Embed Size (px)
Citation preview
Risk Solutions
Harness the power of data for good2012 Corporate Responsibility Report
2
TABLE OF CONTENTS
Welcome Letter 3
Our Mission 4
Governance 4
Ethical Standards and Business Practices 5
Privacy, Security and Compliance 5
Solutions for Society 7
Enabling Better Decisions 10
Solutions for Society:Safer Communities 11
Our People 13
Our Environment 15
Community 19
3Table of Contents
When I took over leadership of LexisNexis Risk Solutions in late 2012, I was extremely pleased to see the clear and longstanding commitment this organization has demonstrated to corporate social responsibility. I have spent the past three decades in various roles within Reed Elsevier, the parent company of LexisNexis. During that tenure, I have seen firsthand the incredibly powerful, positive social impact that a successful and conscientious business can have, both on the communities it directly serves, and on society at large.
LexisNexis Risk Solutions is well-aligned with Reed Elsevier in that respect, with a solid history of providing solutions for society. Our employees are an extremely diverse group who make their homes in countries including the United States, India, Australia, Singapore, Israel, Manila and the United Kingdom. Despite any cultural or geographic differences, the 3,000+ people of LexisNexis Risk Solutions are united by a shared commitment to making the world a better place.
Their commitment extends even beyond the workplace. Our employees have a long history of volunteerism, which we support by offering them two paid days off per year to use for their choice of volunteer activities. Energized by the awareness of how much good we can do by rolling up our sleeves and working tougher, our people logged 18,374 hours volunteering in their communities in 2012, and we donated $814,000 (cash and in-kind) to non-profit organizations.
And that’s just what they did in their free time. As coworkers here within Risk Solutions, their combined efforts helped develop and deliver products and solutions to our customers that generate a direct and positive impact on society. Our technology can help locate missing children, and detect identity theft, tax fraud, and money laundering. The process of applying for jobs, credit, insurance and housing can be sped up through the use of our solutions, as can the collection of delinquent debts. And the solutions we offer to nonprofits, government agencies, and other businesses help our customers make better decisions more quickly. Our overall goal is to leverage our resources and talents in a way that harnesses the power of big data and analytics for good.
To support our people in their efforts, we are committed to creating a working environment that promotes diversity and inclusion, and builds environmental awareness, while providing a healthy work-life balance. Only by “walking the walk” within our own workplace can we help reinforce the values that I’m so proud to see our people displaying both at work and in their communities. Thank you for your interest in this report, which I believe just scratches the surface of all the wonderful things the people of LexisNexis Risk Solutions are doing, in their ongoing quest to make a positive difference in the world.
Mark KelseyChief Executive OfficerLexisNexis Risk Solutions
A Message from Mark Kelsey, Chief Executive Officer
4Table of Contents
Our MissionWe provide essential information to advance and protect people, industry, and society.
Our ValuesOur core values, Integrity, Customer focus, Valuing our people, Passion for winning, Innovation and Boundarylessness influence how we conduct our business every day.
Our Business LexisNexis Risk Solutions provides data and analytics that enable customers to evaluate and manage risks associated with transactions and improve performance. We have more than 35 years experience in managing big data, from publicly available information such as worldwide newspapers, magazines, articles, research, case law, legal regulations, periodicals, and journals — to public records such as bankruptcies, liens, judgments, real estate records, and other types of information.
To manage, sort, link, and analyze billions of records within sub-seconds, LexisNexis Risk Solutions designed a data intensive supercomputer built on our own high performing cluster computing (HPCC) platform. This technology platform allows us to assist customers who need to sort through billions of records. We serve the risk information industry, which includes insurance, law enforcement, financial services, retail, government, utilities and healthcare.
Our data and linking technology solves problems. For example, we help insurers assess their risk and streamline the underwriting process. Retail customers use our tools to predict and prevent fraud. We work with U.S. banks to help prevent crime, achieve regulatory compliance and mitigate business risk. Our anti-money laundering solutions help fight a growing problem in this post-9/11 world, and our cyber analytics platform helps fight terrorism and espionage by drilling through network data to identify government systems communicating with suspect systems around the world.
We are a subsidiary of Reed Elsevier, a leading publisher and information provider that serves customers in more than 100 countries with more than 30,000 employees worldwide.
GovernanceGovernance and Reporting Reed Elsevier PLC, has its primary listing on the London Stock Exchange, and Reed Elsevier NV, has its primary listing on the Euronext Amsterdam Stock Exchange. Reed Elsevier PLC and Reed Elsevier NV maintain standards of corporate governance and disclosure applicable to companies listed on the stock exchanges of the United Kingdom, the Netherlands, and the United States. The effect is that a standard applying to one will, where not in conflict, also be observed by the other. Information and documents detailing our governance procedures are available to stakeholders online at www.reedelsevier.com.
The Reed Elsevier combined financial statements and the financial statements of the two parent companies, Reed Elsevier PLC and Reed Elsevier NV, are prepared in accordance with International Financial Reporting Standards.
(Read more about the Reed Elsevier corporate structure http://reporting.reedelsevier.com/ar11/governance/)
AT A GLANCE:• Headquarters: Alpharetta, Georgia • Number of offices: 27• Employees: 3,900• Most comprehensive database of public record
information in the U.S., with 34 billion public records.• Serve risk information industry clients including:
insurance, financial services, collection agencies, law enforcement, government agencies and health care providers.
5Table of Contents
Ethical Standards and Business PracticesCode of Ethics and Business ConductThe Reed Elsevier Code of Ethics and Business Conduct (the Code) is disseminated to every employee and is publicly available at http://www.reedelsevier.com/corporateresponsibility/policies/Pages/Home.aspx. The Code sets forth the standard for Reed Elsevier’s corporate behavior and individual employee and directors’ behavior and incorporates the ten principles of the UN Global Compact. The Code begins with an introduction from the Chief Executive Officer of Reed Elsevier and sets out Reed Elsevier’s standards on key ethics and compliance matters, including policies related to protecting company interests and assets; relationships with business partners, customers, suppliers, and competitors; dealings with governments; respecting colleagues and communities; and data protection. The Code also explains the responsibility of employees to report wrongdoing.
