Bank of Montreal 1999 Annual Report Download - page 48

Download and view the complete annual report

Please find page 48 of the 1999 Bank of Montreal annual report below. You can navigate through the pages in the report by either clicking on the pages listed below, or by using the keyword search tool below to find specific information within the annual report.

Page out of 112

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112

Enterprise-Wide Risk Management
42 Bank of Montreal Group of Companies 1999 Annual Report
In managing liquidity, management establishes mini-
mum liquid asset requirements, together with limits
and guidelines for liability diversication and contin-
gent credit commitments. Sensitivity analyses are run to
determine the impact of potential deposit withdrawals
and commitment draw-downs, as well as the impact of
changing business environments and extreme events
(e.g. Year 2000 risk) on liquidity requirements. The
analyses are evaluated and strategies are formulated
to enable us to react to changes in an appropriate and
timely manner.
Performance Review:
The liquidity ratio increased to 29.2% at October 31, 1999
from 28.4% at October 31, 1998, as discussed further on
page 34.
Operational Risk
Strategy:
Operational risk is inherent in all business activities,
and the management of these risks is important to the
achievement of business objectives. While operational
risks can never be eliminated, they can be managed and
mitigated to preserve and create value. That is our goal.
Approach:
A Board-approved policy provides clear direction to all
linesofbusinessandemployeesandestablishesaccount-
a
bilities and responsibilities to identify, assess, appropri-
ately
mitigate and control operational risks. We continue
to use the strengths and specialized knowledge of our
Risk Management, Corporate Audit, Emfisys and other
support functions in the Bank to support the lines of
business in managing operational risk.
Operational risk is managed through effective infra-
structure, appropriate controls and sound governance,
as follows.
Infrastructure
Keyelementsoftheinfrastructureincludequalied,well-
trained personnel, clear authorization levels and reliable
technology. Controls, established by documented poli-
cies and procedures, include the regular examination of
internal controls by an independent internal audit func-
tion, appropriate segregation of responsibilities, and
accuratenancial management and reporting. In addi-
tion,contingencyplansforsystemsfailureorcatastrophic
events are in place, including back-up systems. We also
mitigate exposures where appropriate through insurance
coverage, which is reviewed regularly as part of our
integrated insurance program.
Reporting
The Risk Management Group reports significant opera-
tional events (if any) that occur throughout the Bank to
executive management and the Board of Directors. Cor-
porate Audit also provides regular reports to the Audit
Committee of the Board of Directors on the effectiveness
of internal controls.
Governance
We monitor on a regular basis the effectiveness of our
management of operational risks. The Risk Management
Group and Corporate Audit provide executive manage-
ment and the Board of Directors with independent
analysis andndings on the state of operational risk
management within the Bank.
Measures:
The financial measure of operational risk is actual losses
incurred.
Performance Review:
No material losses occurred in 1999, 1998 or 1997; how-
ever, there is no assurance that we will not suffer such
losses in the future due to the nature of this risk.
Year 2000
The Year 2000 issue is pervasive, as almost all date-sen-
sitive systems will be affected to some degree by the
rollover of the two-digit year from 99 to 00. Potential risks
of not addressing this issue include business interruption,
financial loss, reputation loss and/or legal liability.
We have been working since 1994 to prepare our date-
sensitive systems and equipment to meet the Year 2000
challenge. The process for Year 2000 compliance has
involved four major steps:
Inventory: We conducted a Bank-wide inventory
of all
date-sensitive systems and equipment. We per
formed
an initial assessment of time and effort required.
Assessment/Plan: We performed an impact assessment
by evaluating remediation options, prioritizing work
and developing compliance plans.
Implementation: The implementation step included
verification, conversion and replacement or retirement
of assets. If an asset was not retired, it was tested and
its Year 2000 compliance was verified.
Integration: Integration testing consisted of confirm-
ing that the business functions work accurately and
without disruption under specific Year 2000 dates,
with all applications, interfaces and infrastructure
functioning correctly.