Equifax Inc (EFX) — Q4 2017 Earnings Call Transcript

Thanks, and good morning, everyone. Welcome to today's conference call. I'm Jeff Dodge with Investor Relations. And with me today are Paulino Barros, Chief Executive Officer; John Gamble, Chief Financial Officer; and Trevor Burns, Investor Relations. Today's call is being recorded. An archive of the recording will be available later today in the Investor Relations section in the About Equifax tab of our website at www.equifax.com. During this call, we will be making certain forward-looking statements to help you understand Equifax and its business environment. These statements involve a number of risks, uncertainties, and other factors that could cause actual results to differ materially from our expectations. Certain risk factors inherent in our business are set forth in filings with the SEC, including our 2017 Form 10-K and subsequent filings. Also, we will be referring to certain non-GAAP financial measures, including adjusted EPS attributable to Equifax and adjusted EBITDA, which will be adjusted for certain items that affect the comparability of the underlying operational performance. For the fourth quarter of 2017, adjusted EPS attributable to Equifax excludes, among other things, acquisition-related amortization expense; certain costs related to the cybersecurity incident, including costs to investigate and remediate the cybersecurity incident; legal and professional services; a contingent liability for costs associated with providing free credit file monitoring and identity theft protection services to consumers; and the income tax effects of stock awards recognized upon vesting or settlement and in the recently enacted U.S. Tax Cuts and Jobs Act of 2017. Adjusted EBITDA is defined as net income attributable to Equifax adding back interest expense, net of interest income; depreciation and amortization; income tax expense and also excluding certain one-time items, including the cost related to the cybersecurity incident. These non-GAAP measures are detailed in reconciliation tables, which are included with our earnings release and are also posted on our website. Now, I'd like to turn it over to Paulino.