All employees receive training on the Code, data privacy and security, and on preventing bribery. By the end of 2012, 100% of current active employees completed Code training at least once. Employees are required to take refresher courses on our Code.
Privacy, Security and ComplianceA Robust, Holistic Approach to Privacy and Security is a Necessity in the MarketplaceToday, information has become one of the world’s most precious resources. Consider for a moment how information sharing is used to enrich virtually every aspect of daily lives. People depend on information to obtain car insurance, get jobs, secure loans, make online purchases and instantly communicate with friends and family. As advancements in technology have afforded new conveniences, new challenges have been posed to data privacy and security, and risks have increased.
A strong privacy, security and compliance framework is no longer just something that is nice to have, it is now business critical for organizations and a safeguard in a marketplace that is increasingly conscious of the multiple risks associated with handling data.
Good privacy is good business, and at LexisNexis Risk Solutions, the responsible use of information is one of our core beliefs. While there is no silver bullet, management of this complex issues is possible through a holistic approach. With seven primary elements, the LexisNexis Risk Solutions comprehensive privacy, security and compliance program is centered on people, process and technical management that is standards-based wherever possible.
We believe that there are seven key areas that differentiate us in the marketplace when it comes to privacy, security and compliance.
Policies, Standards and GuidelinesWe have implemented strict policies, standards, and guidelines throughout the company that govern data access, protection, transport, restriction, retention, deletion and classification for customers, employees and vendors. Policies, standards and guidelines are reviewed and updated regularly — in light of changing legal, regulatory and operational environments, as well as to address new and emerging threats. Changes are communicated to our customers, employees and vendors on an ongoing basis.
A strong privacy, security and compliance framework is no longer a nice to have, it’s business critical.
6Table of Contents
Data SecurityWe deliver a consistently high standard for data security controls across systems. In addition to utilizing more than 150 internal controls designed to prevent unauthorized access, we conduct back-end suspicious activity monitoring to detect and respond to anomalous account activity. We also work proactively to identify and resolve potential vulnerabilities in our systems.
Audit and ComplianceWe maintain a robust audit and compliance program, which involves reviewing and testing policies, standards, guidelines, as well as legal and regulatory requirements, to determine their effectiveness and the level of compliance by customers, employees and vendors. Our audit program includes in-house and third-party audits as well as independent assessments.
CredentialingLexisNexis Risk Solutions uses a proprietary customer credentialing process designed to confirm that sensitive, personal information is provided only to legitimate business entities with a permissible purpose for such access. Our credentialing and re-credentialing processes are used to evaluate: (1) customers, (2) LexisNexis Risk Solutions employees, and (3) vendors/third parties. Through these processes, LexisNexis Risk Solutions helps to mitigate the risk of fraud by verifying and re-verifying our employee background information, customer and vendor business credentials, and permissible business purposes for accessing information products, systems, and data.
Accountability Privacy, security and compliance are integrated into the business model. To us, accountability means fulfilling our obligations to customers, consumers, employees, regulators, stakeholders and shareholders.
Risk-Mitigation FrameworkWe promote the responsible use of information by employing a risk-management framework for privacy, information and physical security, and compliance. The framework is based on ISO 27002 and includes administrative, physical, and technical safeguards designed to reasonably protect the privacy, confidentiality, and security of personal information collected from or about consumers. Proprietary customer credentialing criteria and continuous security controls are also key components of the LexisNexis privacy, security and compliance framework.
Training, Communication, Outreach and Transparency We are committed to keeping both internal and external stakeholders informed and up-to-date about what we are doing to respect privacy and information security.
To aid employee understanding of our policies, we offer interactive online training to explain topics and the importance of compliance. All employees have mandatory compliance training each year. Additional training varies depending on the employee’s business and job function. Each course is implemented to meet a specific business compliance need and to ensure that employees are aware of their responsibilities.
These trainings provide examples of how policies apply in practice. Courses also highlight available resources to help employees with questions or concerns. All employees receive training on the Code, data privacy and security, and on preventing bribery. By the end of 2012, 100% of active employees completed bribery prevention training and data privacy and security training. 100% of employees in relevant job functions completed a course on fair competition and 100% of active U.S. managers completed a course on preventing workplace harassment.
Customers and vendors are informed of their obligations relating to privacy, security, and compliance. Dedicated personnel are available to assist consumers with general inquiries and requests.
For a full statement on our Data Privacy Principles click here: www.lexisnexis.com/privacy/data-privacy-principles.aspx
7Table of Contents
Solutions for Society Data Security: A Top Priority in Harnessing the Power of Data for GoodLexisNexis Risk Solutions is committed to the responsible use of information and protecting individual privacy rights. We are rigorous in our compliance with legal and regulatory guidelines. In conjunction with our parent company Reed Elsevier, we have multiple teams devoted to information security, and we undergo regular audits to meet and exceed industry and/or regulatory requirements.
At a high level, the ever present-challenge of data security consists of:• Preventing unauthorized parties from accessing
our data.
• Ensuring that those who are granted access are only allowed to do so when absolutely necessary.
• Applying security policies using the “principle of least privilege,” which requires that in a particular abstraction layer of a computing environment, every module/process/user is able to access only the information and resources that are necessary for its legitimate purpose.
• Disposing of unnecessary/expired data.
We leverage approximately 36 billion public and proprietary records that are refreshed daily with an additional 1,000,000 search records. We also process an average of 30 million transactions daily, and provide coverage on more than 500 million unique consumer identities and more than one billion unique business contacts. As a result, data security is a big job — and it’s growing every day.
Protecting data is a multi-layered task We protect the data we are entrusted with in numerous ways, which fall under two primary categories: logical and physical.
