American Express 2006 Annual Report Download - page 52

Download and view the complete annual report

Please find page 52 of the 2006 American Express annual report below. You can navigate through the pages in the report by either clicking on the pages listed below, or by using the keyword search tool below to find specific information within the annual report.

Page out of 116

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
  • 115
  • 116

[ 50 ]
2006 nancial review
american express company
PRINCIPLES
The Companys risk management is based on the
following three principles:
Independence of risk management oversight;
Management of risk exposures through Board-
approved risk limits; and
Ultimate business ownership for risk-return
decision making.
The Companys risk management leaders partner with
business unit managers in making risk-return decisions
using standardized risk metrics with predictable
outcomes. The measurement and reporting of these
risks are performed independently by risk management
leaders. Both risk and business unit managers remain
jointly accountable for the outcome of risk-return
decisions within these established limits.
GOVERNANCE
The Companys risk management governance begins
with the Board oversight of risk management parameters.
The Audit Committee approves the Companys risk
management objectives, risk limits and policies. The
Global Leadership Team (GLT) and the Enterprise-
wide Risk Management Committee (ERMC) support
the Board in their oversight function. In addition to
risk-return decision-making, the GLT works with the
ERMC to invest in core risk capabilities and increase
Company-wide awareness of risk-return tradeoffs. The
ERMC leads the Companys overall risk management
activities by measuring and monitoring enterprise-wide
risk and establishing policies and practices.
Daily risk management occurs at the business unit
level where the processes and infrastructure necessary
to measure and manage risk are integrated into business
unit goals. Business unit managers, in partnership with
independent risk management leaders, make decisions
on how to optimize risk-return tradeoffs and contain
risk within established limits.
The Company has also developed a process that
provides increased scrutiny throughout the risk
management governance structure and requires higher
levels of approval for exposures above defined risk
thresholds. The escalation process is designed to ensure
that the large majority of transactions and initiatives can
proceed within existing business unit risk management
processes, while risks that are either large or with
enterprise-wide implications receive enhanced scrutiny.
ROLES AND RESPONSIBILITIES
The ERMC is chaired by the Companys Chief Risk
Officer. Given the key role of credit risk in the Company
business model, the Chief Risk Officer supervises
officers responsible for (i) credit risk management, (ii)
the centralized functional task of worldwide card fraud
and information management, and (iii) banking services.
In addition, as the Chair of the ERMC, the Chief Risk
Officer is responsible for monitoring and escalating
overall credit, market, and operational risk exposures
throughout the Company.
In addition to the Chief Risk Officer, the ERMC is
composed of:
The senior risk leaders responsible for enterprise-
wide market and operational risk;
The enterprise-wide leaders of compliance,
controllership, and information security; and
The senior risk leaders representing all three
operating segments of the Company.
As the most senior risk management entity, the
ERMC draws on its significant expertise to analyze
risk comprehensively and determine acceptable risk
thresholds across the Company.
In order to enhance its enterprise-wide risk
assessment, the ERMC continues to upgrade risk
management capabilities that help the Company
make better business and investment decisions as well
as strengthen measuring, managing and transparent
reporting of risk. The ERMC also launches focused
risk management initiatives to assess the sources of
significant exposures.
Under the ERMC leadership, committees governing
each risk type are established. These committees
are responsible for translating the ERMC guidance
and enterprise-wide risk policies into policies and
procedures for their corresponding risk types, managing
and monitoring those risks, and strengthening
risk capabilities.
CREDIT RISK MANAGEMENT PROCESS
Credit risk is defined as the risk of loss from obligor or
counterparty default. Leadership for overall credit risk
management at the Company rests with the Chief Risk
Officer. Credit risks in the Company can be divided into
two broad categories, each with distinct risk management
tools and metrics: consumer credit risk and institutional
credit risk.