Thank you, Jeff, and good morning, everyone. Yesterday, we provided an update on the cybersecurity incident that occurred last year. Let me provide now some perspective. In conjunction with the forensic investigation completed last fall by Mandiant, we concluded that the attack was predominantly focused on selling Social Security numbers. So, we worked with Mandiant and defined a reasonable and sound methodology that used names and Social Security numbers as the key data elements to identify persons impacted. As we continued to analyze the data, we were able to identify approximately 2.4 million consumers, whose names and partial driver's license information were stolen, but who were not in the previously identified population. The information was partial because in the vast majority of cases, it did not include home addresses, state of issuance, date of issuance, and/or expiration dates. They were not identified using the original methodology as their Social Security number was not stolen. We used proprietary company records that the attacker did not steal and engaged the resources of external data providers in order to identify these consumers. Additional details on this can be found in yesterday's press release and in our 10-K. Ever since September 7, we have taken and will continue to take steps to reach out and assist consumers and our customers. Transparency and open communication have been the cornerstone of our efforts following the disclosure. It is with this commitment in mind that we are actively reaching out and will be offering those additional consumers identity theft protection and file monitoring services at no cost today. In the four months since our third quarter earnings release, we have made substantial progress in the four critical areas of focus I highlighted. I would like to thank our 10,000-plus employees around the world for their tremendous execution and dedication over this period. I would also like to thank our customers and partners for their support as we remediate the cybersecurity incident and restore our reputation. There will still be a lot of heavy lifting in 2018 and 2019 as we execute our information technology and data security plans, work to regain the confidence of our customers and consumers, work with regulators and state and federal governments, and develop new solutions to protect sensitive consumer information in today's rapidly advancing technology ecosystem. The Equifax teams understand the need for consistent strong execution against our plans over the next 18 to 24-month period, with a focus on making Equifax a global leader in information technology and data security and to reestablish Equifax as the innovator in delivering data and analytics-based solutions and insights our customers use to make better decisions. Fourth quarter financial results from ongoing operations came in better than expected, both from revenue and cash EPS. Growth costs related to the cybersecurity incident came in about as expected, and we were partially offset by insurance recoveries in the quarter. John Gamble will walk you through the details of the results, including the net costs related to the cybersecurity incident and the impact of the U.S. tax reform, as well as provide our current view of full year 2018. We continue to make great progress on the four critical areas of focus we highlighted in our third quarter 2017 earnings call in November. These critical efforts are being closely managed by our transformation office with the support of outside advisors. First, improving consumer support and consumers' ability to understand and control access to credit information. We believe that the data and analytical service that Equifax provides substantially increases transparency in credit decisions, allowing financial institutions and other businesses to make more informed and timely consumer credit decisions. Equifax believes, in general, this increases access to and reduces the cost of credit to consumers worldwide. We are committed to work with others in our industry in providing education to help consumers better understand the role we play in the financial ecosystem and provide the technology to help consumers control access to credit information about them. We substantially improved both online and consumer support related to the TrustedID Premier service. We offer it free to all U.S. consumers, including the free-for-life Lock & Alert service launched on January 31. We believe both the online and call center support experience will continue to substantially improve throughout the quarter. Through February 23, 97% of calls were answered in less than 30 seconds, and the abandon rate was less than 1%. We will continue to make improvements in the service throughout 2018. The period in which we offer free credit freezes has been extended through June 2018. Currently, the number of credit freezes are less than 2% of the total U.S. credit file. This level of credit freezes has been relatively stable since mid-November. Lock & Alert was successfully launched on January 31, as we committed last fall. The service we offer is simple and easy-to-use. A consumer can be seen in front of a lending officer, unlock their Equifax credit report, complete the loan approval process, and then lock their report again. The ultimate control for the consumer is facilitating a decision for our product or service the consumer wants when they want it, and without exposing the information to fraudsters or criminals. We have developed educational material to help consumers understand personal credit information and how they can best protect that information from fraudulent use. The material includes new video content to aid interest and educating, using everyday terms and language the consumer can easily understand. It can be found on our equifax.com website. We have also integrated social media, including YouTube, Facebook, and Twitter, to facilitate a new, more consumer-friendly conversation. I encourage each of you to try the service. Second, ensuring we take significant action to protect the consumer and commercial data that has been entrusted to us around the world. We are committed to becoming an industry leader in information technology and information security management, and the plans we