Logical protectionWe protect and control data through “granular access control,” to evaluate who should be granted access to any given type of data at any given time. This access is granted on a need-to-know basis, and is reviewed regularly through our quarterly User Access Review process. The review process helps mitigate any insider threat, by making sure people cannot access data they no longer need. We rigorously track what data is being accessed and by whom, and monitor any data flowing out of our company, watching for any suspicious or anomalous account activity.
We also perform regular vulnerability assessments using industry standard techniques, including penetration tests that employ “ethical hacking,” a methodology used to assess how effective our controls are from a potential hacker’s perspective.
In addition, we maintain intrusion detection and prevention systems, to block unwanted access and identify attempts to penetrate our systems. Users and systems are portioned off using network segmentation, to set up distinct areas of access that are protected by firewalls and other devices. All told, we apply more than 150 internal controls to prevent unauthorized access.
The growing challenge:• The amount of data being generated is growing fast.• Unstructured data (which is harder to categorize, tag
and identify) accounts for the majority of this growth.• Analysts estimate a global data compound annual
growth rate between 40% and 90%.• Data sources responsible for this growth are both
external (customer, market, social, etc.) and internal (data logs, access records, derived data, etc.).
BIG DATA CREATES A BIG CHALLENGELexisNexis Risk Solutions handles a massive amount of data, with the capacity to process over 4 petabytes of content. Along with other companies and organizations, the issue of protecting that data is a challenge that grows every day.
8Table of Contents
Our software engineering teams utilize secure application development, a set of tools and best practices focused on developing computer applications that are resistant to attack. In addition, our developers use secure code practices, and our data security resources work with our product development teams throughout the product lifecycle of each of our solutions to ensure our data is protected from external vulnerabilities. Many of our security controls are based on ISO 27002 standards, and we adhere to PCI DSS standards for our products that are related to credit card transactions, as well as SSAE-16 standards for our business services and insurance applications.
Physical ProtectionFrom a physical perspective, access to LexisNexis data centers is controlled by multifactor authentication, including biometric identification. Our facilities are monitored 24/7 by third-party security guards, and we employ closed-circuit TV surveillance and recording.
Because access to our data is granted only on a need-to-know basis, it is decommissioned promptly when no longer required. We consider a consistent data destruction policy to be essential to data security, and we make it a priority to ensure that destruction methods are appropriate to the type of data, which can include:
• Simple deletion• Wiping data using a Department of Defense (DOD)
5220.22M compliant overwrite method
• Degaussing
• Shredding to National Institute of Standards and Technology (NIST) standards
• Other industry standard physical disposal methodologies
The destruction of data is not only triggered by data expiration, but also other conditions such as a retired server, failed hard drive, or the planned re-use of a hardware component.
Continuous Audits From Watchful EyesWe keep a close eye on our data. But we also make sure there are other parties keeping a close eye on us. In addition to the numerous controls and policies applied by our own data security team, we have a completely independent corporate audit arm embedded at our headquarters in Alpharetta, GA. The Information Security Assurance group from our parent company Reed Elsevier is responsible for identifying, assessing, and reporting on information security risks across the global organization, and maintains a team onsite in Alpharetta that continually audits our data security.
These audits include regular reviews, which in 2012 focused in particular around security controls for online applications. This auditing group is also responsible for managing our compliance with Fair Credit Reporting Act (FCRA) regulations, and observes other industry standards such as Sarbanes Oxley and PCI SSC, and ensures that we meet standards set by international, federal, state and local regulatory bodies. But the amount of energy we put into testing and validating security controls goes beyond merely complying with current standards and regulations. This team is constantly researching new and emerging ways of maximizing our data security and mitigating threats.
A third internal group that focuses on data security is the Information Assurance and Data Protection Organization (IADP), which also reports directly to our parent company Reed Elsevier. The IADP establishes a framework of standards for LexisNexis to comply with, which adheres when appropriate to ISO 27002 standards as well as to company-specific criteria that have been adopted. A primary role of the IADP is to continually measure the effectiveness of the data security controls we have in place.
We also proactively engage with third-party auditors to openly assess our technical and security procedures, including physical security. In 2012, LexisNexis completed 166 onsite audits and/or questionnaires with these independent auditing bodies. These include audits by dozens of our customers such as large insurance providers, financial institutions and other businesses; data providers such as state DMVs and the major credit bureaus; and regulatory bodies and other third-party agencies and organizations. In each case, our security program is always judged as a best-practice implementation.
THIRD-PARTY AUDITSIn 2012, LexisNexis completed 166 onsite audits and/or questionnaires with independent auditing bodies.
9Table of Contents
Training for an Ever-Changing LandscapeThe data security landscape is constantly changing, with new threats emerging every day. That’s why LexisNexis offers — and requires — continuous education and training for our own people. We recognize that our security teams need to have a deep understanding not only of state-of-the-art security techniques, but also of the state-of-the-art threats that are continuously being developed to attempt to thwart our defenses. It’s an ongoing challenge, and thus, an ongoing top priority for LexisNexis.
Going Above and Beyond Mere ComplianceFor companies dealing in Big Data, the regulatory environment is understandably complex. Within the United States alone, legislation that may apply to various subsets of the data we maintain can include US: Gramm-Leach-Bliley Act (GLBA), Drivers Privacy Protection Act (DPPA), Fair Credit Report Act (FCRA), Health Insurance Portability and Accountability Act (HIPAA) and Health Information Technology for Economic and Clinical Health Act (HITECH), Patriot Act, as well as state regulations such as California’s SB 1386 bill and others. We strive to satisfy all regulations that apply to the specific solutions we offer our customers, and the numerous auditing bodies with whom we work help to ensure our compliance.
Data security goes beyond mere regulatory compliance. In that respect, the bare minimum is not enough. So we continue to grow and develop our comprehensive security program to go above and beyond the mandates of the industries we serve and the regulatory bodies that govern. Never content with standing still, we proactively continue to look for better ways to mitigate risk.
