OverviewOur management governance structure enables us to manage all major aspects of our business through an integrated planning and review process that includes strategic, financial, associate and risk planning. We derive much of our revenue from managing risk from customer transactions for profit. Through our management governance structure, risk and return are evaluated with a goal of producing sustainable revenue, reducing earnings volatility and increasing shareholder value. Our business exposes us to four major risks: liquidity, credit, market and operational.
Liquidity risk is the inability to accommodate liability maturities and deposit withdrawals, fund asset growth and meet contractual obligations through unconstrained access to funding at reasonable market rates. Credit risk is the risk of loss arising from customer or counterparty's inability to meet its obligation and exists in our outstanding loans and leases, trading account assets, derivative assets and unfunded lending commitments that include loan commitments, letters of credit and financial guarantees. Market risk is the potential loss due to adverse changes in the market value or yield of a position. Market value is defined as the value at which positions could be sold in a transaction with a willing and knowledgeable counterparty. Operational risk is the potential for loss resulting from events involving people, processes, technology, external events, execution, legal, compliance and regulatory matters, and reputation.
Risk Management Processes and MethodsWe have established control processes and use various methods to align risk-taking and risk management throughout our organization. These control processes and methods are designed around "three lines of defense": lines of business; Risk Management (including Compliance) joined by other support units such as Finance, Personnel and Legal; and Corporate Audit.
Our business segments each contain lines of business that are responsible for identifying, quantifying, mitigating and managing all risks. Except for trading-related business activities, interest rate risk associated with our business activities is managed centrally in the Corporate Treasury function. Lines of business management make and execute the business plan and are closest to the changing nature of risks and, therefore, we believe are best able to take actions to manage and mitigate those risks. Our management processes, structures and policies aid us in complying with laws and regulations and provide clear lines for decision-making and accountability. Wherever practical, we attempt to house decision-making authority as close to the customer as possible while retaining supervisory control functions outside of the lines of business.
The Risk Management organization translates approved business plans into approved limits, approves requests for changes to those limits, approves transactions as appropriate, and works closely with business units to establish and monitor risk parameters. Risk Management has assigned a Risk Executive to each of the four business segments who is responsible for oversight for all risks associated with that business segment.
Corporate Audit provides an independent assessment of our management and internal control systems. Corporate Audit activities are designed to provide reasonable assurance that resources are adequately protected; significant financial, managerial and operating information is materially complete, accurate and reliable; and employees' actions are in compliance with corporate policies, standards, procedures, and applicable laws and regulations.
We use various methods to manage risks at the line of business levels and corporate-wide. Examples of these methods include planning and forecasting, risk committees and forums, limits, models, and hedging strategies. Planning and forecasting facilitates analysis of actual versus planned results and provides an indication of unanticipated risk levels. Generally, risk committees and forums are comprised of lines of business, risk management, legal and finance personnel, among others, and actively monitor performance against plan, limits and potential issues. Limits, the amount of exposure that may be taken in a product, relationship, region or industry, are set based on metrics thereby seeking to align risk goals with those of each line of business and are part of our overall risk management process to help reduce the volatility of market, credit and operational losses. Models are used to estimate market value and net interest income sensitivity, and to estimate both expected and unexpected losses for each product and line of business. Hedging strategies are used to improve concentrations of credit risk to specific counterparties and to manage interest rate, foreign exchange and market risk in the portfolio.
The formal processes used to manage risk represent only one portion of our overall risk management process. Corporate culture and the actions of our associates are also critical to effective risk management. Through our Code of Ethics, we set a high standard for our associates. The Code of Ethics provides a framework for all of our associates to conduct themselves with the highest integrity in the delivery of our products or services to our customers. Additionally, we have continued to strengthen the linkage between the associate performance management process and individual compensation to encourage associates to work toward corporate-wide risk goals.
OversightThe Board of Directors evaluates risk through the Chief Executive Officer (CEO) and three Board committees. The Finance Committee reviews market, credit, liquidity and operational risk; the Asset Quality Committee reviews credit and related market risk; and the Audit Committee reviews the scope and coverage of external and corporate audit activities. Additionally, Senior Management oversight of our risk-taking and risk management activities is conducted through three senior management committees, the Risk and Capital Committee (RCC), the Asset and Liability Committee (ALCO) and the Credit Risk Committee (CRC). The RCC establishes long-term strategy and short-term operating plans. The RCC also establishes our risk appetite through corporate performance measures, capital allocations, aggregate risk levels and overall capital planning. The RCC reviews actual performance to plan and actual risk incurred to approved risk levels, including information regarding credit, market and operational risk. The ALCO, a subcommittee of the Finance Committee, approves limits for various trading activities, as well as oversees Corporate Treasury's process of using various financial instruments, both cash and derivative positions to manage interest rate risk inherent in our businesses, otherwise known as the ALM process. ALCO also reviews portfolio hedging used for managing liquidity, market and credit portfolio risks as well as interest rate risk inherent in our nontrading financial instruments and trading risk inherent in our customer and proprietary trading portfolio. Trading risk refers to the risk of loss of value and related net interest income of our trading positions. The CRC establishes corporate credit practices and limits, including industry and country concentration limits, approval requirements and exceptions. CRC also reviews business asset quality results versus plan, portfolio management, hedging results and the adequacy of the allowance for credit losses.
The following sections, Liquidity Risk Management, Credit Risk Management, Market Risk Management and Operational Risk Management, address in more detail the specific procedures, measures and analyses of the four categories of risk that we manage.
|
 |
|
