- 21 -
investments. Furthermore, competition for investments in Agency MBS may
lead the price of such investments to increase, which may
further limit our ability to generate desired returns. As a result, we may
not be able to acquire sufficient Agency MBS at favorable
spreads over our borrowing costs, which would materially adversely affect our
business, financial condition and results of operations.
The occurrence of cyber-incidents, or a deficiency in our cybersecurity or in those
of any of our third-party service providers could
negatively impact our business by causing a disruption to our operations, a
compromise or corruption of our confidential
information or damage to our business relationships or reputation, all of which
could negatively impact our business and results of
operations.
A cyber-incident is considered to be any adverse event that threatens the confidentiality, integrity, or availability of our information
resources or the information resources of our third-party service providers. More
specifically, a cyber-incident is an intentional attack or
an unintentional event that can include gaining unauthorized access to systems
to disrupt operations, corrupt data, or steal confidential
information. As our reliance on technology has increased, so have the risks posed
to our systems, both internal and those we have
outsourced. The primary risks that could directly result from the occurrence
of a cyber-incident include operational interruption and
private data exposure. We have implemented processes, procedures and controls to help
mitigate these risks, but these measures, as
well as our focus on mitigating the risk of a cyber-incident, do not guarantee that
our business and results of operations will not be
negatively impacted by such an incident.
We are highly dependent on communications and information systems operated by third parties,
and systems failures could
significantly disrupt our business, which may, in turn, adversely affect our business, financial condition and results of operations.
Our business is highly dependent on communications and information systems that
allow us to monitor, value, buy, sell, finance
and hedge our investments. These systems are operated by third parties
and, as a result, we have limited ability to ensure their
continued operation. In the event of a systems failure or interruption, we will have limited
ability to affect the timing and success of
systems restoration. Any failure or interruption of our systems could cause
delays or other problems in our securities trading activities,
including Agency MBS trading activities, which could have a material adverse
effect on our business, financial condition and results of
operations.
Computer malware, ransomware, viruses, and computer hacking and
phishing attacks have become more prevalent in the
financial services industry and may occur on our or certain of our third party service
providers' systems in the future. We rely heavily on
our financial, accounting and other data processing systems. Although we have
not detected a breach to date, financial services
institutions have reported breaches of their systems, some of which have
been significant. During the COVID-19 pandemic, a portion of
our employees worked remotely until June 2021,
which has caused us to rely more on virtual communication and may
increase our
exposure to cybersecurity risks. Even with all reasonable security efforts, not every breach
can be prevented or even detected. It is
possible that we, or certain of our third-party service providers have experienced
an undetected breach, and it is likely that other
financial institutions have experienced more breaches than have been detected
and reported. There is no assurance that we, or certain
of the third parties that facilitate our business activities, have not or will not experience
a breach. It is difficult to determine what, if any,
negative impact may directly result from any specific interruption or cyber-attacks or
security breaches of our networks or systems (or
the networks or systems of certain third parties that facilitate our business activities)
or any failure to maintain performance, reliability
and security of our or our certain third-party service providers' technical infrastructure,
but such computer malware, ransomware,
viruses, and computer hacking and phishing attacks may negatively affect our operations.
We depend primarily on two individuals to operate our business, and the loss of one or both
of such persons could materially
adversely affect our business, financial condition and results of operations.
We depend substantially on two individuals, Robert E. Cauley, our Chairman and Chief Executive Officer, and G. Hunter Haas, our
President, Chief Investment Officer and Chief Financial Officer, to manage our business.
We depend on the diligence, experience and
skill of Mr. Cauley and Mr. Haas in managing all aspects of our business, including the selection, acquisition, structuring and monitoring
of securities portfolios and associated borrowings. Although we
have entered into contracts and compensation arrangements with