Bank of America 2014 Annual Report Download - page 54

Download and view the complete annual report

Please find page 54 of the 2014 Bank of America annual report below. You can navigate through the pages in the report by either clicking on the pages listed below, or by using the keyword search tool below to find specific information within the annual report.

Page out of 272

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
  • 115
  • 116
  • 117
  • 118
  • 119
  • 120
  • 121
  • 122
  • 123
  • 124
  • 125
  • 126
  • 127
  • 128
  • 129
  • 130
  • 131
  • 132
  • 133
  • 134
  • 135
  • 136
  • 137
  • 138
  • 139
  • 140
  • 141
  • 142
  • 143
  • 144
  • 145
  • 146
  • 147
  • 148
  • 149
  • 150
  • 151
  • 152
  • 153
  • 154
  • 155
  • 156
  • 157
  • 158
  • 159
  • 160
  • 161
  • 162
  • 163
  • 164
  • 165
  • 166
  • 167
  • 168
  • 169
  • 170
  • 171
  • 172
  • 173
  • 174
  • 175
  • 176
  • 177
  • 178
  • 179
  • 180
  • 181
  • 182
  • 183
  • 184
  • 185
  • 186
  • 187
  • 188
  • 189
  • 190
  • 191
  • 192
  • 193
  • 194
  • 195
  • 196
  • 197
  • 198
  • 199
  • 200
  • 201
  • 202
  • 203
  • 204
  • 205
  • 206
  • 207
  • 208
  • 209
  • 210
  • 211
  • 212
  • 213
  • 214
  • 215
  • 216
  • 217
  • 218
  • 219
  • 220
  • 221
  • 222
  • 223
  • 224
  • 225
  • 226
  • 227
  • 228
  • 229
  • 230
  • 231
  • 232
  • 233
  • 234
  • 235
  • 236
  • 237
  • 238
  • 239
  • 240
  • 241
  • 242
  • 243
  • 244
  • 245
  • 246
  • 247
  • 248
  • 249
  • 250
  • 251
  • 252
  • 253
  • 254
  • 255
  • 256
  • 257
  • 258
  • 259
  • 260
  • 261
  • 262
  • 263
  • 264
  • 265
  • 266
  • 267
  • 268
  • 269
  • 270
  • 271
  • 272

