We are subject to anti-corruption, anti-bribery, anti-money laundering, financial and economic sanctions and similar laws, and non-compliance with such laws can subject us to administrative, civil and criminal fines and penalties, collateral consequences, remedial measures and legal expenses, all of which could adversely affect our business, results of operations, financial condition and reputation.
We are subject to anti-corruption, anti-bribery, anti-money laundering, financial and economic sanctions and similar laws and regulations in various jurisdictions in which we conduct activities, including the U.S. Foreign Corrupt Practices Act, or FCPA, and other anti-corruption laws and regulations. The FCPA prohibits us and our officers, directors, employees and business partners acting on our behalf, including agents, from corruptly offering, promising, authorizing or providing anything of value to a “foreign official” for the purposes of influencing official decisions or obtaining or retaining business or otherwise obtaining favorable treatment. The FCPA also requires companies to make and keep books, records and accounts that accurately reflect transactions and dispositions of assets and to maintain a system of adequate internal accounting controls.
We have direct or indirect interactions with officials and employees of government agencies and state-owned affiliated entities in the ordinary course of business. These interactions subject us to an increased level of compliance-related concerns. We are in the process of implementing policies and procedures designed to ensure compliance by us and our directors, officers, employees, representatives, consultants, agents and business partners with applicable anti-corruption, anti-bribery, anti-money laundering, financial and economic sanctions and similar laws and regulations. However, our policies and procedures may not be sufficient and our directors, officers, employees, representatives, consultants, agents, and business partners could engage in improper conduct for which we may be held responsible.
Non-compliance with anti-corruption, anti-bribery, anti-money laundering or financial and economic sanctions laws could subject us to whistleblower complaints, adverse media coverage, investigations, and severe administrative, civil and criminal sanctions, collateral consequences, remedial measures and legal expenses, all of which could materially and adversely affect our business, results of operations, financial condition and reputation. In addition, changes in economic sanctions laws in the future could adversely impact our business and investments in our shares.
If we are unable to protect our customers’ personal information, we could be exposed to data loss, litigation, and liability, and our reputation could be significantly harmed.
In the ordinary course of our business, we collect certain personal information provided by our customers, which is stored in our own server. Privacy protection is increasingly demanding, and the use of electronic payment methods and collection of certain personal information expose us to increased risk of privacy and/or security breaches as well as other risks. We may experience or be affected by security breaches in which our customers’ personal information is stolen. Also, security and information systems that we use or rely on may be compromised as a result of data corruption or loss, cyberattack or a network security incident or we may fail to comply with applicable laws and regulations. Although private networks are used to transmit confidential information, third parties may have the technology or know-how to breach the security of the customer information transmitted, and the security measures employed may not effectively prohibit others from obtaining improper access to this information. The techniques used to obtain unauthorized access, disable or degrade service, or sabotage systems change frequently and are often difficult to detect for long periods of time, which may cause a breach to go undetected for an extensive period of time. Advances in computer and software capabilities, new tools, and other developments may increase the risk of such a breach. If a person is able to circumvent our security measures or those of third parties, he or she could destroy or steal valuable information or disrupt our operations. We may become subject to claims for purportedly fraudulent transactions arising out of the unlawful access or exfiltration of personal data, and we may also be subject to lawsuits, administrative fines or other proceedings relating to these types of incidents. Any such claim or proceeding could cause us to incur significant unplanned expenses, which could have an adverse impact on our business, financial condition and results of operations. Further, adverse publicity resulting from such claims or proceedings could significantly harm our reputation which, in turn, may
51