10Table of Contents
licenses can provide insight into an individual’s stability. We have compiled, integrated, digitized, indexed and analyzed public records and non-traditional data from national, state and local data sources with the goal of making this alternative data centralized, accurate, cost-effective and easily available to our customers. The result is a predictive FCRA-compliant data repository and credit-scoring technology called LexisNexis® RiskView™, which is the only alternative data credit risk assessment solution endorsed by the American Bankers Association, through its subsidiary, the Corporation for American Banking.
The huge advantage that RiskView offers to the underserved is that it is capable of generating credit scores for many of the millions of people who are considered “thin-file” (very limited credit information) or “no-file” (no previous credit history) applicants.
• We can evaluate over 40 million more consumers than traditional credit solutions.
• We have active data files on approximately 37 million individuals with no credit history, and an additional 35 million individuals with less than 18 months of credit history.
• We can score approximately 65 percent of bureau no-file and 37 percent of thin-file consumers.
By leveraging our data and analytics to help our customers make better decisions, we can potentially enable millions of people to finally get the credit they deserve. That is good news for business and consumers alike.
Enabling Better Decisions The success of a business depends on making good decisions, which requires being armed with the right information. At LexisNexis Risk Solutions, we use our data and technology to provide organizations with the information they need to make better decisions.
The impact of these better decisions extends beyond the business world. They can directly and positively impact society at an individual level, giving people access to credit that would otherwise be denied, thus creating opportunities for them to pursue an education, build a business, and enhance their lives.
Helping a Long-Ignored and Underserved Part of the PopulationApproximately 70 million individuals, or 25 percent of American adults, lack enough credit information to generate a traditional credit bureau score. This can prevent these people from being considered for credit, regardless of their ability and willingness to repay their debt obligations In fact, many of these individuals may have sufficient income and other characteristics to be considered highly creditworthy. These people are referred to as “underbanked or underserved,” and the term is accurate, in that financial institutions are unable to effectively serve them due to their inability to assess their stability, ability, and willingness to repay.
Finding New Ways to Grant Credit to the UnderservedWe have found that public records and other non-bureau data can be a highly effective tool for predicting future consumer behavior. For example, reviewing ownership status and value of assets can help to determine individuals’ ability to pay their bills. Similarly, analysis of phone listings, address change history, and professional
SHUT OUT AND MARGINALIZEDThin-file and no-file Americans are "traditionally marginalized or shut out of the credit system due to lack of information about their credit histories." – Collections & Credit Risk
11Table of Contents
Solutions for Society— Safer CommunitiesOur Products and Services: Applying Our Identity-Based Solutions and Capabilities to Fight Tax FraudIn today’s economy, many government agencies are facing some of the greatest economic challenges they have ever encountered, resulting in often drastic cutbacks in goods, services, and jobs. To add insult to injury, many of these same agencies are falling victim to levels of tax fraud that have grown to epidemic proportions. To illustrate this, in the spring of 2008 the IRS identified just over 50,000 cases of taxpayer identity theft. By 2009 that number had tripled; by 2010 it doubled again. Current estimates put tax refund fraud at up to five percent and rising, translating to billions of dollars being stolen per year.
Tax fraudsters have proven to be very cunning and industrious in the variety of their methods. They may steal or create a Social Security number (SSN), falsify W-2 information or fraudulently apply for a tax refund, often using the financial information of deceased persons or personal information stolen from large organizations to steal refunds. Many of these fraudsters assume — often correctly — that the government does not have the information and analytical resources to detect their illicit activities.
Filling a much needed investigative void created by these government agencies’ lack of resources or information, we developed a set of revenue discovery solutions to help federal, state and local governments boost revenue in these tough economic times, by detecting common but not easily discovered types of tax fraud. Our solutions have already generated tangible results in detecting fraud in two key areas:
• False claims for tax refund requests
• False claims for homestead exemptions
Screening Tax Refund Requests For Potential FraudFederal and state governments lose millions of dollars each year from tax refund fraud because they do not have access to the public records, identity-based filters, and analytic resources needed to detect fraud. To help address this problem, we developed the LexisNexis® Tax Refund Investigative Solution (TRIS), which proactively identifies tax refunds with a high probability of identity fraud. Our system leverages billions of current identity records collected from thousands of accurate and reliable sources, processed through identity-based filters that identify potentially suspicious activity that traditional rules-based filters could not detect.
With a minimum of at least one million filings and an average tax refund of $300-$500, many states may be paying out $25 million or more annually in fraudulent claims. Our Tax Refund Investigative Solution can help federal and state government agencies boost their revenues by potentially millions of dollars, by identifying fraudsters rather than raising taxes.
WHY TAX FRAUD MATTERS TO YOUGovernment agencies are not the only victims of tax fraud. When tax evaders are not discovered, law-abiding taxpayers bear the brunt of the fraud, assuming a greater tax burden or going without needed services.
REAL-WORLD EXAMPLE: SAVING GEORGIA MILLIONSLexisNexis recently implemented the TRIS solution in the state of Georgia. By leveraging the LexisNexis identity-based filters within their Anti-Fraud Program, Georgia has stated that their new system to combat tax identity fraud is working and has helped them save the state nearly $20 million.
12Table of Contents
Detecting Fraudulent Homestead Exemption Claims and Identifying Potential Revenue to RecoverLocal governments lose up to millions of dollars each year from fraudulent claims for homestead exemption tax relief (also known as property exemption, homeowner’s credit, and school tax relief). Homestead exemption fraud commonly falls into three categories:
• The taxpayer claims multiple exemptions.
• The taxpayer claims an exemption on a home that is not his/her primary residence.
• The fraudster files a claim for a taxpayer who is actually deceased.
Sadly, this type of fraud often goes undetected because many local governments do not have access to the information technology they need for cross-jurisdictional information sharing, or the capability to conduct large-scale data analysis with the data that is available. To help solve this problem, the LexisNexis® Homestead Exemption Fraud Detection Solution accesses data from more than 10,000 sources, and leverages LexID®, our advanced data linking technology, to help auditors, assessors, and appraisers uncover fraudulent homestead exemption claims and identify millions of dollars in lost revenue in taxes and back taxes owed. In other words, it could help the government create new revenue sources for years to come.
