Bank of America 2002 Annual Report Download - page 55

Download and view the complete annual report

Please find page 55 of the 2002 Bank of America annual report below. You can navigate through the pages in the report by either clicking on the pages listed below, or by using the keyword search tool below to find specific information within the annual report.

Page out of 116

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
  • 115
  • 116

BANK OF AMERICA 2002 53
Consistent with our strategy of managing interest rate sensitivity, the net
receive fixed interest rate swap position increased by $11.8 billion to
$54.8 billion at December 31, 2002. This increase primarily occurred in
the last half of 2002. Option products in our ALM process may
include option collars or spread strategies, which involve the buying
and selling of options on the same underlying security or interest rate
index. These strategies may involve caps, floors and options on index
futures contracts.
The Corporation adopted SFAS 133 on January 1, 2001. SFAS 133
requires that all derivative instruments be recorded on the balance
sheet at their fair value. We have not significantly altered our overall
interest rate risk management objective and strategy as a result of
adopting SFAS 133. For further information on SFAS 133, see Note 1 of
the consolidated financial statements.
Mortgage Banking Risk
Mortgage production activities create unique interest rate and prepay-
ment risk between the loan commitment date (pipeline) and the date the
loan is sold to the secondary market. To manage interest rate risk, we
enter into various financial instruments including interest rate
swaps, forward delivery contracts, Euro dollar futures and option con-
tracts. The notional amount of such contracts was $25.3 billion at
December 31, 2002 with associated net unrealized losses of $224 mil-
lion. At December 31, 2001, the notional amount of such contracts was
$27.8 billion with associated net unrealized gains of $69 million. These
contracts have an average expected maturity of less than 90 days.
Prepayment risk represents the loss in value associated with a
high rate loan paying off in a low rate environment and the loss of
servicing value when loans prepay. We manage prepayment risk using
various financial instruments including purchased options and swaps.
The notional amounts of such contracts at December 31, 2002 and
2001 were $53.1 billion and $65.1 billion, respectively. The related
unrealized gain was $955 million and $301 million at December 31,
2002 and 2001, respectively. These amounts are included in the
Derivatives table in Note 5 of the consolidated financial statements.
See Note 1 for additional discussion of these financial instruments in
the mortgage banking assets section.
Operational Risk Management
Operational risk is the potential for loss resulting from events involv-
ing people, processes, technology, legal/regulatory issues, external
events, execution and reputation. Successful operational risk man-
agement is particularly important to a diversified financial services
company like ours because of the very nature, volume and complexity
of our various businesses.
In keeping with the corporate governance structure, the lines of
businesses are responsible for all the risks within the business includ-
ing operational risks. Such risks are managed through corporate wide
or business segment specific policies and procedures, controls and
monitoring tools. Examples of these include personnel management
practices, data reconciliation processes, fraud management units,
transaction processing monitoring and analysis, systems interruptions
and new product introduction processes.
The Corporate Operational Risk Executive, reporting to the Chief
Risk Officer, provides oversight to accelerate and facilitate consistency
of effective policies, best practices, controls and monitoring tools for
managing and assessing all types of operational risks across the
company. The Operational Risk Executive also works with the busi-
ness segment executives and their risk counterparts to implement
appropriate policies, processes and assessments at the segment
level. In addition, the Corporate Audit group places special emphasis
on operational risk management processes, at both the corporate
and segment levels, in its assessments and testing.
Operational risks fall into two major categories, business specific
and corporate-wide affecting all business lines. Operational Risk
Management plays a different role in each category. For business
specific risks, Operational Risk Management works with the seg-
ments to ensure consistency in policies, processes, and assessments.
With respect to corporate-wide risks, such as information security,
business recovery, legal and compliance, Operational Risk
Management assesses the risks, develops a consolidated corporate
view and communicates that view to the business level.
At the business segment level, there are four business segment
risk executives that are responsible for oversight of all operational
risks in the business segments they support. In their management of
these specific risks, they utilize corporate-wide operational risk poli-
cies, processes, and assessments. A specific example is our manage-
ment of outsourced activities. To ensure that we meet our business
segment objectives and manage the risks associated with these
activities, vendor contracts contain specific corporate standards that
allow for the tracking of service performance levels. In addition, we
also have our Corporate Audit group perform independent assess-
ments of vendor management processes and key vendor processes,
the latter including on-site work at our more significant vendors.
To manage corporate-wide risks, we maintain specialized sup-
port groups, such as Legal, Information Security, Business Recovery,
Supply Chain Management, Finance, Compliance and Technology and
Operations. These groups assist the lines of business in the devel-
opment and implementation of risk management practices specific
to the needs of the individual businesses. An example of such an
effort is our company-wide implementation of the anti-money laun-
dering aspects of the USA Patriot Act.
Operational Risk Management, working in conjunction with sen-
ior business segment executives, has developed two key tools to help
manage, monitor, and summarize operational risk. The first tool the
businesses and executive management utilize is a company-wide
quarterly self-assessment process, which identifies and evaluates the
status of risk issues, including mitigation plans if appropriate. The
goal of this process, which originates at the segment level, is to
ensure that the overall operating environment for segments is being
continuously assessed and appropriately enhanced for changing
conditions. This self-assessment is also used for identifying emerging
operational risk issues and determining how they should be managed
at the business segment or corporate level. The risks identified in
this process are also integrated into our quarterly financial forecasting
process. The second process is a metrics review of key risk indicators.
Each business has identified metrics for each category of operational
risk noted above. The resulting review is used to identify trends and
issues on both a corporate and a segment level.