Bank of America 2004 Annual Report Download - page 79

Download and view the complete annual report

Please find page 79 of the 2004 Bank of America annual report below. You can navigate through the pages in the report by either clicking on the pages listed below, or by using the keyword search tool below to find specific information within the annual report.

Page out of 154

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
  • 115
  • 116
  • 117
  • 118
  • 119
  • 120
  • 121
  • 122
  • 123
  • 124
  • 125
  • 126
  • 127
  • 128
  • 129
  • 130
  • 131
  • 132
  • 133
  • 134
  • 135
  • 136
  • 137
  • 138
  • 139
  • 140
  • 141
  • 142
  • 143
  • 144
  • 145
  • 146
  • 147
  • 148
  • 149
  • 150
  • 151
  • 152
  • 153
  • 154

78 BANK OF AMERICA 2004
Operational Risk Management
Operational risk is the risk of loss resulting from inadequate or failed
internal processes, people and systems, including system conver-
sions and integration, and external events. Successful operational
risk management is particularly important to a diversified financial
services company like ours because of the very nature, volume and
complexity of our various businesses.
In keeping with our management governance structure, the lines
of business are responsible for all the risks within the business
including operational risks. Such risks are managed through corpo-
rate-wide or line of business specific policies and procedures, con-
trols, and monitoring tools. Examples of these include personnel
management practices, data reconciliation processes, fraud man-
agement units, transaction processing monitoring and analysis, busi-
ness recovery planning, and new product introduction processes.
We approach operational risk from two perspectives, enterprise-
wide and line of business-specific. The Compliance and Operational
Risk Committee (CORC), chartered in 2005 as a subcommittee of the
Finance Committee, provides consistent communication and over-
sight of significant operational and compliance issues and oversees
the adoption of best practices. Two groups within Risk Management,
Compliance Risk Management and Enterprise Operational Risk, facil-
itate the consistency of effective policies, industry best practices,
controls and monitoring tools for managing and assessing opera-
tional risks across the Corporation. These groups also work with the
line of business executives and their risk counterparts to implement
appropriate policies, processes and assessments at the line of busi-
ness level and support groups. Compliance and operational risk
awareness is also driven across the Corporation through training and
strategic communication efforts. For selected risks, we establish spe-
cialized support groups, for example, Information Security and Supply
Chain Management. These specialized groups develop corporate-
wide risk management practices, such as an information security pro-
gram and a supplier program to ensure suppliers adopt appropriate
policies and procedures when performing work on behalf of the
Corporation. These specialized groups also assist the lines of busi-
ness in the development and implementation of risk management
practices specific to the needs of the individual businesses.
At the line of business level, the Line of Business Risk
Executives are responsible for adherence to corporate practices and
oversight of all operational risks in the line of business they support.
Operational and compliance risk management, working in conjunction
with senior line of business executives, have developed key tools to
help manage, monitor and summarize operational risk. One tool the
businesses and executive management utilize is a corporate-wide
self-assessment process, which helps to identify and evaluate the
status of risk issues, including mitigation plans, if appropriate. Its
goal is to continuously assess changing market and business condi-
tions and evaluate all operational risks impacting the line of busi-
ness. The self-assessment process assists in identifying emerging
operational risk issues and determining at the line of business or cor-
porate level how they should be managed. In addition to information
gathered from the self-assessment process, key operational risk indi-
cators have been developed and are used to help identify trends and
issues on both a corporate and a line of business level.
More generally, we mitigate operational risk through a broad-
based approach to process management and process improvement.
Improvement efforts are focused on reduction of variation in outputs.
We have a dedicated Quality and Productivity team to manage and
certify the process management and improvement efforts.
Recent Accounting and Reporting Developments
See Note 1 of the Consolidated Financial Statements for a discussion
of recent accounting and reporting developments.
Complex Accounting Estimates
Our significant accounting principles as described in Note 1 of the
Consolidated Financial Statements are essential in understanding
Management’s Discussion and Analysis of Results of Operations and
Financial Condition. Many of our significant accounting principles require
complex judgments to estimate values of assets and liabilities. We have
procedures and processes to facilitate making these judgments.
The more judgmental estimates are summarized below. We have
identified and described the development of the variables most
important in the estimation process that, with the exception of
accrued taxes, involves mathematical models to derive the esti-
mates. In many cases, there are numerous alternative judgments
that could be used in the process of determining the inputs to the
model. Where alternatives exist, we have used the factors that we
believe represent the most reasonable value in developing the
inputs. Actual performance that differs from our estimates of the key
variables could impact Net Income. Separate from the possible future
impact to Net Income from input and model variables, the value of
our lending portfolio and market sensitive assets and liabilities may
change subsequent to the balance sheet measurement, often signif-
icantly, due to the nature and magnitude of future credit and market
conditions. Such credit and market conditions may change quickly
and in unforeseen ways and the resulting volatility could have a sig-
nificant, negative effect on future operating results. These fluctuations
would not be indicative of deficiencies in our models or inputs.