Keeping Money We All Need Out of the Wrong HandsUndiscovered tax fraud siphons away revenue from federal, state and local governments, and puts additional and unwarranted burdens on law-abiding taxpayers.
Agencies can help change that by leveraging our identity-based solutions to help them detect and prevent fraudulent activity, and direct our hard-earned tax dollars where they are needed the most. Our revenue discovery solutions represent one more way we harness the power of data for good.
AN INSIDIOUS CRIME WITH LOCAL CONSEQUENCESIronically, many of those who perpetrate this kind of fraud are among our more affluent citizens — in other words, these are people who can afford to pay the taxes they are attempting to dodge. Even worse, because these are local taxes, the revenues that are denied by these fraudulent homestead exemption claims are the very same dollars that could be supporting local teachers, firefighters and police.
REAL-WORLD EXAMPLE: DISCOVERING MORE THAN A MILLION DOLLARS IN INDIANATo date, Delaware County, Indiana has discovered almost $1,500,000 in new revenue by leveraging our Homestead Exemption Fraud Detection Solution.
13Table of Contents
Our People We recognize the collective talent and effort employees contribute to our business and the communities in which we operate. Our primary objective is to engage our people by providing meaningful opportunities towards their professional and personal growth. Our employees are our most important stakeholders.
EngagementIn the Fall, employees participate in the Risk Solutions Employee Engagement Survey. The survey measures employee motivation, commitment and advocacy. It allows us to measure our progress, see where we have improved, and identify areas where we still need to focus or increase our efforts. This is important in creating and maintaining a business environment where talented people want to work. Our management team carefully considers the results of our engagements scores and works aggressively to improve areas of concern highlighted from the survey. In 2012, our overall engagement score improved to 66.5% from 63% in 2011.
Our most recent survey results revealed that a significant majority of employees feel motivated to go the extra distance for colleagues and customers and are committed to contributing to the company’s success. In 2011, the survey revealed that our lowest score was in “advocacy”, which measures how likely our employees are to recommend working at LexisNexis.
A closer review of the advocacy responses showed that employees felt we needed to do a better job providing career development opportunities and creating a flexible work environment. This has been an area of focus for the organization and we worked throughout 2012 to address the concerns of employees. In 2012, the advocacy score moved in a positive direction, up four percentage points.
Developing Our People Our Learning and Leadership Development Program (LLDP) provides education, exposure and experience. Each new People Manager, whether an external hire or internal promotion, is assigned to complete an assessment that measures personal and interpersonal competencies, personality traits and cognitive skills. The results of the assessment are used to create personalized Individual Development Plans.
The program is designed to:
• Foster the leadership competencies that enable organizational growth and business performance.
• Enhance organizational leadership and business acumen by broadening the competency proficiency of our management team.
• Develop a common language and approach to leadership effectiveness within our company.
• Establish an ongoing platform for continuous development of our managers.
We also offer employees at every level:
• The opportunity to develop individual career paths in concert with his/her supervisor.
• Access to thousands of e-learning course offerings, libraries and a variety of classroom-based management courses led by top talent management partners.
• Programs and materials developed through partnerships with the most recognized and respected learning and development vendors.
• Complete curriculum management and tracking via the Risk Solutions learning management system.
We believe our focus in this area will not only improve our engagement scores but will also help develop future business leaders.
VALUING OUR PEOPLE “It means we put the highest priority on recruiting, developing and retaining outstanding people. When people feel appreciated and recognized, they do their best work.” - Don Welsko, SVP Human Resources, LexisNexis Risk Solutions
14Table of Contents
Performance Development ProcessThe Performance Development Process (PDP) is our process for setting performance expectations, providing a foundation for performance feedback, ensuring that employees receive an annual performance review, and supporting development discussions with managers. Our goal is that each year every employee has a minimum of a bi-annual performance and development discussion.
RecognitionWe know that our people make the difference, and we believe that when they perform at levels that go above and beyond, they should be rewarded for their efforts. One way we recognize outstanding contributions is through the Reed Elsevier Recognize Our People program. This program enables managers to recognize employees’ service milestones and outstanding performance.
In addition to the Recognize Our People Awards, Risk Solutions employees can be awarded specially made coins from senior management, supervisors and/or peers. The coin program is based on a long-standing tradition among members of the U.S. military, many of whom carry a special coin that symbolizes their pride in their unit affiliation. Known to generations of American military personnel as “challenge coins,” they are a vital part of military life today and are valued by troops in every branch of service, as a symbolic token of the camaraderie the unit members share. In recent years, use of these custom-designed coins spread first to government agencies, and then into the corporate world, where they are now used to foster pride in individual and team accomplishments, and to commemorate important milestones.
Town Hall MeetingsWe host regularly scheduled Town Hall meetings where senior leaders of the company provide business and product updates and discuss, market trends and challenges to our business environment. It is an open forum that encourages employees to ask questions of our leadership team.
Wellness Employees have access to wellness tools and resources through REACH, a program launched by the company to all U.S. Reed Elsevier locations last year supporting employees’ overall well-being. Our offices have REACH captains who plan wellness events and activities using REACH resources and funding. Some of the programs available include Weight Watchers, health fairs, biometric screenings, flu shots, fitness challenges (Keas and re:fit2win), on-site CPR training, health club membership discounts and wellness seminars covering a broad range of topics.
Diversity and InclusionWe are committed to building a workforce that reflects the diversity of our customers and communities. The Reed Elsevier Diversity and Inclusion (D&I) Statement articulates our commitment to a diverse workforce and an environment that respects individuals and their contributions, regardless of characteristics such as their gender, gender identity and /or expression, age, disability, or sexual orientation.
