BB&T 2015 Annual Report Download - page 73

Download and view the complete annual report

Please find page 73 of the 2015 BB&T annual report below. You can navigate through the pages in the report by either clicking on the pages listed below, or by using the keyword search tool below to find specific information within the annual report.

Page out of 370

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
  • 115
  • 116
  • 117
  • 118
  • 119
  • 120
  • 121
  • 122
  • 123
  • 124
  • 125
  • 126
  • 127
  • 128
  • 129
  • 130
  • 131
  • 132
  • 133
  • 134
  • 135
  • 136
  • 137
  • 138
  • 139
  • 140
  • 141
  • 142
  • 143
  • 144
  • 145
  • 146
  • 147
  • 148
  • 149
  • 150
  • 151
  • 152
  • 153
  • 154
  • 155
  • 156
  • 157
  • 158
  • 159
  • 160
  • 161
  • 162
  • 163
  • 164
  • 165
  • 166
  • 167
  • 168
  • 169
  • 170
  • 171
  • 172
  • 173
  • 174
  • 175
  • 176
  • 177
  • 178
  • 179
  • 180
  • 181
  • 182
  • 183
  • 184
  • 185
  • 186
  • 187
  • 188
  • 189
  • 190
  • 191
  • 192
  • 193
  • 194
  • 195
  • 196
  • 197
  • 198
  • 199
  • 200
  • 201
  • 202
  • 203
  • 204
  • 205
  • 206
  • 207
  • 208
  • 209
  • 210
  • 211
  • 212
  • 213
  • 214
  • 215
  • 216
  • 217
  • 218
  • 219
  • 220
  • 221
  • 222
  • 223
  • 224
  • 225
  • 226
  • 227
  • 228
  • 229
  • 230
  • 231
  • 232
  • 233
  • 234
  • 235
  • 236
  • 237
  • 238
  • 239
  • 240
  • 241
  • 242
  • 243
  • 244
  • 245
  • 246
  • 247
  • 248
  • 249
  • 250
  • 251
  • 252
  • 253
  • 254
  • 255
  • 256
  • 257
  • 258
  • 259
  • 260
  • 261
  • 262
  • 263
  • 264
  • 265
  • 266
  • 267
  • 268
  • 269
  • 270
  • 271
  • 272
  • 273
  • 274
  • 275
  • 276
  • 277
  • 278
  • 279
  • 280
  • 281
  • 282
  • 283
  • 284
  • 285
  • 286
  • 287
  • 288
  • 289
  • 290
  • 291
  • 292
  • 293
  • 294
  • 295
  • 296
  • 297
  • 298
  • 299
  • 300
  • 301
  • 302
  • 303
  • 304
  • 305
  • 306
  • 307
  • 308
  • 309
  • 310
  • 311
  • 312
  • 313
  • 314
  • 315
  • 316
  • 317
  • 318
  • 319
  • 320
  • 321
  • 322
  • 323
  • 324
  • 325
  • 326
  • 327
  • 328
  • 329
  • 330
  • 331
  • 332
  • 333
  • 334
  • 335
  • 336
  • 337
  • 338
  • 339
  • 340
  • 341
  • 342
  • 343
  • 344
  • 345
  • 346
  • 347
  • 348
  • 349
  • 350
  • 351
  • 352
  • 353
  • 354
  • 355
  • 356
  • 357
  • 358
  • 359
  • 360
  • 361
  • 362
  • 363
  • 364
  • 365
  • 366
  • 367
  • 368
  • 369
  • 370

TableofContents
The primary responsibility for cybersecurity at BB&T lies with the Risk Committee of the Board of Directors, which has delegated the day-to-day operations
to management via the RMC, ORMC and EITSC. The EITSC serves as the primary team responsible for monitoring and reporting on cybersecurity risks. The
EITSC, which is led by the Chief Information Officer, provides a bi-monthly report on cybersecurity to executive management and provides other periodic
cybersecurity reporting to the RMC and the ORMC. In addition, the Chief Information Officer and Chief Information Security Officer provide a quarterly
Cyber Security Update to the Risk Committee or the full Board of Directors on a rotating basis. Annually, the EITSC provides a formal IT risk assessment and
Information Security reports to the Risk Committee.
As a complement to the overall cybersecurity infrastructure, BB&T utilizes a number of internal training methods, both formally through mandatory courses
and informally through written communications and other updates. Internal policies and procedures have been implemented to encourage the reporting of
potential phishing attacks or other security risks. BB&T also uses third party services as part of its cybersecurity framework, and any such third parties are
required to comply with BB&T’s policies regarding information security and confidentiality. BB&T also uses third party groups to assess and supplement the
Company’s cybersecurity needs.
These cyber attacks have not, to date, resulted in any material disruption to BB&T’s operations or harm to its customers and have not had a material adverse
effect on BB&T’s results of operations; however, there can be no assurance that a sophisticated cyber attack can be detected or thwarted.
Reputation risk
Reputation risk is the risk to current or anticipated earnings, capital, enterprise value, the BB&T brand, and public confidence arising from negative publicity
or public opinion, whether real or perceived, regarding BB&T’s business practices, products, services, transactions, or other activities undertaken by BB&T,
its representatives, or its partners. A negative reputation may impair BB&T’s relationship with clients, associates, communities or shareholders, and it is often
a residual risk that arises when other risks are not managed properly.
Strategic risk
Strategic risk is the risk to current or anticipated earnings, capital, enterprise value and the achievement of BB&T’s vision, mission, purpose and business
objectives consistent with its values that arises from BB&T’s business strategy or potentially adverse business decisions, improper or ineffective
implementation of business decisions or lack of responsiveness to changes in the banking industry and operating environment. Strategic risk is a function of
BB&T’s strategic goals, business strategies, resources and quality of implementation. The responsibility for managing this risk rests with the Board of
Directors, Executive Management and the Senior Leadership Team.
Market Risk Management
The effective management of market risk is essential to achieving BB&T’s strategic financial objectives. As a financial institution, BB&T’s most significant
market risk exposure is interest rate risk in its balance sheet; however, market risk also includes product liquidity risk, price risk and volatility risk in BB&T’s
LOBs. The primary objectives of market risk management are to minimize any adverse effect that changes in market risk factors may have on net interest
income, net income and capital and to offset the risk of price changes for certain assets recorded at fair value. At BB&T, market risk management also
includes the enterprise-wide IPV function.
Interest Rate Market Risk (Other than Trading)
BB&T actively manages market risk associated with asset and liability portfolios with a focus on the strategic pricing of asset and liability accounts and
management of appropriate maturity mixes of assets and liabilities. The goal of these activities is the development of appropriate maturity and repricing
opportunities in BB&T’s portfolios of assets and liabilities that will produce reasonably consistent net interest income during periods of changing interest
rates. These portfolios are analyzed for proper fixed-rate and variable-rate mixes under various interest rate scenarios.
66
Source: BB&T CORP, 10-K, February 25, 2016 Powered by Morningstar® Document Research
The information contained herein may not be copied, adapted or distributed and is not warranted to be accurate, complete or timely. The user assumes all risks for any damages or losses arising from any use of this information,
except to the extent such damages or losses cannot be limited or excluded by applicable law. Past financial performance is no guarantee of future results.