Capital One 2005 Annual Report Download - page 15

Download and view the complete annual report

Please find page 15 of the 2005 Capital One annual report below. You can navigate through the pages in the report by either clicking on the pages listed below, or by using the keyword search tool below to find specific information within the annual report.

Page out of 129

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
  • 115
  • 116
  • 117
  • 118
  • 119
  • 120
  • 121
  • 122
  • 123
  • 124
  • 125
  • 126
  • 127
  • 128
  • 129

The Company’ s ERM framework includes eight categories of risk: credit, liquidity, market, operational, legal, strategic,
putation, and compliance. re
B
oard and Senior Management Oversight
A combination of the Board and senior management committees is used to oversee the management of risk. The Audit and
Risk Committee of the Board of Directors oversees the Company s accounting, financial reporting, internal controls and risk
assessment and management processes. The Audit and Risk Committee also reviews periodic reporting on significant
Company risks and mitigation activities and compliance with corporate risk policies. The Board Finance and Trust Oversight
Committee oversees liquidity and market risk. The Executive Committee, a committee of senior management chaired by the
Chief Executive Officer, provides guidance to senior executives regarding strategic risk and provides an integrated view of
sk through reports by the Company’ s other senior management committees: ri
Enterprise Risk Management Committee—provides advice and counsel to the Chief Enterprise Risk Officer and
other executives on enterprise risk management governance, process, methodologies and reporting, with a primary
focus on operational and compliance risk.
Enterprise Operating Committee—provides advice and guidance to senior executives on significant matters
affecting the Company’ s associates, infrastructure, reputation and operations. The Committee seeks to drive
awareness of the Company’ s reputational risks, mobilize management of such risks, ensure the alignment of the
Company’ s policies and resources with its strategic business priorities and encourage innovation and leadership.
Credit Policy Committee—provides advice and counsel to the Chief Credit Officer and other executives on credit
policy decisions; approves certain credit policies; reviews data pertaining to the credit control environment,
including Board approved risk tolerances; reviews regulatory, audit and credit review findings; assesses the
adequacy of corrective actions; and provides direction on credit risk management.
Asset and Liability Management Committee—provides advice and counsel to the Chief Financial Officer and other
executives on the acquisition and deployment of funds, the liquidity position of the Company and its subsidiaries
capital management, off-balance sheet activities, and activities related to the management of interest rate risk, and
investment activities.
Integrity, Ethical Values and Risk Management Culture
The Company maintains its risk management culture through various mechanisms designed to bring the consideration of risk
into daily decision making. The Company has a corporate Code of Business Conduct and Ethics, available on the Corporate
Governance page of its website at www.capitalone.com/about, under which each associate is obligated to behave with
integrity in dealing with customers and business partners and to comply with applicable laws and regulations. The Company
also has a compliance training program and an associate performance management process that emphasize achieving business
results while ensuring integrity, legal compliance and sound business management. The Company’ s risk management culture
is also encouraged through frequent direction and communications from the Board of Directors, senior leadership, corporate
and departmental risk management policies, risk management and compliance training programs and on-going risk
assessment activities in the business.
Organizational Structure for Risk Identification, Monitoring and Reporting
The Company’ s organizational structure supports consideration of risk in decision making. The Company monitors its key
risks, mitigation plans and its risk management capability through a system of on-going measurement and reporting to
business area management, the Chief Enterprise Risk Officer, senior management committees and the Board and its
committees. The corporate ERM department designs and facilitates the implementation of methodologies to identify and
assess risk, analyze and aggregate risk and mitigation reporting and to evaluate and enhance the risk management culture.
Each business area uses these methodologies to identify key risk exposures which are assessed according to potential
likelihood and impact, as well as, the quality of the related controls. If appropriate, risk response plans are developed for risks
and the business tracks progress against the plans. For significant risks reported to the senior management committees and
the Board, specific executives are designated as accountable for the management and monitoring of each such risk. Across
the Company, individual business areas utilize Business Risk Offices staffed by associates from the business who oversee
implementation of methodologies and tools for risk identification, assessment and reporting. The Company s Corporate Audit
Services department also assesses risk and the related quality of internal controls and risk management through its audit
activities. Corporate Audit Services reports on the scope and results of its work to the Audit and Risk Committee of the
Board of Directors.
6