As stated in the Reed Elsevier Code of Ethics and Business Conduct, “We are committed to treating all employees and applicants for employment with respect and dignity, and we prohibit discrimination. We recruit, hire, develop, promote, discipline, and provide other conditions of employment without regard to race, color, religion, national origin, gender, sexual orientation, marital status, age, disability, or any other category protected by law.”
In 2012, Reed Elsevier announced a brand new Diversity and Inclusion Manager Training pilot program in which Risk Solutions’ People Managers actively participated.
To ensure alignment with Reed Elsevier’s D&I strategies, a cross-business-unit steering committee has been formed, in which we are participating. Both our Chief Marketing Officer and our Senior Director of Employee & Community Affairs serve as advisory resources on this committee.
A cornerstone of RE’s strategy is making sure all people managers are sufficiently trained in the essential D&I concepts. We recognize that our people function in many different roles throughout the Risk Solutions organization, so it’s not realistic that the same training will be relevant to each individual. That’s why we offer a broad range of D&I- related training.
We continue to support Employee Resource Groups (ERG) to drive diversity initiatives and promote career development through mentoring, workshops, leadership speakers, and external networking. Risk Solutions offices have some or all of the following Employee Resource Groups:
• The Multicultural Group celebrates different cultures, nationalities, races, religions, and ethnicities throughout the year with educational and special events.
• The Veteran’s Group supports and honors all those who have served and are serving in any branch of the United States Military.
• The PRIDE team takes an active role to form business partnerships with external organizations that promote LGBT tolerance and human rights.
• Women Connected works to develop the potential of all female associates through education, career planning, and networking and leadership development.
15Table of Contents
Our Environment We are aware of the impact our business has on the environment and are dedicated to improving our footprint. As one of the Reed Elsevier businesses, we are held to a high standard of environmental performance. We are committed to reducing negative environmental impacts and improving our environmental performance.
We actively contribute to Reed Elsevier’s overall effort to assess, prioritize and mitigate environmental risks as part of the overall risk management process. This includes adherence to Reed Elsevier’s Environmental Management System (EMS) which is based on the ISO 14001 global environmental standard. We manage the environmental risks of our activities and stipulate that “environmental risk is part of the overall risk assessment that business units are required to complete on an annual basis.” We consider, among other risks, those that require legislative compliance; have significant cost implications for the business; and those which may impact our reputation.
We are part of Reed Elsevier’s Environmental Champions network, working with other Reed Elsevier businesses to rank and track our environmental risks/opportunities. The Environmental Champions network meets periodically and is chaired by the Reed Elsevier CFO.
CoverageFollowing the guidelines of our parent company, we report on all of our facilities for which we have operational control, collecting energy, water and waste data and emissions. Environmental and financial data covers full calendar years in line with financial reporting. Primary data was only captured for our largest locations. Data reported is based on both primary and secondary data.
The criteria for primary data capture are owned properties and data centers and leased properties greater than 1,765 square meters (19,000 square feet). The focus of our environmental report is on the key LexisNexis Risk Solutions locations in the United States for which we have some operational control.
To calculate the impact of any smaller leased properties with few employees, locations are identified by type (e.g., office, storage, domestic, etc.) and Reed Elsevier’s 2011 global averages were used to estimate the balance. For these locations, we estimated electricity, water and waste impacts — all waste is attributed to landfill. In all shared buildings, impacts are allocated by occupied floor area.
Reed Elsevier collects information on our travel impacts and paper usage. In 2011, we expanded green house gas scope three impacts beyond supply chain and water, estimating employee commuting and the impact of home-based employees. To aid stakeholders, Reed Elsevier provides the environmental charting tool, in which you can select the LexisNexis Risk Solutions business unit and view our performance on each of the Reed Elsevier environmental standards.
Our ImpactWe continue to take steps to reduce our use of resources and adopt more techniques that reduce our impact and the cost of conducting business. Our CEO is responsible for complying with environmental policy and relevant government legislation and regulations. Reed Elsevier’s CFO is the most senior environmental advocate. In addition, many of our employees participate in employee-led environmental groups at many of our facilities, helping us achieve environmental improvements at a local level through commuter incentive programs, recycling initiatives, and promoting environmental awareness.
The overwhelming majority of our revenue is from information-based products and services that are delivered online and we estimate that data centers are responsible for a significant amount of our environmental impact through energy usage. Our data centers are responsible for a disproportionate amount of our energy usage.
16Table of Contents
Our StandardsReed Elsevier Environmental Standards (Annual achievement of five required for Green status, Green+ status for sites attaining seven or more standards).
Our Performance We have environmental reporting for 100% of locations in which we have operational control and we use these standards to benchmark our performance against peer businesses under Reed Elsevier. To date seven of our locations have attained Reed Elsevier’s Green Status by achieving five or more of the environmental standards.
Our performance on each of these standards by going to Reed Elsevier > Environmental Charting Tool and selecting LexisNexis Risk Solutions under business charts. For more information on these standards and our long-term targets to reduce environmental impact see Reed Elsevier CR Report > Environment > Key Issues.
WaterWater is a significant resource for us, as it is used to cool the facilities where much of our key technology is run and stored. Our Georgia data center utilizes practices to reduce the strain on local water supplies to meet Reed Elsevier standards by using well water irrigation and recycling the water used to cool the data center. The data centers in Florida do not use a chilled water system for cooling; the center is cooled with refrigerants.
WasteAs an information-based business, we do not produce material amounts of hazardous waste. Even still, we continue to make efforts to reduce the waste that we contribute to landfills with recycling, incineration and the creation of energy from waste.
