Global Payments (GPN) Q3 2012 Earnings Call April 02, 2012 8:00 am ET Executives Jane M. Forbes - Vice President of Investor Relations Paul R. Garcia - Chairman and Chief Executive Officer David E. Mangum - Chief Financial officer and Senior Executive Vice President Jeffrey S. Sloan - President Analysts James F. Kissane - Crédit Suisse AG, Research Division Glenn Greene - Oppenheimer & Co. Inc., Research Division David Togut - Evercore Partners Inc., Research Division Julio C. Quinteros - Goldman Sachs Group Inc., Research Division Bryan Keane - Deutsche Bank AG, Research Division Jason Kupferberg - Jefferies & Company, Inc., Research Division Glenn Fodor - Morgan Stanley, Research Division David J. Koning - Robert W. Baird & Co. Incorporated, Research Division Tien-Tsin T. Huang - JP Morgan Chase & Co, Research Division Gregory Smith - Sterne Agee & Leach Inc., Research Division Sanjay Sakhrani - Keefe, Bruyette, & Woods, Inc., Research Division Daniel R. Perlin - RBC Capital Markets, LLC, Research Division Christopher Brendler - Stifel, Nicolaus & Co., Inc., Research Division Presentation Operator
Before we begin, I'd like to remind you that some of the comments made by management during the conference call contain forward-looking statements that are subject to risks and uncertainties that could cause actual results to vary, which are discussed in our public releases, including our most recent Form 10-K. We caution you not to put undue reliance on forward-looking statements. Forward-looking statements made during this call speak only as of the date of this call.In addition, some of the comments made on this call may refer to certain measures such as cash earnings, which are not in accordance with GAAP. Management believes these results more clearly reflect comparative operating performance. For a full reconciliation of cash earnings to GAAP results in accordance with Regulation G, please see our press release furnished as an exhibit to our Form 8-K this morning dated April 2, 2012, which may be located under the Investor Relations area on our website, www.globalpaymentsinc.com. Now I'd like to introduce Paul Garcia. Paul? Paul R. Garcia Thanks, Jane, and good morning, everyone. In regard to the security incident, I am very pleased to inform you that we are making significant progress in defining and rectifying the event. The company believes that fewer than 1.5 million card numbers may have been stolen and that the theft is confined to our North American processing system. Importantly, the investigation to date has revealed that the theft involved Track 2 card data only. We do not believe that Track 1 card data was taken or that cardholder names, addresses, social security numbers or consumer banking information was obtained by the criminals. In addition, based on the forensic analysis to date, network monitoring and additional security measures, we believe that this incident is contained. Visa has removed us from the PCI compliance list pending the results and resolution of our work. Upon reflection, this was not unexpected, and we are focused on the remediation measures necessary for full and timely PCI reinstatement. It goes without saying that we are providing uninterrupted service 24 hours per day to our customers around the world as we speak.
I cannot stress more vehemently that this does not involve our merchants, our sales partners or their relationships with their customers. Neither merchant systems nor point-of-sale devices were involved in any way. It is also important to emphasize that consumers are completely protected if any exposure were to arise. The card-issuing institutions have well-established and highly effective procedures to protect their customers. Consumers, as always, are encouraged to be vigilant by reviewing their statements and reporting any suspicious activity to the card-issuing institution. To that end, we have established a consumer website for inquiries, which will be operational later this morning. The website is www.2012infosecurityupdate.com.Operator, we will now take questions regarding the security incident. Question-and-Answer Session Operator [Operator Instructions] Your first question comes from Jim Kissane with Credit Suisse. James F. Kissane - Crédit Suisse AG, Research Division Paul, how quickly do you think you'll be back on Visa's approved processor list? And just a follow-up, I mean, you're calling it unauthorized access as opposed to a breach. What's the fine line between unauthorized access and a breach, if you can provide a little insight there? Paul R. Garcia Okay, Jim. In terms of when will we get our ROC back, our record of compliance, so I will tell you that prior to the event -- to the -- we can say, breach, and prior to the breach -- I think they're synonymous is really the answer to your second question. Prior to the breach, we were -- we received a report of compliance, and then after the breach, we were removed. I think it's a little bit like a Joseph Heller novel, Catch-22. I mean, you are compliant prior. If something happens, by definition, you’re no longer. And therefore, that's not totally unexpected. The important thing is we're open for business and processing transactions. Now how quickly can we get back? That is something we are absolutely focused on, and we're working around the clock, literally. And we're working collaboratively with all the associations to get that ROC back. And quite frankly, we have every expectation that will happen as expeditiously as possible. But this is somewhat nascent in that, remember, this was self-discovered, self-reported. No one came to us. No one said there's records of all kinds of incidents out there, with cardholders reporting incidents and banks having concern. None of that happened. We found this. We reported it. Within hours, we reported it. And this is -- the investigation is still continuing. So there's parts of this, Jim, that we still need to resolve and button up. Although it's absolutely contained -- to the best of our ability and opinion, it's absolutely contained. We know we have some work to do to get with the associations to get this ROC back. So long, windy answer to saying it's going to be as soon as possible. We're working very diligently, but I think it's going to take a little time, yes. Read the rest of this transcript for free on seekingalpha.com