Capital One 2003 Annual Report Download - page 24

Download and view the complete annual report

Please find page 24 of the 2003 Capital One annual report below. You can navigate through the pages in the report by either clicking on the pages listed below, or by using the keyword search tool below to find specific information within the annual report.

Page out of 136

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
  • 115
  • 116
  • 117
  • 118
  • 119
  • 120
  • 121
  • 122
  • 123
  • 124
  • 125
  • 126
  • 127
  • 128
  • 129
  • 130
  • 131
  • 132
  • 133
  • 134
  • 135
  • 136

Integrity, Ethical Values and Risk Management Culture
The Company maintains its risk management culture through various mechanisms designed to bring the
consideration of risk into daily decision making. The Company has a corporate Code of Business Conduct and
Ethics, available on the Corporate Governance page of its website at www.capitalone.com/about, under which
each associate is obligated to behave with integrity in dealing with customers and business partners and to
comply with applicable laws and regulations. The Company also has a corporate values training program and an
associate performance management process that emphasize achieving business results while maintaining
integrity and sound business management. The Company’s risk management culture is also encouraged through
frequent direction and communications from the Board of Directors, senior leadership, internal change
management consulting, corporate and departmental risk management policies, risk management and compliance
training programs and on-going risk assessment activities in the business.
Organizational Structure
The Company’s organizational structure supports consideration of risk in decision making. The corporate ERM
department designs and facilitates the implementation in the business of methodologies to identify and assess
risk, analyze and aggregate risk and mitigation reporting and to evaluate and enhance the risk management
culture. For significant risks reported to the senior management committees, the Audit and Risk Committee, the
Finance Committee and the Board, specific executives are designated as accountable for the management and
monitoring of each such risk. Across the Company, individual business areas utilize business risk offices staffed
by associates from the business who oversee implementation of methodologies and tools for risk identification,
assessment and reporting. The Company’s Corporate Audit Services department also assesses risk and the related
quality of internal controls and quality of risk management through its audit activities.
Risk Identification, Assessment and Response
The Company utilizes a corporate methodology for the management of risk across the individual business areas.
Key risk exposures are identified by each business area and assessed according to potential likelihood and
impact, as well as, the quality of the related controls. If appropriate, mitigation plans are developed for risks and
the business tracks progress against the plans. Individual business units are required to conduct self assessments
at least annually.
Monitoring and Reporting
The Company monitors its key risks, mitigation plans and its growing risk management capability through a
system of on-going measurement and reporting to business area management, the Chief Enterprise Risk Officer,
senior management committees and the Board and its committees. Additionally, Corporate Audit Services
performs separate evaluations of the system of internal control and risk management capability. Corporate Audit
Services reports on the scope and results of its work to the Audit and Risk Committee of the Board of Directors.
Credit Risk Management
Successful management of credit risk, the risk that borrowers may default on their financial obligations to the
Company, is important to the Company’s success. There are four primary sources of credit risk: (1) changing
economic conditions, which affect consumers’ ability to pay; (2) changing competitive environment, which
affects consumer debt loads and borrowing patterns; (3) the Company’s underwriting strategies and standards,
which drive the selection of customers and the terms offered; and (4) the quality of the Company’s internal
controls, which establish a process to test that underwriting conforms to Company standards and identify credit
quality issues so the Company can act upon them a timely manner. The Company is focused on managing each
of these sources of credit risk.
In 2003, the Company continued to build its central credit risk management organization. The Company’s goal
was to continue its strong central oversight of credit policy and programs while maintaining the ability of its
operating units to respond flexibly to changing market and competitive conditions. The Company’s Chief Credit
6