Reed Elsevier Environmental Standards
AREA 2012 2013
Reporting Accurate reporting through the RE Group Environmental Survey No Change
Site Environmental Management System N/A Develop and implement a local
Environmental Management System
Certification BS 8555 Phase 1 No change
Travel Develop and implement a local travel plan No change
Renewable Energy N/A Purchase green tariff or RECs
Energy 5,400 kWh per person or EPA energy rating of 69
5,000 kWh per person or EPA rating of 69
Climate Change 2 tonnes of CO2 per person or EPA energy rating of 69
1.8 tonnes of CO2 per person or EPA energy rating of 69
Water 11m3 per person 10m3 per person
Waste 60% recycling rate 65% diverted from landfill
Office Paper 3,000 pages per person 2,800 pages per person
Data Center Performance 1.8 Power Usage Effectiveness 1.69 Power Usage Effectiveness
Award Recognition External recognition by a third party
MA
NAG
EMEN
TPE
RFO
RMA
NC
E
17Table of Contents
Many of our offices are leased and situated in shared buildings so we work closely with managing agents and landlords as well as waste contractors. Where complete measurements are not available, we use a methodology to calculate waste based on regular weight sampling and the counting of waste containers leaving our premises. Although we know local municipalities carryout some sorting and recycling, we report all waste as going to landfill unless we have evidence to the contrary.
Four LexisNexis Risk Solutions offices achieved the Reed Elsevier standard of 65% of our waste being diverted from landfills. One of our offices diverted 84% of their waste from landfills. We recycle all computer hardware and accessories (provided they can be stripped of proprietary and customer data). Each location has a designated recycling vendor that supplies certificates of recycling and/or destruction. To the extent that it is possible equipment in good working order is donated to charitable organizations.
In order to continue to reach and exceed the standards of 75% of our waste diverted from landfill by 2015, as set forth by our parent company we have recycling programs at every site. Our electronic waste is disposed of according to regulations, and is only recycled if it cannot be reused.
Energy UsageAcross all Reed Elsevier businesses the average Power Usage Efficiencies (PUE) across the major data centers improved from 1.72 in 2011, to 1.70 in 2012. PUE is a measure of how efficiently our data centers use energy. The target is 1.69 by 2015 even with increased demand. The Power Usage Efficiency for LexisNexis Risk Solutions’ data center was 1.84 in Georgia and 1.67 and 1.66, respectively for the two data centers in Florida.
In 2012, 64% of Reed Elsevier’s revenue came from online products and services. This was mirrored in energy use at data centers across the company. Data centers are responsible 49% of total energy usage, offices account for 46% and warehouses 5%. Data center efficiency continues to be of critical importance. In an effort to reduce the amount of energy used and improve energy efficiency in our data centers, in 2011, we took measures to improve efficiency including space redesign and upgrades to air handling and cooling systems and hardware.
In our offices we use sub-metering to better monitor and manage energy usage and facility employees are trained to understand the data. Thus far, we have an EPA Energy Star certification in two of our locations. Five of our locations met or exceeded Reed Elsevier’s targets for energy consumption.
We continue replacing halogen lamps with more efficient LED fixtures and the implementation of simple measures like shutting doors to conserve heat, using blinds and reflective film to stop solar glare, and running local switch off campaigns.
Climate ChangeWe follow the lead of our parent company, Reed Elsevier, in supporting activities to reduce climate change, including reducing deforestation and protecting rainforests. We support the belief that adaptations to cope with changes in climate are also necessary. For more information on Reed Elsevier’s policies and performance regarding climate change see Reed Elsevier CR Report > Environment > Key Issues.
The way we impact climate change in our business is through our business travel, car fleet and building emissions that are primarily managed by Reed Elsevier. However, we play an important role in their efforts by implementing efficiency projects in our facilities, by consolidating space and by reducing indirect emissions.
• Home based employees: 17% of our workforce is home based. To improve the reliability of data, we intend to follow the lead of Reed Elsevier in carrying out pilot projects to directly measure energy usage by home based employees.
• We encourage our employees to carpool or use alternative transportation wherever possible. In addition we partially subsidize employee vanpools and we are heavily invested in video conferencing technology. At our corporate headquarters, where more than one-third of our office-based employees are located, we partner with The Clean Air Campaign, to reduce air pollution by offering commute options. In 2012, our CAC commuters helped lessen the number of miles driven on Georgia roads by 1,745,776 miles and we have reduced CO2 emissions 1064.19 tons.
Wherever possible, we participate in Reed Elsevier’s efforts to reduce the impact that our activities have on climate through proactive measures outlined in the Reed Elsevier Climate Change Statement such as:
• Utilizing our own environmental expertise
• Setting and striving to meet our environmental reduction targets
• Understanding our environmental footprint
18Table of Contents
PaperThe Reed Elsevier Paper Policy commits us to increasing the proportion of paper we buy with recycled and certified content and to only purchase PREPS grade 3 or 5 paper wherever possible. We continue to roll out multifunctional devices for printing, scanning, and copying, and by removing standalone printers, we decrease energy, as well as paper use.
Unlike other divisions of Reed Elsevier that are still heavily vested in print publishing, the vast majority of our paper usage is in support of our business rather than to create publications. Thus, our focus is to conserve by adjusting our habits to reduce the amount of paper that we use.
As a result of our continued efforts to reduce paper usage, eight Risk Solutions locations reduced their paper usage to less than the Reed Elsevier environmental standard of 2,800 sheets per person. Our Green Teams help in this effort by sharing with colleagues the need to reduce, reuse, and recycle.
Employee ActionEmployees are a key component of our efforts to recycle, reduce our carbon footprint and support conservation efforts in our communities. Green Teams at four of our offices meet bi-monthly to discuss ways they can promote environmental awareness and to plan conservation programs.
In 2012, employee environmental activities included:
• Planting of a corporate garden in Alpharetta, Georgia.
• Planned recycling events where employees collected regular household recyclables, clothes and electronics.
19Table of Contents
Community As a company, we care deeply about positively impacting local and global communities. We demonstrate our commitment by providing time and financial contributions to make a difference.
Volunteerism remains the cornerstone of our community involvement strategy. We are committed to providing our employees with the opportunity to volunteer in their local communities. Though our LexisNexis Cares program, employees are offered two days off to volunteer with nonprofit organizations of their choice.
We further support our employee volunteer efforts by designating a Cares Champion in each of our offices. Champions act as liaisons for our Cares program by coordinating team-oriented volunteer projects, sharing best practices and participating in global RE Cares Champions Web conference meetings.
