Bank of America 2004 Annual Report Download - page 52

Download and view the complete annual report

Please find page 52 of the 2004 Bank of America annual report below. You can navigate through the pages in the report by either clicking on the pages listed below, or by using the keyword search tool below to find specific information within the annual report.

Page out of 154

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
  • 115
  • 116
  • 117
  • 118
  • 119
  • 120
  • 121
  • 122
  • 123
  • 124
  • 125
  • 126
  • 127
  • 128
  • 129
  • 130
  • 131
  • 132
  • 133
  • 134
  • 135
  • 136
  • 137
  • 138
  • 139
  • 140
  • 141
  • 142
  • 143
  • 144
  • 145
  • 146
  • 147
  • 148
  • 149
  • 150
  • 151
  • 152
  • 153
  • 154

BANK OF AMERICA 2004 51
Managing Risk
Overview
Our management governance structure enables us to manage all
major aspects of our business through an integrated planning and
review process that includes strategic, financial, associate and risk
planning. We derive much of our revenue from managing risk from
customer transactions for profit. Through our management gover-
nance structure, risk and return are evaluated with a goal of produc-
ing sustainable revenue, reducing earnings volatility and increasing
shareholder value. Our business exposes us to the following major
risks: strategic, liquidity, credit, market and operational.
Strategic risk is the risk that adverse business decisions,
ineffective or inappropriate business plans or failure to respond to
changes in the competitive environment, business cycles, customer
preferences, product obsolescence, execution and/or other intrinsic
risks of business will impact our ability to meet our objectives.
Liquidity risk is the inability to accommodate liability maturities and
deposit withdrawals, fund asset growth and meet contractual obliga-
tions through unconstrained access to funding at reasonable market
rates. Credit risk is the risk of loss arising from a borrower’s or coun-
terparty’s inability to meet its obligations. Market risk is the risk that
values of assets and liabilities or revenues will be adversely affected
by changes in market conditions, such as interest rate movements.
Operational risk is the risk of loss resulting from inadequate or failed
internal processes, people and systems or external events.
Risk Management Processes and Methods
We have established control processes and use various methods to align
risk-taking and risk management throughout our organization. These
control processes and methods are designed around “three lines of
defense”: lines of business; support units (including Risk Management,
Compliance, Finance, Personnel and Legal); and Corporate Audit.
Management is responsible for identifying, quantifying, mitigating
and managing all risks within their lines of business, while certain
enterprise-wide risks are managed centrally. For example, except for
trading-related business activities, interest rate risk associated with
our business activities is managed centrally in the Corporate Treasury
function. Line of business management makes and executes the busi-
ness plan and is closest to the changing nature of risks and, therefore,
we believe is best able to take actions to manage and mitigate those
risks. Our lines of business prepare quarterly self-assessment
reports to identify the status of risk issues, including mitigation
plans, if appropriate. These reports roll up to executive management
to ensure appropriate risk management and oversight, and to identify
enterprise-wide issues. Our management processes, structures and
policies aid us in complying with laws and regulations and provide
clear lines for decision-making and accountability. Wherever practical,
we attempt to house decision-making authority as close to the
customer as possible while retaining supervisory control functions
from both in and outside of the lines of business.
The Risk Management organization translates approved business
plans into approved limits, approves requests for changes to those lim-
its, approves transactions as appropriate, and works closely with lines of
business to establish and monitor risk parameters. Risk Management
has assigned a Risk Executive to each of the four lines of business who
is responsible for the oversight of all risks associated with that line of
business. In addition, Risk Management has assigned Risk Executives to
monitor enterprise-wide credit, market and operational risks.
Corporate Audit provides an independent assessment of our
management and internal control systems. Corporate Audit activities
are designed to provide reasonable assurance that resources are
adequately protected; significant financial, managerial and operating
information is materially complete, accurate and reliable; and employ-
ees’ actions are in compliance with corporate policies, standards,
procedures, and applicable laws and regulations.
We use various methods to manage risks at the line of business
levels and corporate-wide. Examples of these methods include plan-
ning and forecasting, risk committees and forums, limits, models,
and hedging strategies. Planning and forecasting facilitates analysis
of actual versus planned results and provides an indication of unan-
ticipated risk level. Generally, risk committees and forums are com-
prised of line of business, risk management, compliance, legal and
finance personnel, among others, who actively monitor performance
against plan, limits, potential issues, and introduction of new prod-
ucts. Limits, the amount of exposure that may be taken in a product,
relationship, region or industry, seek to align risk goals with those of
each line of business and are part of our overall risk management
process to help reduce the volatility of market, credit and operational
losses. Models are used to estimate market value and net interest
income sensitivity, and to estimate both expected and unexpected
losses for each product and line of business, where appropriate.
Hedging strategies are used to manage the risk of borrower or
counterparty concentration risk and to manage market risk in the
portfolio.
The formal processes used to manage risk represent only one
portion of our overall risk management process. Corporate culture
and the actions of our associates are also critical to effective risk
management. Through our Code of Ethics, we set a high standard for
our associates. The Code of Ethics provides a framework for all of our
associates to conduct themselves with the highest integrity in the
delivery of our products or services to our customers. We instill a
risk-conscious culture through communications, training, policies,
procedures, and organizational roles and responsibilities.
Additionally, we continue to strengthen the linkage between the asso-
ciate performance management process and individual compensation
to encourage associates to work toward corporate-wide risk goals.