, in part, on the credit ratings of the securities we issue from our securitization trusts. If we are not able to satisfy rating agency requirements to confirm the ratings of our asset-backed securities, it could limit our ability to access the securitization markets.
Adverse currency fluctuations and foreign exchange controls could decrease earnings we receive from our international operations and impact our capital.
During 2021, approximately 22 percent of our total revenues net of interest expense were generated from activities outside the United States. We are exposed to foreign exchange risk from our international operations, and accordingly the revenue we generate outside the United States is subject to unpredictable fluctuations if the values of other currencies change relative to the U.S. dollar, which could have a material adverse effect on our results of operations.
Foreign exchange regulations or capital controls might restrict or prohibit the conversion of other currencies into U.S. dollars or our ability to transfer them. Political and economic conditions in other countries could also impact the availability of foreign
exchange for the payment to us by the local card issuer for obligations arising out of local Card Members’ spending outside such country and for the payment by Card Members who are billed in a currency other than their local currency. Substantial and sudden devaluation of local Card Members’ currency can also affect their ability to make payments to the local issuer of the card in connection with spending outside the local country. The occurrence of any of these circumstances could further impact our results of operations.
An inability to accept or maintain deposits due to market demand or regulatory constraints could materially adversely affect our liquidity position and our ability to fund our business.
Our U.S. bank subsidiary, AENB, accepts deposits and uses the proceeds as a source of funding, with our direct retail deposits becoming a larger proportion of our funding over time. We continue to face strong competition with regard to deposits, and pricing and product changes may adversely affect our ability to attract and retain cost-effective deposit balances. To the extent we offer higher interest rates to attract or maintain deposits, our funding costs will be adversely impacted.
Our ability to obtain deposit funding and offer competitive interest rates on deposits is also dependent on AENB’s capital levels. The FDIA’s brokered deposit provisions and related FDIC rules in certain circumstances prohibit banks from accepting or renewing brokered deposits and apply other restrictions, such as a cap on interest rates that can be paid. Additionally, our regulators can adjust applicable capital requirements at any time and have authority to place limitations on our deposit businesses. An inability to attract or maintain deposits in the future could materially adversely affect our ability to fund our business.
The value of our investments may be adversely impacted by economic, political or market conditions.
Market risk includes the loss in value of portfolios and financial instruments due to adverse changes in market variables, which could negatively impact our financial condition. We held approximately $3 billion of investment securities as of December 31, 2021. In the event that actual default rates of these investment securities were to significantly change from historical patterns due to economic conditions or otherwise, it could have a material adverse impact on the value of our investment portfolio, potentially resulting in impairment charges. Defaults or economic disruptions, even in countries or territories in which we do not have material investment exposure, conduct business or have operations, could adversely affect us.