American Express 2010 Annual Report Download - page 50

Download and view the complete annual report

Please find page 50 of the 2010 American Express annual report below. You can navigate through the pages in the report by either clicking on the pages listed below, or by using the keyword search tool below to find specific information within the annual report.

Page out of 127

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
  • 115
  • 116
  • 117
  • 118
  • 119
  • 120
  • 121
  • 122
  • 123
  • 124
  • 125
  • 126
  • 127

RISK MANAGEMENT
GOVERNANCE
The Audit and Risk Committee of the Board approves the
Company’s Enterprise-wide Risk Management Policy and all
its subordinate risk policies. The Enterprise-wide Risk
Management Policy defines risk management objectives, risk
appetite, risk limits and escalation triggers, and establishes the
governance structure for managing risk. The Policy focuses on
the major risks that are relevant to the Company given its
business model — credit risk (individual and institutional),
operational risk, funding and liquidity risk, market risk and
reputational risk. Internal management committees, including
the Enterprise Risk Management Committee (ERMC), chaired
by the Company’s Chief Risk Officer, and the Asset-Liability
Committee (ALCO), chaired by the Company’s Chief Financial
Officer, are responsible for implementing the Policy across the
Company. Additionally, in 2010, the Risk Management
organization developed a group to independently validate
models used to manage the Company’s risk.
CREDIT RISK MANAGEMENT PROCESS
Credit risk is defined as loss due to obligor or counterparty
default. Credit risks in the Company are divided into two broad
categories: individual and institutional. Each has distinct risk
management tools and metrics. Business units that create
individual or institutional credit risk exposures of significant
importance are supported by dedicated risk management teams,
each led by a Chief Credit Officer. To preserve independence,
Chief Credit Officers for all business units have a solid line
reporting relationship to the Company’s Chief Risk Officer.
INDIVIDUAL CREDIT RISK
Individual credit risk arises principally from consumer and small
business charge cards, credit cards, lines of credit, loans and
prepaid products. These portfolios consist of millions of
customers across multiple geographies, occupations, industries
and levels of net worth. The Company benefits from the high-
quality profile of its customers, which is driven by brand,
premium customer servicing, product features and risk
management capabilities which span underwriting, customer
management and collections. Externally, the risk in these
portfolios is correlated with broad economic trends, such as
unemployment rates, GDP growth, and home values, which can
affect customer liquidity.
The business unit leaders and their embedded Chief Credit
Officers take the lead in managing this process. These Chief
Credit Officers are guided by the Individual Credit Policy
Committee which is responsible for implementation and
enforcement of the Individual Credit Risk Policy. This policy
is further supported by subordinate policies and operating
manuals covering decision logic and processes of credit
extension, including prospecting, new account approvals,
authorizations, line management and collections. The
subordinate risk policies and operating manuals are designed
to assure consistent application of risk management principles
and standardized reporting of asset quality and loss recognition.
Individual credit risk management is supported by
sophisticated proprietary scoring and decision-making models
that use the most up-to-date proprietary information on
prospects and customers, such as spending and payment
history, data feeds from credit bureaus and mortgage
information. Additional data, such as new commercial
variables, were integrated into the Company’s models in the
early stages of the recent economic downturn to further mitigate
small business risk. The Company has developed data-driven
economic decision logic for each customer interaction to better
serve its customers.
INSTITUTIONAL CREDIT RISK
Institutional credit risk arises principally within the Company’s
Global Corporate Card Services, Merchant Services and
Network Services, prepaid services, foreign exchange services
businesses, and investment activities. Unlike individual credit,
institutional credit risk is characterized by a lower loss frequency
but higher severity. It is affected both by general economic
conditions and by customer-specific events. The absence of
large losses in any given year or over several years is not
necessarily representative of the level of risk of institutional
portfolios, given the infrequency of loss events in such portfolios.
Similar to Individual Credit Risk, business units taking
institutional risks are supported by Chief Credit Officers.
These officers are guided by the Institutional Risk
Management Committee (IRMC) which is responsible for
implementation and enforcement of the Policy and for
providing guidance to the credit officers of each business unit
with substantial institutional credit risk exposures. The
committee, along with business unit Chief Credit Officers,
make investment decisions in core risk capabilities, ensure
proper implementation of the underwriting standards and
contractual rights of risk mitigation, monitor risk exposures,
and determine risk mitigation actions. The IRMC formally
reviews large institutional exposures to ensure compliance
with ERMC guidelines and procedures and escalates them to
the ERMC as appropriate. At the same time, the IRMC provides
guidance to business unit risk teams to optimize risk-adjusted
returns on capital. A company-wide risk rating utility and a
specialized airline risk group provide risk assessment of
institutional obligors.
MARKET RISK MANAGEMENT PROCESS
Market risk is the risk to earnings or value resulting from
movements in market prices. The Company’s market risk
exposure is primarily generated by:
Interest rate risk in its card, insurance and Travelers Cheque
businesses, as well as its investment portfolios; and
Foreign exchange risk in its operations outside the
United States.
48
AMERICAN EXPRESS COMPANY
2010 FINANCIAL REVIEW