Bank of America 2012 Annual Report Download - page 65

Download and view the complete annual report

Please find page 65 of the 2012 Bank of America annual report below. You can navigate through the pages in the report by either clicking on the pages listed below, or by using the keyword search tool below to find specific information within the annual report.

Page out of 284

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
  • 115
  • 116
  • 117
  • 118
  • 119
  • 120
  • 121
  • 122
  • 123
  • 124
  • 125
  • 126
  • 127
  • 128
  • 129
  • 130
  • 131
  • 132
  • 133
  • 134
  • 135
  • 136
  • 137
  • 138
  • 139
  • 140
  • 141
  • 142
  • 143
  • 144
  • 145
  • 146
  • 147
  • 148
  • 149
  • 150
  • 151
  • 152
  • 153
  • 154
  • 155
  • 156
  • 157
  • 158
  • 159
  • 160
  • 161
  • 162
  • 163
  • 164
  • 165
  • 166
  • 167
  • 168
  • 169
  • 170
  • 171
  • 172
  • 173
  • 174
  • 175
  • 176
  • 177
  • 178
  • 179
  • 180
  • 181
  • 182
  • 183
  • 184
  • 185
  • 186
  • 187
  • 188
  • 189
  • 190
  • 191
  • 192
  • 193
  • 194
  • 195
  • 196
  • 197
  • 198
  • 199
  • 200
  • 201
  • 202
  • 203
  • 204
  • 205
  • 206
  • 207
  • 208
  • 209
  • 210
  • 211
  • 212
  • 213
  • 214
  • 215
  • 216
  • 217
  • 218
  • 219
  • 220
  • 221
  • 222
  • 223
  • 224
  • 225
  • 226
  • 227
  • 228
  • 229
  • 230
  • 231
  • 232
  • 233
  • 234
  • 235
  • 236
  • 237
  • 238
  • 239
  • 240
  • 241
  • 242
  • 243
  • 244
  • 245
  • 246
  • 247
  • 248
  • 249
  • 250
  • 251
  • 252
  • 253
  • 254
  • 255
  • 256
  • 257
  • 258
  • 259
  • 260
  • 261
  • 262
  • 263
  • 264
  • 265
  • 266
  • 267
  • 268
  • 269
  • 270
  • 271
  • 272
  • 273
  • 274
  • 275
  • 276
  • 277
  • 278
  • 279
  • 280
  • 281
  • 282
  • 283
  • 284

