American Express 2007 Annual Report Download - page 51

Download and view the complete annual report

Please find page 51 of the 2007 American Express annual report below. You can navigate through the pages in the report by either clicking on the pages listed below, or by using the keyword search tool below to find specific information within the annual report.

Page out of 118

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
  • 115
  • 116
  • 117
  • 118

[ 49 ]
2007 FINANCIAL REVIEW
AMERICAN EXPRESS COMPANY
in unused credit available to cardmembers. As discussed in
the Consolidated Liquidity and Capital Resources section,
the Company’s securitizations of cardmember loans are also
off-balance sheet. The Companys cardmember receivables
securitizations remain on the Consolidated Balance Sheets.
See Note 14 to the Consolidated Financial Statements for
discussion regarding the Companys other off-balance sheet
arrangements.
RISK MANAGEMENT
INTRODUCTION
The key objective of risk management at American Express is
to drive profitable growth and provide exceptional customer
experiences, while limiting the exposure to adverse financial
impacts. By building analytical and technological capabilities,
creating transparent limits on risk exposures, optimizing
investment decision-making, and identifying unacceptable
risks, risk management contributes to the Companys efforts to
create shareholder and customer value.
In addition to business risk, the Company recognizes four
fundamental sources of risk:
•฀Credit Risk;
•฀Market Risk;
•฀Liquidity Risk; and
•฀Operational Risk.
These risk types, which are described below, are interrelated
and span the Companys business units and geographic
locations. Because of their nature and scope, the Company
believes in managing and monitoring these risks centrally at
the enterprise-wide level and/or at the business unit level, as
appropriate. Further, management has adopted well-defined
risk-taking principles to guide the Companys business
strategy, achieve long-term shareholder objectives and deliver
outstanding customer experience.
PRINCIPLES
The Companys risk management is based on the following
three principles:
•฀Independence of risk management oversight;
•฀Management of risk exposures through Board-approved risk
limits; and
•฀Ultimate business ownership for risk-return decision-
making.
The Company’s risk management leaders partner with
business unit managers in making risk-return decisions using
standardized risk metrics with predictable outcomes. The
measurement and reporting of these risks are performed
independently by risk management leaders. Both risk and
business unit managers remain jointly accountable for the
outcome of risk-return decisions within the Board approved
limits.
GOVERNANCE
The Companys risk management governance begins with the
Board oversight of risk management parameters. The Audit
Committee of the Board approves the Companys Enterprise-
wide Risk Management policy, which defines risk management
objectives, tolerance, limits, and the governance structure. The
Enterprise-wide Risk Management Committee (ERMC),
supports the Board in its oversight function and works closely
with the Operating Committee, composed of the Companys
most senior executives, to ensure that the Board-approved risk
management objectives are fully implemented in all businesses
across the Company. The ERMC leads the Companys overall
risk management activities and ensures compliance with the
Enterprise-wide Risk Management policy by measuring and
monitoring enterprise-wide risk, establishing subordinate risk
policies and overseeing risk practices and risk committees
across the Company.
Daily risk management occurs at the business unit level
where the processes and infrastructure necessary to measure
and manage risk are integrated into business unit goals.
Business unit managers, in partnership with independent risk
management leaders, make decisions on how to optimize risk-
return decisions and contain risk within established limits.
The Company has also developed a process that provides
increased scrutiny throughout the risk management governance
structure and requires higher levels of approval for exposures
above defined risk thresholds. The escalation process is designed
to ensure that the large majority of transactions and initiatives
can proceed within the existing business unit risk management
processes, while risks that are either large or with enterprise-
wide implications receive enhanced scrutiny.
ROLES AND RESPONSIBILITIES
The ERMC is chaired by the Companys Chief Risk Officer.
Given the key role of credit risk in the Company business model,
the Chief Risk Officer directly supervises officers responsible for
(1) credit risk management, (2) the centralized functional tasks
of worldwide card fraud and information management, and (3)
banking services. In addition, as the Chair of the ERMC, the
Chief Risk Officer is responsible for monitoring and reporting
on the Companys risk profile, initiating appropriate actions to
ensure adherence to the approved risk tolerance and escalation
guidelines, as well as promoting best-in-class approaches to risk
management throughout the Company.
In addition to the Chief Risk Officer, the ERMC is
composed of:
•฀The Chief Market Risk Officer;
•฀The Chief Operational Risk Officer;
49