27 Social Media Compliance

In 2012, we created a Social Media Compliance team. It is responsible for staying abreast of social media developments and taking proactive measures to help ensure that we interact with customers in an appropriate manner.

Anti-Money Laundering/Anti-Terrorism/Anti-Bribery

On an ongoing basis, we are required to monitor customer accounts and activity to ensure they are in keeping with compliance, regulatory and legal requirements, as well as our risk policies. These requirements include government sanctions against certain countries.

+ Anti-Bribery, Anti-Corruption Policy Summary (PDF) Security and Fraud Protection

Our dedicated global security and fraud-management professionals develop and oversee security standards to protect our retail premises, systems and customer informa- tion against unauthorized access and use.

Among the challenges TD and the rest of the industry face are increasingly sophisticated cyber threats. Cyber criminals use a variety of malicious tools and techniques, including phishing and distributed denial of service attacks to defraud banks and their customers, steal data and damage the banks’ reputations. TD takes a vigilant, proactive, multi-layered approach to reducing the risk of cyber and other threats to the bank and our customers. This includes continuous adaptation of our security efforts that relate to threat intelligence and analytics, defensive controls, customer education and incident response. In the unlikely event customers should experience a loss from an EasyWeb or WebBroker transaction they did not authorize, they would receive 100% reimbursement.

+ Online Security Guarantee

TD Visa cardholders can now register their TD Visa cards for the new TD Visa Mobile Alerts Service. This service allows TD Visa cardholders to keep tabs on their purchases through near real-time alerts sent by Visa Canada to a mobile device or e-mail when transactions are made.

Compliance Training

Employees complete compliance courses on various topics related to consumer protection and responsible business conduct where successful completion is mandated and monitored. In 2012, we enhanced the enterprise anti- money laundering (AML) awareness and sanctions training. We also introduced specialized AML training in higher-risk areas of the bank, along with separate anti-bribery/ corruption training for all areas.

Phishing: Helping customers protect against fraud

2012 Challenges

• In March of 2012 an unencrypted backup data tape was misplaced during transport containing the account information and social security numbers of 260,000 U.S. customers and 1,000 Canadian customers. TD took action to contact all affected customers, apologizing for the incon- venience caused and offering credit monitoring and identity theft protection. TD has enhanced its protocols to protect against this event happening in the future.

• In 2012, in keeping with applicable regulations, we contacted a small pool of customers whose address and/or transactions appeared to contravene Canadian government sanctions against Iran. In some cases, it was necessary for us to close accounts. While we are confident we correctly applied the sanctions, we acknowledge that the account closures caused distress in the Iranian-Canadian community. We have listened to feedback from customers and community representatives and have taken steps to improve how we communicate in similar situations going forward.

TD 2012 Corporate Responsibility Report