Bank of America 2012 63
Management and Capital Management both on page 66, Liquidity
Risk on page 71, Credit Risk Management on page 75, Market
Risk Management on page 109, Compliance Risk Management
and Operational Risk Management both on page 116, address in
more detail the specific procedures, measures and analyses of
the major categories of risk that we manage.
In choosing when and how to take risks, we evaluate our
capacity for risk and seek to protect our brand and reputation, our
financial flexibility, the value of our assets and the strategic
potential of the Corporation. We intend to maintain a strong and
flexible financial position. We also intend to focus on maintaining
our relevance and value to customers, employees and
shareholders. As part of our efforts to achieve these objectives,
we continue to build a comprehensive risk management culture
and to implement governance and control measures to strengthen
that culture.
We take a comprehensive approach to risk management. We
have a defined risk framework and clearly articulated risk appetite
which is approved annually by the Corporation’s Board of Directors
(the Board). Risk management planning is integrated with
strategic, financial and customer/client planning so that goals and
responsibilities are aligned across the organization. Risk is
managed in a systematic manner by focusing on the Corporation
as a whole as well as managing risk across the enterprise and
within individual business units, products, services and
transactions, and across all geographic locations. We maintain a
governance structure that delineates the responsibilities for risk
management activities, as well as governance and oversight of
those activities.
Executive management assesses, with Board oversight, the
risk-adjusted returns of each business segment. Management
reviews and approves strategic and financial operating plans, and
recommends to the Board for approval a financial plan annually.
By allocating economic capital to and establishing a risk appetite
for a business segment, we seek to effectively manage the ability
to take on risk. Economic capital is assigned to each business
segment using a risk-adjusted methodology incorporating each
segment’s stand-alone credit, market, interest rate and operational
risk components, and is used to measure risk-adjusted returns.
We regularly evaluate these allocations as part of our overall
governance processes as the businesses and the economic
environment in which we operate continue to evolve.
In addition to reputational considerations, businesses operate
within their credit, market, compliance and operational risk
standards and limits in order to adhere to the risk appetite. These
limits are based on analyses of risk and reward in each business.
Executive management is responsible for tracking and reporting
performance measurements as well as any exceptions to
guidelines or limits. The Board, and its committees when
appropriate, monitor financial performance, execution of the
strategic and financial operating plans, compliance with the risk
appetite and the adequacy of internal controls.
The Board has completed its review of the Risk Framework and
the Risk Appetite Statement for the Corporation, and both the Risk
Framework and Risk Appetite Statement were approved in January
2013. The Risk Framework defines the accountability of the
Corporation and its employees and the Risk Appetite Statement
defines the parameters under which we will take risk. Both
documents are intended to enable us to maximize our long-term
results and ensure the integrity of our assets and the quality of
our earnings. The Risk Framework is designed to be used by our
employees to understand risk management activities, including
their individual roles and accountabilities. It also defines how risk
management is integrated into our core business processes, and
it defines the risk management governance structure, including
management’s involvement. The risk management responsibilities
of the businesses, governance and control functions, and
Corporate Audit are also clearly defined. The risk management
process includes four critical elements: identify and measure risk,
mitigate and control risk, monitor and test risk, and report and
review risk, and is applied across all business activities to enable
an integrated and comprehensive review of risk consistent with
the Risk Appetite Statement.
Risk Management Processes and Methods
To support our corporate goals and objectives, risk appetite, and
business and risk strategies, we maintain a governance structure
that delineates the responsibilities for risk management activities,
as well as governance and oversight of those activities, by
management and the Board. All employees have accountability for
risk management. Each employee’s risk management
responsibilities falls into one of three major categories:
businesses, governance and control, and Corporate Audit.
Business managers and employees are accountable for
identifying, managing and escalating attention to all risks in their
business units, including existing and emerging risks. Business
managers must ensure that their business activities are conducted
within the risk appetite defined by management and approved by
the Board. The limits and controls for each business must be
consistent with the Risk Appetite Statement. Employees in client
and customer facing businesses are responsible for day-to-day
business activities, including developing and delivering profitable
products and services, fulfilling customer requests and
maintaining desirable customer relationships. These employees
are accountable for conducting their daily work in accordance with
policies and procedures. It is the responsibility of each employee
to protect the Corporation and defend the interests of the
shareholders.
Governance and control functions are comprised of Global Risk
Management, Global Compliance, Legal and the enterprise control
functions and are tasked with independently overseeing and
managing risk activities. Global Compliance (which includes
Regulatory Relations) and Legal report to the Chief Legal,
Compliance and Regulatory Relations Executive. Enterprise control
functions consist of the Chief Financial Officer (CFO) Group, Global
Technology and Operations, Global Human Resources, and Global
Marketing and Corporate Affairs.
Global Risk Management is led by the Chief Risk Officer (CRO).
The CRO leads senior management in managing risk, is
independent from the Corporation’s businesses and enterprise
control functions, and maintains sufficient autonomy to develop
and implement meaningful risk management measures. This
position serves to protect the Corporation and its shareholders.
The CRO reports to the Chief Executive Officer (CEO) and is the
management team lead or a participant in Board-level risk
governance committees. The CRO has the mandate to ensure that
appropriate risk management practices are in place, and are
effective and consistent with our overall business strategy and
risk appetite. Global Risk Management is comprised of two types
of risk teams, Enterprise risk teams and independent business
risk teams, which report to the CRO and are independent from the
business and enterprise control functions.