have established reflect this goal. Substantial progress has been made since November, working closely with our partners in four critical areas. A, strengthening IT and data security at the infrastructure network and application layers. Cyber operations have been enhanced to provide broad and redundant network visibility, intrusion protection detection, and access monitoring and controls. At present, we have three redundant teams, two external, executing cyber operations and system monitoring. We are and will continue implementing what we believe are industry best practices in systems. We announced the permanent CISO last week, Jamil Farshchi. He comes to Equifax with great experience from Home Depot, Time Warner, Visa, and NASA. Russ Ayres, our Interim CISO, will work with Jamil during a leadership transition period to ensure we maintain consistency in our interactions with customers and regulators. Russ will continue with Equifax in a senior leadership position. I want to personally thank Russ Ayres for his incredible work over the past 6 months. Work to streamline and simplify our networks and application infrastructure has extended and accelerated. This initiative will not only enhance our security posture by reducing what is known as the attack surface, but it will also support the rest of product execution. Lower complexity should also enhance our network resiliency and ultimately lower costs. Modern processes and structures for the management of information technology and data security have been and will continue to be refined. We are adopting a robust enterprise risk management framework based on the three lines of defense used by leading financial institutions and in line with the Federal Financial Institutions Examination Council's, FFIEC, framework. Let me explain this model. The first line of defense is the operational line—the organizational leader, who directly owns and manages the risk, in this case, IT and security. The second line of defense provides risk oversight. We are substantially building out a risk office, which will have a direct reporting line to technology and other committees of the board. The risk office will be responsible for establishing risk frameworks, policies, and standards, performing independent risk-based monitoring and testing, and independently identifying and assessing material IT and security risks. The third line of defense is, as expected, our internal audit group, which we will supplement with third-party support. Internal audit, working with third-party auditors, will audit the effectiveness of the second line oversight, as well as doing direct, extended audits of the first line. The technology committee of the board has been tasked with overseeing IT security and data governance. The risk office being formed will have independent reporting to the technology committee. Internal audit and certified audit plans and results will be revealed by the technology committee. An outside adviser, currently PwC, will report quarterly to the technology committee on the progress of our enhanced technology and information security governance against plans and will annually provide an overall risk assessment. Risk escalation processes have been revised to support rapid escalation of potential information and data security events, as well as other areas that would possibly require public disclosure and/or the suspension of trading in Equifax securities by executives or personnel. The annual incentive plans for all employees have been revised to include achievement of information technology and data security priorities. Also, the senior leadership team will have additional measurable MBOs tied to information technology and data security. Enhanced data governance and protection practices are moving forward as well. We have added a Chief Privacy and Data Governance Officer to lead this area and drive consistent practices globally. Our 2018 and 2019 IT and security plans are substantially in place and execution is underway. Third, working with customers and partners to gain their insights reviewed for us and, most importantly, solidify our historic relationships. Transparency into the cybersecurity incident, our response, and our overall plans is a continued area of focus. Over the past four months, we have significantly extended the path and frequency of detailed customer and partner meetings, both domestic and international. We believe these briefings have provided much greater clarity for both our customers and partners. In addition to specific customer reviews, multiple whole-day group briefings have been held for groups of customers and partner executives and security teams. The meetings have focused on detailed discussions of the incident, our immediate response, and most importantly, our mid and long-term information technology and data security plans. These briefings were led by our business unit presidents, our CISO, our CIO, our Chief Transformation Officer, and PwC. We believe we're making good progress with customers and partners in terms of regaining their trust and their willingness to utilize our new and unique product offerings. As expected, we did see an impact related to these factors on our USIS and Workforce Solutions revenue in the fourth quarter of 2017. However, we saw this impact lessen as we moved through the quarter and more customers began purchasing new products as discreet services. GCS revenue was impacted in the fourth quarter of 2017 to a greater extent than the third quarter of 2017, and the subscriber base was impacted by churn and the substantial reduction in customer additions. This was expected. As we stopped all direct-to-consumer advertising and gross selling activities in September, customers and partners continue to offer assistance and are collaborating to help us accelerate our IT data security implementations, and we greatly appreciate this partnership. Fourth, responding to and working with government and other regulatory bodies as they investigate the incident. We are incorporating and working closely with U.S. state and federal regulatory agencies and legislators and several regulatory agencies outside the United States as they continue their investigation of the cybersecurity incident. We continue to be fully committed to