52 Bank of America 2014
Managing Risk
Overview
Risk is inherent in all our business activities. Sound risk
management enables us to serve our customers and deliver for
our shareholders. If not managed well, risks can result in financial
loss, regulatory sanctions and penalties, and damage to our
reputation, each of which may adversely impact our ability to
execute our business strategies. The seven types of risk faced by
Bank of America are strategic, credit, market, liquidity, compliance,
operational and reputational risks.
Strategic risk is the risk resulting from incorrect assumptions
about external or internal factors, inappropriate business plans,
ineffective business strategy execution, or failure to respond in a
timely manner to changes in the regulatory, macroeconomic or
competitive environments. Credit risk is the risk of loss arising
from the inability or failure of a borrower or counterparty to meet
its obligations. Market risk is the risk that changes in market
conditions may adversely impact the value of assets or liabilities,
or otherwise negatively impact earnings. Liquidity risk is the
potential inability to meet contractual or contingent financial
obligations, either on- or off-balance sheet, as they come due.
Compliance risk is the risk of legal or regulatory sanctions or
penalties arising from the failure of the Corporation to comply with
requirements of applicable laws, rules and regulations.
Operational risk is the risk of loss resulting from inadequate or
failed internal processes, people and systems, or from external
events. Reputational risk is the potential that negative perceptions
of the Corporation’s conduct or business practices may adversely
impact its profitability or operations through an inability to
establish new or maintain existing customer/client relationships.
Reputational risk is evaluated along with all of the risk categories
and throughout the risk management process and, as such, is not
discussed separately herein. The following sections, Strategic Risk
Management on page 55, Capital Management on page 56
Liquidity Risk on page 62, Credit Risk Management on page 67,
Market Risk Management on page 96, Compliance Risk
Management on page 105 and Operational Risk Management on
page 106, address in more detail the specific procedures,
measures and analyses of the major categories of risk. This
discussion of managing risk focuses on the Risk Framework that,
as part of its annual review process, was approved by the
Corporation’s Board of Directors (the Board) and its Enterprise
Risk Committee (ERC) in January 2015. The key enhancements
from the 2014 Risk Framework include further increasing the focus
on our strong risk culture and ensuring consistency with recent
regulatory guidance. It continues to recognize the same seven key
risk types as discussed above, and the five components of our
risk management approach as outlined below.
A strong risk culture is fundamental to our core values and
operating principles. It requires us to focus on risk in all activities
and encourages the necessary mindset and behavior to enable
effective risk management, and promotes sound risk taking within
our risk appetite. Sustaining a strong risk culture throughout the
organization is critical to the success of the Corporation and is a
clear expectation of our executive management team and the
Board.
Our Risk Framework is the foundation for comprehensive
management of the risks facing the Corporation. It outlines clear
responsibilities and accountabilities for managing risk. The Risk
Framework sets forth roles and responsibilities for the
management of risk by front line units (FLUs), independent risk
management, control functions and Corporate Audit, each of which
is described below in Managing Risk – Risk Management
Governance, and provides a blueprint for how the Board, through
delegation of authority to committees and executive officers,
establishes risk appetite and associated limits for our activities.
It describes the five components of our risk management approach
(risk culture, risk appetite, risk management processes, risk data
aggregation and reporting, and risk governance) and the seven key
types of risk we face.
Executive management assesses, with Board oversight, the
risk-adjusted returns of each business. Management reviews and
approves strategic and financial operating plans, and recommends
a financial plan annually to the Board for approval. Our strategic
plan takes into consideration return objectives and financial
resources, which must align with risk capacity and risk appetite.
Management sets financial objectives for each business by
allocating capital and setting a target for return on capital for each
business. Capital allocations and operating limits are regularly
evaluated as part of our overall governance processes as the
businesses and the economic environment in which we operate
continue to evolve. For more information regarding capital
allocations, see Business Segment Operations on page 31.
Our Risk Appetite Statement is intended to ensure that the
Corporation maintains an acceptable risk profile by providing a
common framework and a comparable set of measures for senior
management and the Board to clearly indicate the level of risk the
Corporation is willing to accept. The Risk Appetite Statement
includes both quantitative limits and qualitative components. Risk
appetite is set at least annually in conjunction with the strategic,
capital and financial operating plans to align risk appetite with the
Corporation’s strategy and financial resources. Line of business
strategies and risk appetite are also aligned. As part of its annual
review, the Board approved the Risk Appetite Statement in January
2015.
Our overall capacity to take risk is limited; therefore, we prioritize
the risks we take in order to maintain a strong and flexible financial
position so we can withstand challenging economic times and take
advantage of organic growth opportunities. Therefore, we set
objectives and targets for capital and liquidity that are intended
to permit the Corporation to continue to operate in a safe and
sound manner at all times, including during periods of stress.
Each of our lines of business operates within their credit, market
and operational risk appetite limits. These limits are based on
analyses of risk and reward within each line of business. Executive
management is responsible for tracking and reporting
performance measurements as well as any exceptions to
guidelines or limits. The Board, and its committees when
appropriate, oversees financial performance, execution of the
strategic and financial operating plans, adherence to risk appetite
limits and the adequacy of internal controls.
Risk Management Governance
The Risk Framework includes delegations of authority whereby the
Board and its committees may delegate authority to management-
level committees or executive officers. Such delegations may
authorize certain decision-making and approval functions, which
may be evidenced in, for example, committee charters, job
descriptions, meeting minutes and resolutions.