American Express 2004 Annual Report Download - page 44

Download and view the complete annual report

Please find page 44 of the 2004 American Express annual report below. You can navigate through the pages in the report by either clicking on the pages listed below, or by using the keyword search tool below to find specific information within the annual report.

Page out of 128

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
  • 115
  • 116
  • 117
  • 118
  • 119
  • 120
  • 121
  • 122
  • 123
  • 124
  • 125
  • 126
  • 127
  • 128

Principles
The implementation of the Company’s risk management
objectives is based on the following three principles:
©Independence of risk management oversight;
©Management of risk exposures through Board-
approved risk limits; and
©Ultimate business ownership for risk-return deci-
sion making.
The Company’s risk management leaders partner with
business unit managers in making risk-return decisions
by utilizing standardized risk metrics with predictable
outcomes. The measurement and reporting of these
risks are performed independently by risk man-
agement leaders. However, business unit managers
ultimately remain accountable for the outcome of risk-
return decisions within these established limits.
Governance
Risk management governance at the Company begins
with Board oversight of risk management parameters.
The Board’s Audit Committee approves the Company’s
risk management objectives, as well as major risk limits,
policies and key process controls. Supporting the
Board in its oversight function is the Global Leadership
Team (GLT) and the Enterprise Risk Management Com-
mittee (ERMC). In addition to risk-return decision-
making, the GLT works with the ERMC to increase
awareness throughout the Company of risk-return
tradeoffs on a daily basis. The ERMC leads the
Company’s overall risk management activities by
measuring and monitoring enterprise-wide risk, and
establishing enterprise-wide risk management policies
and practices.
Daily risk management occurs at the business unit level
where the processes and infrastructure necessary to
measure and manage risk are integrated into business
unit goals. Business unit managers, in partnership with
independent risk management leaders, make decisions
regarding the assumption of risks that are within estab-
lished limits and confined to an individual business
unit. The Company has also developed a process that
provides increased scrutiny throughout the risk man-
agement governance structure and requires higher lev-
els of approval for exposures above defined risk
thresholds or that may impact different business units.
The escalation process is designed so that the large
majority of transactions and initiatives can continue to
be accommodated within existing business unit risk
management processes, while ensuring that risks with
enterprise-wide implications receive enhanced scrutiny.
Roles and Responsibilities
The ERMC is chaired by the Company’s Chief Risk
Officer. Credit officers responsible for (i) cardmember
credit risk management services, (ii) the centralized
functional responsibilities for worldwide card fraud
and information management, and (iii) banking ser-
vices all report directly to the Chief Risk Officer.
Through the ERMC, the Chief Risk Officer is also
responsible for managing and controlling overall
credit, market and operational risk exposures through-
out the Company.
In addition to the Chief Risk Officer, the ERMC is com-
posed of:
©the senior risk leaders responsible for enterprise-
wide market and operational risk (including
Internal Audit);
©the enterprise-wide leaders of compliance and
controllership; and
©the senior risk leaders of the Company’s three oper-
ating segments: TRS, AEFA and AEB.
As the most senior risk management entity, the ERMC
draws on its significant enterprise-wide risk expertise
to analyze risk comprehensively and determine accept-
able risk thresholds across the Company.
In order to enhance its enterprise-wide risk assessment,
the ERMC has begun a multi-year effort to upgrade risk
management capabilities to better measure, manage
and transparently report on risk concentrations. The
ERMC also launches focused risk management initia-
tives to assess the drivers of significant exposures and
annually prepares a plan of the significant exposures to
be reviewed by such initiatives.
Credit Risk Management Process
Credit risk is defined as the risk of loss from obligor or
counterparty default. Leadership for overall credit risk
management at the Company rests with the Chief Risk
Officer as Chairman of the ERMC. Credit risks in the
Company can be divided into two broad categories,
each with distinct risk management tools and metrics:
consumer credit risk and institutional credit risk.
Consumer Credit Risk
Consumer credit risk arises principally from the Com-
pany’s cardmember receivables and loans in TRS. As
a portfolio consisting of millions of borrowers and
individual exposures, the portfolio effect from diversi-
fication is considerable, with a loss distribution charac-
terized by a high frequency but manageable severity
that is more closely linked to general economic condi-
tions than to borrower-specific events.
AXP
AR.04
42
Financial Review