re-earning the trust of consumers and the governmental bodies chartered with protecting those consumers. The 2017 10-K filed last night provides details regarding the legal and regulatory claims against Equifax, generated related to the cybersecurity incident. Due to the very early stage in the process of these claims, we are unable to provide any view of potential outcomes. As we look to 2018, in addition to our commitment to the four critical focus areas we just discussed, the business units are executing on their critical growth initiatives. Across USIS, Workforce Solutions, and International, there are three common themes. First, explaining the impact of analytics, including machine learning through Cambrian Ignite. Two, increasing penetration in the identity and fraud markets. And three, continuing to grow solutions that integrate Equifax customers and third-party data sources, utilizing our global interconnect decisioning and IP gateway platforms. USIS will drive New Product Innovation, NPI, and penetration of existing products through: one, driving Cambrian, Ignite and marketplace solutions across more customers and verticals, including trended data solutions and machine learning-based solutions; two, expanding real estate beyond mortgage to include rental markets and data; third, extending InstaTouch, an InterConnect-based product, across more verticals and customer interaction use cases; fourth, driving market adoption of identity verification products, only ID, and other platform-based products new to the market, late in 2017; and five, increasing market friction of our data-driven marketing solutions. International had an outstanding year in 2017, particularly with delivering strong NPI-based growth. In 2018, they will drive growth through: one, increasing Cambrian, Ignite based solutions in Canada and Australia, including trended data and machine learning-based solutions, deploying Cambrian throughout Latin America and the U.K. to accelerate their delivery of advanced analytics; two, expanding market penetration in fraud prevention in Australia and Latin America using our global fraud exchange platform; three, building on their success in growing debt management globally, leveraging recent wins in Latin America and Canada; and four, building on recent wins in Europe, Canada and Latin America in decisioning solutions based on analytics through Cambrian and our InterConnect platform. Workforce Solutions delivered yet another strong year in 2017, driven by growth in the verification business. In 2018, they'll continue to drive growth through: one, continued expansion of channel partners and growth of records in the verification database, leveraging significant operational improvements in the process of loading records into the database and accessing the database for verifications; two, international expansion of the verification business into Canada and Australia; and third, in Employer Services, expansion of our services in hiring and onboarding solutions. The Global Consumer Solution business unit is the most directly tasked with our critical focus on improving consumer support. The U.S. consumer direct revenue was most significantly impacted by the cybersecurity incident. In the first quarter of 2018, as we launch the new free Lock and Alert service, we will continue to refrain from direct-to-consumer advertising for U.S. consumer direct-based products. We continue to evaluate the U.S. consumer direct business and will provide an update to you as decisions are made. As they enter 2018, the GCS team will be focused on: First, continue the launch of Lock & Alert following the launch on January 31 and ensuring the delivery of outstanding service to the users of our TrustedID Premier service; second, improving the overall service levels throughout our worldwide consumer direct business; and third, beating and expanding our successful direct-to-consumer reseller business and our recent ID Watchdog acquisition in the U.S. In NPI, our New Product Innovation, continues to make strong contributions to our revenue growth. We ended 2017 with 55 new product launches, a 10% vitality index, and 107 active new product initiatives in the pipeline for 2018. Our current outlook for 2018 is to further build on the success we realized in 2017 and the three drivers of NPI revenue for 2018 included: InstaTouch, digital ID, IBM fraud, Ignite and Cambrian compliance and connect, and a variety of new solutions in the housing and auto verticals. In 2018, the economic background for the major markets we service each generated favorable results. Our expectation is that U.S. GDP will be up between 2.5% and 3%. We expect modest growth in consumer credit, excluding mortgage. Mortgage market inquiries volume is expected to be down double digits for the full year of 2018 as we expect refinancing to be down consistent with 2017, with purchase inquiry volume up strongly. Consumer credit activity is expected to be broadly up across autos, bank card, retail card, non-revolving credit, and home equity. Internationally, we are expecting the U.K. and Canada to show slow growth with GDP growth slightly under 2%. Australia is expected to show good growth at around 2.5% with growth in Spain slowing to just under 3%. The strongest growth is expected in Latin America, where our largest countries of Argentina and Chile are expected to see increased GDP growth. As we have said before, I and the entire Equifax organization apologize to the individuals whose personal information was stolen in the cyberattack, and we apologize as well to our customers, partners, investors, communities, and our colleagues, who were disrupted by the cybersecurity incident at Equifax. And as I have met with our employees throughout the world, there's a consistent and great commitment to continue to execute on the critical objectives discussed today and last quarter, and to continue to deliver with differentiated products and solutions to our customers based on the industry-leading analytics and unique data assets that allow us to deliver consistent growth and performance over the past decade. They are also committed to regaining the consumer's trust and confidence in how we manage, secure, and use information about them. With that, let me hand it over to John.

