Discover 2009 Annual Report Download - page 26

Download and view the complete annual report

Please find page 26 of the 2009 Discover annual report below. You can navigate through the pages in the report by either clicking on the pages listed below, or by using the keyword search tool below to find specific information within the annual report.

Page out of 178

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
  • 115
  • 116
  • 117
  • 118
  • 119
  • 120
  • 121
  • 122
  • 123
  • 124
  • 125
  • 126
  • 127
  • 128
  • 129
  • 130
  • 131
  • 132
  • 133
  • 134
  • 135
  • 136
  • 137
  • 138
  • 139
  • 140
  • 141
  • 142
  • 143
  • 144
  • 145
  • 146
  • 147
  • 148
  • 149
  • 150
  • 151
  • 152
  • 153
  • 154
  • 155
  • 156
  • 157
  • 158
  • 159
  • 160
  • 161
  • 162
  • 163
  • 164
  • 165
  • 166
  • 167
  • 168
  • 169
  • 170
  • 171
  • 172
  • 173
  • 174
  • 175
  • 176
  • 177
  • 178

Counterparty credit risk is managed through our Counterparty Credit Committee. Our Counterparty Credit Committee’s
responsibilities include (i) establishing an enterprise-wide approach to counterparty credit risk management through a
program for the identification, measurement, management and reporting of counterparty credit risks; (ii) providing
oversight for controls, limits, thresholds and governance processes related to our ongoing management of counterparty
credit risks; (iii) reviewing the enterprise-wide portfolio of counterparty risks and ensuring those risks remain within
tolerances; and (iv) approving acceptance of and limits for counterparties that represent significant exposure to us.
Market Risk. Market risk is the risk to our financial condition resulting from adverse movements in market rates or
prices, such as interest rates, foreign exchange rates, credit spreads or equity prices. We are exposed to various types of
market risk, in particular interest rate risk and other risks that arise through the management of our investment portfolio.
Market risk exposures are managed through the Asset/Liability Management Committee. The responsibilities of our
Asset/Liability Management Committee include (i) maintaining oversight and responsibility for all risks associated with the
Asset/Liability Management process including risks associated with liquidity and funding, market risk and our investment
portfolio; and (ii) recommending limits to be included in the risk appetite and limit structure.
Liquidity Risk. Liquidity risk is the potential that we will be unable to meet our obligations as they come due because of
an inability to obtain adequate funding or liquidate assets without significantly lowering market prices because of
inadequate market depth or market disruptions. Liquidity risk exposures are managed through our Asset/Liability
Management Committee. The responsibilities of our Asset/Liability Management Committee include (i) providing oversight
and approval for liquidity risk and funding management strategies implemented by Corporate Treasury and ensuring that
these strategies are consistent with our overall asset/liability management strategy, risk appetite and strategic limits; and
(ii) reviewing and approving limits for managing liquidity and funding.
Operational Risk. Operational risk arises from the potential that inadequate information systems, operational
problems, breaches in internal controls, fraud or external events will result in reputational harm or losses. Model risk,
which is a part of operational risk, arises in our businesses and encompasses various operational risk sub-categories. We
further differentiate operational risk into the following sub-categories: theft and fraud; employment practices and
workplace safety; customer, products and business practices; technology; physical asset and data security; processing;
financial and reporting; and external provider.
Operational risk exposures are managed through a combination of business line management and enterprise-wide
oversight. Enterprise-wide oversight is provided through our Operational Risk Committee. Responsibilities of our
Operational Risk Committee include (i) establishing and communicating operational risk policies, tolerance and
philosophy; (ii) establishing procedures for implementing our operational risk measurement, monitoring and management
policies; and (iii) reviewing aggregate risk exposures and efficacy of our risk identification, measurement, monitoring and
management policies and procedures, and related controls within our business units.
Compliance and Legal Risk. Compliance risk is the operational risk of legal or regulatory sanctions, financial loss or
damage to reputation resulting from failure to comply with laws, regulations, rules, other regulatory requirements, or
codes of conduct and other standards of self-regulatory organizations applicable to us. Legal risk arises from the potential
that unenforceable contracts, lawsuits or adverse judgments can disrupt or otherwise negatively affect our operations or
condition. These risks are inherent in all of our businesses. Both compliance and legal risk are sub-sets of operational risk
but are recognized as a separate and complementary risk category by us given their importance to us and the specific
capabilities and resources we deploy to manage these risk types effectively.
Compliance and legal risk exposures are actively and primarily managed by our business units in conjunction with our
Law and Compliance Department. Our compliance program governs the management of compliance risk. Our Risk
Committee oversees our compliance and legal risk management. Our Law and Compliance Department provides
independent oversight for all of our compliance and legal risk management activities. Our Law and Compliance
Department coordinates with Corporate Risk Management for the management of compliance and legal risks by
reporting and escalating material incidents, completing risk and control self-assessments, and monitoring and reporting
key risk indicators.
-14-