In 2012, our overall volunteer hours declined slightly from 19,700 hours in 2011 to 18,324. However, we saw an increase in the percentage of employees who volunteered from 24% to 32%. We are pleased with the percentage of employees who recorded volunteer hours in 2012, as we surpassed our parent company’s goal of 25%.
Some examples of the hundreds of volunteer projects our employees completed in 2012 include.
Stop Hunger Now (Orlando, FL)Approximately 500 members of the Risk Solutions sales team convened for their annual sales meeting in Orlando, Florida. The team accepted the challenge of providing 100,000 meals for school lunch programs in Liberia. Partnering with Stop Hunger Now, an international hunger relief organization that coordinates the distribution of food and other life-saving aid around the world, the goal was accomplished. Stop Hunger Now is driven by a vision of a world without hunger and a mission to end hunger in our lifetime by providing food and life-saving aid to the worlds’ most vulnerable and by creating a global commitment to mobilize the necessary resources. Stop Hunger Now has packaged more than 57 million meals serving more than
76 countries. This was the largest meal packaging event in Florida for Stop Hunger Now. LexisNexis Vice President of Sales Operations Scott Kolar commented, “From the feedback I heard, people were very inspired and many said it was the best cares event they have ever done.”
Almost Home Kids (Naperville, IL)Thanks to the dedicated community efforts of employees in our Bolingbrook, IL office, Almost Home Kids received a $10,000 grant from the RE Cares Challenge. Almost Home Kids offers transitional and respite care to children with complicated health needs. It is an intermediary between hospital and home, providing short-term medical care and reducing the occurrence of re-hospitalization. The team’s goal was to create a safe and peaceful space for outdoor education and therapy by purchasing and installing a pergola. Volunteers spent two days in August constructing and erecting a pergola over the patio and making several indoor improvements, including a Family Connections room where parents can meet privately with their child’s clinical staff or older children can use the computer.
Rebuilding Together OKC (Oklahoma City, OK)In September, sixty employees came together to make a difference in the lives of low-income seniors in Oklahoma City by joining Rebuilding Together OKC. Despite the heavy rains, the group never lost sight of the goal of making homes safe, warm and dry for seniors. They repaired two homes, helping out homeowners who were physically and financially unable. The volunteer crew textured and painted indoors, scraped and painted outdoors, landscaped and performed general cleaning duties. It made a huge impact for these two homeowners!
Since 1992, Rebuilding Together OKC has repaired over 1,830 homes, 29 non-profit facilities, and 8 public school buildings with the help of 50,000 volunteers. These repairs represent a value to the community of more than $20 million.
20Table of Contents
StandUp for Kids (Alpharetta, GA)Our Women Connected Employee Resource Group elected to give something back to the metro Atlanta, GA community. The group carefully considered a number of nonprofits for partnership but ultimately decided to support StandUp for Kids, a 501(c) (3) organization founded in 1990 to help rescue homeless and at-risk youth. With national headquarters in Atlanta, GA, StandUp for Kids is run almost entirely by volunteers, and has programs in a number of states.
Agreeing to execute a food drive is no easy task, especially when there are 12 specific items that need to be collected for each food packet and the goal is to collect at least six month’s worth of items. Women Connected worked strategically and efficiently by engaging the entire company in the collection process. They created inter-departmental collection challenges, utilized internal communications tools, created flyers and used word-of-mouth to promote the collection drive. As a result of their organized efforts, they collected an 8-month supply of food — exceeding their goal for the second consecutive year. Once the collection drive was over, they organized a StandUP for Kids packing party and had more than 40 volunteers commit two Cares hours to help pack the items for shipment.
Recognizing Those Who Care Award (Duluth, GA) For the second consecutive year, a LexisNexis Risk Solutions employee was honored with Reed Elsevier’s Recognizing Those Who Care Award. Pam Ollison, Supervisor, Insurance Claims Operations (Duluth, GA), was awarded with an all-expense paid trip to Delhi, India to participate in a Reed Elsevier/
PLAN International volunteer project. Nominated by one of her colleagues for the more than 1,000 volunteer hours she has spent in Haiti; Ollison is devoted to helping the orphaned children of Haiti’s 2010 earthquake. She buys additional PTO time and uses her own resources to fund her trips. She currently serves at the Jesus’ Name Orphanage (JNO) in Titanyen, Haiti, where she is helping raise funds to house orphans of the 2010 earthquake. The 16 children now living there share a small two-room shelter no larger than one standard American-sized room. In addition, Ollison has helped on many other projects in Haiti and her volunteer efforts exceed 1,000 hours. She has assisted with everything from mentoring young children and cleaning debris and rubble, to helping physically build the Greta Home Orphanage in Leogane, Haiti.
We make annual contributions to our nonprofit partners and also provide in-kind donations of our products and services.
Here is a look at our overall giving
Cash Donations 48.1%
In-Kind 40.8%
Matching Gifts 11.1%
What We GiveIn addition to supporting the volunteer efforts of our employees, we also support them in their giving. Our Matching Gift Program helps employees double the impact of the financial contributions. The company matches individual contributions up to $1,000. We further our financial commitment to those who care by offering our Cash for Caring Program. This program provides an incentive for employees to volunteer 24 hours within a calendar year. Once the hours are reached, a contribution of $500 is made to a charity of the employee’s choice.
21Table of Contents
About LexisNexis Risk SolutionsLexisNexis® Risk Solutions is a leader in providing essential information that helps customers across all industries and government predict, assess and manage risk. Combining cutting-edge technology, unique data and advanced scoring analytics, we provide products and services that address evolving client needs in the risk sector while upholding the highest standards of security and privacy. LexisNexis Risk Solutions is part of Reed Elsevier, a leading publisher and information provider that serves customers in more than 100 countries with more than 30,000 employees worldwide.
For more information, visit www.lexisnexis.com/risk
Copyright © 2013 LexisNexis. All rights reserved