Thank you, Paulino, and good morning, everyone. As before, I will generally be referring to the financial results from continuing operations represented on a GAAP basis. For 2017, additional items excluded from our non-GAAP results are the one-time cost related to the cybersecurity incident and the one-time benefit related to the U.S. Tax Cuts and Jobs Act of 2017. We'll provide details on these two items so you can consider them in your analysis. In total, in 2017, we incurred nonrecurring costs related to the cybersecurity incident of $164 million. These have been partially offset by insurance recoveries of $50 million, resulting in a net nonrecurring charge of $114 million. The $113 million of gross costs were generally for legal, cyber forensic investigations, and other professional services related to the investigation of the incident or nonrecurring actions to improve security. $51 million in accrued and incurred gross expenses related to the TrustedID Premier service we offered free to all U.S. citizens. This represents our estimate of costs to service individuals using the service today. The above costs are offset by $50 million of insurance recoveries for costs incurred to date and for which we have received the cash. We have $125 million of cybersecurity insurance under our E&L policy. We continue to expect to make claims to fully utilize the policy. In 4Q 2017, the net nonrecurring costs related to the cybersecurity incident were $27 million. This reflected $77 million in gross cost, principally legal and other professional services related to the investigation of the incident or actions to improve security, offset by the $50 million of insurance recoveries, $15 million of which was received in 2017. The $77 million in gross costs were consistent with the guidance we provided in November. In 4Q 2017, we had a $48 million nonrecurring after-tax benefit from the U.S. Tax Cuts and Jobs Act of 2017. This benefit was principally from the remeasurement of deferred tax liabilities at the lower U.S. tax rate, which was partially offset by lower benefits of various foreign tax items. We expect our effective tax rate in 2018 to be approximately 27%. There are still some aspects of the law that need further clarification, and as these become clearer, our expected tax rate could change. Now let's look at our operating results for the quarter. Total revenue for the quarter was $839 million, up 5% on a reported basis and up 4% on a local currency basis from Q4 2016. For the quarter, FX was an $8 million benefit. Adjusted EPS was $1.39, down 2%. In the quarter, we estimate that the cybersecurity incident negatively impacted total company revenue by just over 3%. This was consistent with the guidance we provided in November. USIS revenue in 4Q 2017 was $313 million, down 1% compared to the fourth quarter of 2016. We estimate that the impact from the cybersecurity incident for USIS negatively impacted revenue by about 3.5% in the quarter. Online Information Solutions revenue was $211 million flat, when compared to the year-ago period. The decline in mortgage market activity, along with a negative impact of the cybersecurity incident, was partially offset by growth in other online activities, including banking in addition to growth in our ID and fraud solutions. Total mortgage-related revenue for USIS was down 5% and total mortgage-related revenue for Equifax, including Workforce Solutions, was down less than 1%. This quarter was the first where we did not have the year-over-year benefit from trended data. As before, our performance continues to outpace the overall mortgage market, which increased down approximately 7%. For the year, U.S. total mortgage-related revenue was up 7%. Overall mortgage market increases were down for the year approximately 6%. Financial Marketing Services revenue was $69 million in 4Q 2017, up 1%. Revenue in this segment tends to be project-oriented and as such, was more impacted by the cybersecurity incident. As we move through the quarter, performance in the segment improved. Normalizing USIS revenue for the estimated negative impact of the cybersecurity incident and a flat mortgage market, USIS revenue growth would have been between 4% and 5%. The adjusted EBITDA margin for USIS was 48.5%, down from 51% in 4Q 2016. The lower margins reflect the revenue decline in 2017. International revenue was $245 million in 4Q 2017, up 15% on a reported basis and up 12% on a local currency basis. Growth was broad-based and benefited greatly from the new product revenue, which was very strong. Asia Pacific revenue was $79 million, up 12% in U.S. dollars and up 10% in local currency. Europe's revenue was $75 million in 4Q 2017, up 17% in U.S. dollars and 9% in local currency. Both the U.K. and Spain saw strong growth across their credit businesses. Latin America's revenue was $55 million in 4Q 2017, up 16% in U.S. dollars and 19% in local currency. Growth was again led by our largest countries of Argentina and Chile. Canada's revenue was $36 million, up 18% in U.S. dollars and up 12% in local currency. Canada's growth was broad-based and reflects the strong performance shown throughout 2017. International's adjusted EBITDA margin was 28.3% in 4Q 2017, down from 30.3% a year ago. The year-to-year decline was driven principally by litigation accruals unrelated to the cybersecurity incident. Workforce Solutions revenue was $183 million in the quarter, up 6% when compared to 4Q 2016. The cybersecurity incident impacted revenue by approximately 3.5 points and impacted the discrete business of Employer Services, and to a lesser degree, that of Verification Service. As the impact in EWS was more concentrated with government customers, we expect that to extend further into 2018 than with USIS. Excluding this impact, growth in 4Q was similar to 3Q 2017. Verification Services revenue was $126 million, up 11% with auto, consumer finance, government, and talent solutions all delivering double-digit growth in the quarter. Employer Services revenue of $57 million was down 5% versus last year. Employer Services, excluding Workforce Analytics, was down approximately 3%. This is the portion of Employer Services impacted by the cybersecurity incident, and excluding this impact, we would have seen low single-digit growth. Workforce Analytics, the portion of the business that services employers in complying with the Affordable Care Act, was down about 10%. This was in line with our expectations for the quarter. Workforce Solutions adjusted EBITDA margin was 45.5% in 4Q 2017, down 30 basis points from the 45.8% in 4Q 2016. Severance costs incurred in the quarter more than explained the decline in margin. Global Consumer Solutions revenue at $97 million in 4Q 2017 was down 2% on a reported basis and on a local currency basis. Revenue for the quarter was benefited by the ID Watchdog acquisition by about 4 points. Our U.S. consumer direct revenue declined almost 15% in the quarter as a result of the cybersecurity incident and the TrustedID services we offer to consumers, as we stopped marketing all U.S. direct-to-consumer revenue-generating products in September. Therefore, we saw increased consumer churn levels in 4Q 2017. We do not intend to advertise our U.S. paid products in the first half of 2018. Our 4Q 2017 partner and reseller revenue in our Canadian consumer direct revenues were slightly higher than in 4Q 2016. Adjusted EBITDA margin was 32.4% in 4Q 2017, down about 2 points from 4Q 2016. In the fourth quarter, general corporate expense was $77 million. Excluding the nonrecurring costs associated with the cybersecurity incident in 2017, the adjusted general corporate expense for the quarter was $55 million, down about $2 million from 4Q 2016. Adjusted EBITDA margin for Equifax was 34.8%, down 