American Express 2012 Annual Report Download - page 40

Download and view the complete annual report

Please find page 40 of the 2012 American Express annual report below. You can navigate through the pages in the report by either clicking on the pages listed below, or by using the keyword search tool below to find specific information within the annual report.

Page out of 120

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
  • 115
  • 116
  • 117
  • 118
  • 119
  • 120

AMERICAN EXPRESS COMPANY
2012 FINANCIAL REVIEW
The business unit leaders and Chief Credit Officers take the
lead in managing the individual credit risk process. These Chief
Credit Officers are guided by the Individual Credit Risk
Committee, which is responsible for implementation and
enforcement of the Individual Credit Risk Management Policy.
This policy is further supported by subordinate policies and
operating manuals covering decision logic and processes of credit
extension, including prospecting, new account approvals,
authorizations, line management and collections. The
subordinate risk policies and operating manuals are designed to
ensure consistent application of risk management principles and
standardized reporting of asset quality and loss recognition.
Individual credit risk management is supported by
sophisticated proprietary scoring and decision-making models
that use the most up-to-date proprietary information on
prospects and customers, such as spending and payment history
and data feeds from credit bureaus. Additional data, such as new
commercial variables, continue to be integrated into the risk
models to further mitigate small business risk. The Company has
developed data-driven economic decision logic for customer
interactions to better serve its customers.
INSTITUTIONAL CREDIT RISK
Institutional credit risk arises principally within the Company’s
Global Corporate Payments, Global Merchant Services, GNS,
Prepaid Services and Foreign Exchange Services businesses, as
well as investment and liquidity management activities. Unlike
individual credit risk, institutional credit risk is characterized by
a lower loss frequency but higher severity. It is affected both by
general economic conditions and by client-specific events. The
absenceoflargelossesinanygivenyearoroverseveralyearsis
not necessarily representative of the level of risk of institutional
portfolios, given the infrequency of loss events in such portfolios.
Similar to Individual Credit Risk, business units taking
institutional credit risks are supported by Chief Credit Officers.
These officers are guided by the Institutional Risk Management
Committee (IRMC), which is responsible for implementation
and enforcement of the Institutional Credit Risk Management
Policy and for providing guidance to the credit officers of each
business unit with substantial institutional credit risk exposures.
The committee, along with the business unit Chief credit
officers, make investment decisions in core risk capabilities,
ensure proper implementation of the underwriting standards
and contractual rights of risk mitigation, monitor risk exposures,
and determine risk mitigation actions. The IRMC formally
reviews large institutional risk exposures to ensure compliance
with ERMC guidelines and procedures and escalates them to the
ERMC as appropriate. At the same time, the IRMC provides
guidance to the business unit risk teams to optimize risk-
adjusted returns on capital. A centralized risk rating unit and a
specialized airline risk group provide risk assessment of
institutional obligors across the Company.
Exposure to Airline Industry
The Company has multiple important co-brand, rewards and
corporate payments arrangements with airlines. The Company’s
largest airline partner is Delta Air Lines and this relationship
includes exclusive co-brand credit card partnerships and other
arrangements including Membership Rewards, merchant
acceptance, travel and corporate payments. Refer to Note 22 in
the Consolidated Financial Statements for further details of these
relationships.
European Debt Exposure
As part of its ongoing risk management process, the Company
monitors its financial exposure to both sovereign and non-
sovereign customers and counterparties, and measures and
manages concentrations of risk by geographic regions, as well as
by economic sectors and industries. Several European countries
have been subject to credit deterioration due to weaknesses in
their economic and fiscal profiles. The Company is closely
monitoring its exposures in Italy, Spain, Ireland, Greece and
Portugal, which have been determined to be high risk based on
the market assessment of the riskiness of their sovereign debt and
the Company’s assessment of their economic and financial
outlook. As of December 31, 2012, the Company did not hold
any investments in sovereign debt securities issued by Italy,
Spain, Ireland, Greece or Portugal, and the Company’s gross
credit exposures to government entities, financial institutions
and corporations in those countries were individually and
collectively not material.
OPERATIONAL RISK MANAGEMENT PROCESS
The Company defines operational risk as the risk of not
achieving business objectives due to inadequate or failed
processes or information systems, human error or the external
environment (i.e., natural disasters), including losses due to
failures to comply with laws and regulations. Operational risk is
inherent in all business activities and can impact an organization
through direct or indirect financial loss, brand damage, customer
dissatisfaction, or legal and regulatory penalties.
To appropriately measure and manage operational risk, the
Company has implemented a comprehensive operational risk
framework that is defined in the Operational Risk Management
Policy approved by the Audit, Risk and Compliance Committee.
The Operational Risk Management Committee (ORMC)
coordinates with all control groups on effective risk assessments
and controls and oversees the preventive, responsive and
mitigation efforts by Lead Operational Risk Officers in the
business units and staff groups. In addition, enhanced processes
for issue resolution and customer remediation were
implemented in 2012 to strengthen the Company’s commitment
to the customer and its focus on quality execution.
The Company uses the operational risk framework to identify,
measure, monitor and report inherent and emerging operational
38