170 basis points from 4Q 2016. Our GAAP effective tax rate was a 1.2% benefit in the quarter, reflecting the $48 million tax benefit from the U.S. Tax Cuts and Jobs Act of 2017 and the $2 million benefit from the income tax effect of stock awards. Excluding nonrecurring items, our 4Q 2017 effective tax rate using calculated adjusted EPS was 31.6%. In 4Q 2017, operating cash flow was $207 million in free cash flow, which includes $60 million of capital expenditures, was $147 million. For calendar year 2017, operating cash flow was $816 million and free cash flow, which includes $218 million of capital expenditures, was $598 million, down 1% and 8%, respectively. Cash outflow related to the cybersecurity incident, including capital spending, was about $85 million in 2017, heavily in the fourth quarter. Capital spending incurred in the quarter was $61 million for 2017, total capital spending was $218 million, or just over 6% of revenue. Total cash balance at year-end was $0.34 billion with total debt at year-end of $2.7 billion. Our net debt at year-end of about $2.37 billion was down $175 million from year-end 2016. Our gross leverage was 2.34x EBITDA and our net leverage was 2.05x EBITDA at year-end 2017, both down from 2016. Looking at operating results for 2017 in total. At a high level, revenue of $3.36 billion was up 7% in constant currency. Organic constant currency revenue growth was about 5%. We estimate that the cybersecurity incident negatively impacted revenue by just over 1 point. Adjusted EBITDA grew almost 10% to $1.24 billion and the adjusted EBITDA margin expanded about 100 basis points to 36.8%. Adjusted EPS was $5.97, up 8%. Again, this excludes both the nonrecurring costs related to the cybersecurity incident and the nonrecurring tax benefit from the 2017 tax reform. Now moving to guidance. In 2018, Equifax will be executing against the critical focus areas Paulino outlined earlier, as well as managing through the legal and regulatory issues related to the cybersecurity incident. To provide transparency into our financial performance, in addition to our GAAP results, we will be providing guidance in the following way. Our non-GAAP financial results will include all increased costs related to IT and data security that are ongoing or permanent in nature. We will exclude from our non-GAAP financial results both the incremental or bubble costs incurred to implement our IT and data security plans and the legal and or professional service cost being incurred specifically to address the litigation and governmental and regulatory investigations related to the cybersecurity incident. We will provide separate guidance as to the combined level of these costs. In terms of measurement, we have defined incremental IT and data security project costs that will be excluded from non-GAAP results to be limited to resource additions related to the projects being executed to address IT and data security; purchases of hardware, software, or services to support projects being executed to address IT and data security; and when IT and data security projects are completed, put in service and stable, those costs will be deemed permanent and be included in non-GAAP financial results. Now on to our 2018 guidance. For 2018, at current exchange rates, we expect revenue to be between $3.425 billion and $3.525 billion, reflecting growth of 2% to 5% with about 1% benefit from FX. U.S. mortgage market inquiries are expected to be down about 10%, with the resulting revenue headwind of about 2%. We are expecting continued impact from the cybersecurity incident in 2018 with the greater impact in the first half. USIS is expected to have revenue growth percentage from flat to low single digits. Adjusted EBITDA margins are expected to decline up to 100 basis points. Workforce Solutions should have revenue growth percentage in the high single digits, approximately consistent with 2017. Adjusted EBITDA margin should be flat but up slightly. International should have revenue growth in the low double digits, but below the levels of 4Q 2017. Adjusted EBITDA margins should expand, but to a lesser degree than in 2017. Global Consumer Services should see revenue decline over 10%. U.S. consumer direct revenue will accelerate its decline and represent well under one-third of GCS revenue in 2018. Our current plans are based on the assumption that direct advertising and U.S. consumer will be minimal in 2018. The remainder of GCS is expected to deliver growth in 2018. Adjusted EBITDA margins are expected to decline significantly from 2017. Adjusted EPS is expected to be between $5.80 and $6.00 a share with approximately $0.02 benefit from FX. To provide a basis of comparison for 2018 adjusted EPS versus 2017, the following impacts outside of the business units may be helpful. Calendar year 2017 adjusted EPS of $5.97 reflects both a lower than target annual incentive plan payment to employees and an effective tax rate of 31.8%, well above the 27% we are forecasting for 2018. If you normalize 2017 for these two items, increasing AIP to target and lowering the effective tax rate to 27%, you would need to increase our 2017 adjusted EPS by approximately $0.15 a share. Ongoing costs related to IT and security, as well as costs related to the free services, including the Lock & Alert service we launched in January, are expected to be about $0.30 per share with the bulk of this cost increase in IT and security. Increased insurance costs will impact 2018 by approximately $0.10 per share. Over time, we would hope this increased insurance cost will decline. As Paulino indicated, our focus is to be a leader in IT and data security. Our investments in 2018 and 2019 will reflect this. In 2018, we are expecting approximately $200 million of net incremental IT and data security project costs and legal and professional fees being incurred specifically to address the litigation and governmental and regulatory investigations related to the cybersecurity incident. This represents gross costs of $275 million, offset by $75 million of insurance proceeds. Legal and professional fees related to litigation and regulation are expected to represent about 25% of this cost. These costs will be excluded from our non-GAAP financial results and guidance. If we are able to execute the IT and security projects more rapidly in 2018, we will do so. As a result, these cost assessments may increase. Our adjusted EBITDA margin is expected to be generally at or slightly below the levels delivered in 4Q 2017. Capital spending is expected to be approximately 8% of revenue, above the 6% level in 2016 and 2017, reflecting increased spending for IT and data security. For 1Q 2018, at current exchange rates, we expect revenue to be between $850 million and $860 million, reflecting growth of 2% to 3% with about a 1% benefit from FX. Mortgage market inquiries are expected to be down approximately 5%, with resulting headwinds to revenue growth of about 1%. Revenue growth in USIS and Workforce Solutions will be below the full-year levels discussed as we expect some continued impact from the cybersecurity incident in the first quarter. International growth will also be below the full-year expectation. Adjusted EPS is expected to be between $1.34 and $1.39 per share, with approximately $0.01 of FX benefit. Gross costs for incremental IT and data security project costs and legal and professional fees being incurred specifically to address the litigation and governmental and regulatory investigations related to the cybersecurity incident, which are excluded from our non-GAAP financial results, are expected to be approximately $70 million. This amount will be reduced by any insurance recoveries in 1Q 2018. Now let me hand it back to Paulino for some final comments.

Thanks, John. We have made a lot of progress in the quarter addressing our commitment to consumers, customers, partners, and regulators. The business units are executing well and our center of excellence is providing strong support to all our efforts. However, there's still more work ahead of us and regaining our credibility with our constituencies, including our shareholders. The DNA of this company is underpinned with both a deep commitment to strong ethical principles and values and a strong focus on execution. As I have met with our employees throughout the world, I sense a great level of enthusiasm and commitment to move this company forward with a heightened level of focus on protecting and safeguarding all of the consumer and commercial information we store and manage. And with that, operator, we will now open it up for questions.

Operator, I realize that the formal part of our presentation has been a bit longer than usual. We will stay past the 9:30 stop that we would normally do, but I doubt that we will be able to get through the queue, and so I want to apologize in advance to those who were not able to get their questions out, but we will be available later today by phone. So, with that operator, could you activate the Q&A session please.

Hi, this is Jeff Goldstein on for Toni. Thanks for taking my questions. Just now that we're almost 6 months since the breach, can you talk about how your conversations with customers have been evolving? Are the customer audits continuing? Or have you been more successful in converting new business? Do you think these audits are going to end soon? And on that topic, do you think any permanent share shift has occurred at this point?

Our conversation continues to be very positive in this sense, as I explained last quarter, coming from the emotional perspective to a more rational perspective. As you could imagine, we have been there in several hundreds of customers, talking to them about what happened, what caused it, and how it can help them actually improve. Actually, the conversation runs about how we can improve their security systems to be updated in the areas that we're doing in improving our relationship. We have two customers that have a higher level of requirements for us to achieve, but it's not the majority of the customers. The most affected area in the company is USIS; followed by Workforce Solution; and then, of course, GCS because the consumers, since we are not advertising anymore, we're not getting new consumers, and least in international. So, we haven't seen any specific share shift in the B2B side of the business. Of course, we have seen a degradation of the GCS consumer base, but no major share shifting has happened so far. And as we continue to demonstrate our ability to understand and invest in our projects for the customers, the closer they get to us, and the point they're now returning to acquire new services and products that we have.

We did talk about the impact of the cybersecurity incident on revenue, obviously, in the third and fourth quarters, and we said there'd be a continuing impact in the first quarter. So that as those impacts are now transitioning over 6 to 7 months, clearly, you're seeing some movement in revenue because of the fact that an impact to us, right? But again, as Paulino said, we think the progress is very good with our customers in terms of our conversations.

That's helpful. Thank you. And then just within USIS in the quarter, revenue growth was only down modestly, but margins were down 260 basis points. So, I was just wondering if there were more operating investments this quarter maybe in light of the breach? Or is there just anything else to call out there to explain that margin decline with revenue growth only down modestly? Thanks.

Really nothing specific, right? Obviously, the revenue at USIS is relatively rich. Mix shift can also affect it in the quarter. Our plans would have been built around assuming continued growth in USIS. So, since that didn't occur, we did have some elevated expense levels in the fourth quarter. And therefore, with the lower levels of revenue, we saw a bigger impact on margins than you saw in the third quarter, but nothing specific beyond that.

Good morning. Thanks for taking my questions. Two, one big picture, and then one just sort of making sure we understand the numbers. Regarding sort of the numbers on USIS or the overall USIS business, some of your competitors were growing sort of mid-to-high single digits. You guys said we were down minus 2%. Maybe it would have been 4% or 5% ex the breach. There's still a delta there between, I think, where your peers are and where you guys are in terms of growth. You mentioned you don't see any permanent share shift. Is the delta between those two numbers, the normalized number for you and sort of the peers, is that just a temporary delay? Or is that how we should continue to understand that, that revenue hasn't disappeared, it's just delayed? Is that right?

So, in terms of the impact of the cyber incident, again, we're not talking about revenue impacts that will have lasted 6 to 7 months. I wouldn't consider that a delay. That's revenue that has been lost. So, that's how I think you should consider that revenue. In terms of comparing us, the 4% to 5% growth, again, the model we have had prior to this, and I'm not reestablishing the model here, but I'm using it as a reference point. The prior model we had for USIS was somewhere between 5% and 7%. So, to the extent taking these effects into account and excluding them, obviously, and adjusting for mortgage, if we're somewhere near 5% given the environment we're in right now and the effects of the cybersecurity incident that might be difficult to measure, I don't think 4% to 5% is that bad.

Okay. And then the second question is just on the cost. I want to make sure I understand. You're spending money, and then determining kind of which ones are going to be ongoing and which ones sort of taper. Once you determine the expenses that are going to be ongoing, that's when you roll it into including that cost in your pro forma EPS. Am I hearing that right?

That's correct. So, in terms of when something is going to be considered nonrecurring, we're measuring it against specific project definition. So, the project has to be defined and agreed upfront and generally, some type of deployment or implementation. When that occurs or in some cases, elimination. A significant part of the spending is around the elimination of systems, not the addition of new, and when those projects are completed and then put into service and stable, then we make them ongoing. It's only the cost of getting them into service and stable that we will exclude and consider nonrecurring.

Yes, thanks. Let me just follow up on that last one. Can you give us any kind of an estimate of what the increase would be in the ongoing expense once all the stuff you're - the projects you just referenced that will be excluded now go into - once the things are turned on? I mean, should we think that's another step-up in 2019? Or is it just too hard to know at this point?

So, we gave you a specific number for 2018. I can't give you a number beyond 2018. But in general, I think the way we think about it is to the extent we're successful, a reasonable portion of what we're doing results in system simplification. And since that's the case, the simplification should actually help drive IT costs down. Now there will be some increased costs for data security over time that will continue to escalate as we go forward. We expect that to be permanent. It was happening even before the cybersecurity incident. But a significant portion of the expenditure is around simplification, which that simplification will also hopefully drive lower IT costs in the future. If you look at our total IT cost as a percent of revenue, we spend at a healthy rate today. So, there's opportunity there.

Great. Thanks. You made a couple of comments about expanding into the rental market as part of real estate. And just if I heard right, just no benefit from trended data. Can you just talk about those two items a little bit more?

Yes. And I'm sorry, just on the last question. So, there are adjustments. Obviously, the tax effects of the sale of the execution of employee stock options, et cetera, those benefits, we don't take in our non-GAAP rate, which do affect GAAP, right? So, I apologize for missing that in the last answer. So, can you ask your question again?

You mentioned that the negative revenue impact from the cyber breach improved throughout Q4. Has that trend continued throughout Q1?

Yes. Certainly, we're not going to talk really specifically about Q1 at this point. And again, just to make sure I was clear in what I said, right, it was - what we said is the impact expected from the cyber breach in the specific business lessened as we moved through the quarter, right? So, it's a statement relative to our own expectations.

Hi, John. Before you were talking, you mentioned you are going to formally restate at least part of the long-term algorithm about USIS. And I look at Page 30 of the 10-K and I see the multiyear algorithm stated and somewhat revised, 6% to 8% organic plus 1% to 2% revenue growth. And then the language that I think is revived is EPS growing faster than revenue growth over time due to operational leverage and financial leverage. Obviously, the old goal was 10% to 13%. So, my question is, now post-breach, is there a different view about operating leverage? And I just want to make sure since it's in the 10-K that 6% to 8% organic growth for the medium term is being restated today as the goal.

Okay. We're - Andrew, we're looking for that.

Okay. I'd like to thank everybody for their time and their interest. And with that, operator, we'll terminate the call.