Discover 2011 Annual Report Download - page 25

Download and view the complete annual report

Please find page 25 of the 2011 Discover annual report below. You can navigate through the pages in the report by either clicking on the pages listed below, or by using the keyword search tool below to find specific information within the annual report.

Page out of 178

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
  • 115
  • 116
  • 117
  • 118
  • 119
  • 120
  • 121
  • 122
  • 123
  • 124
  • 125
  • 126
  • 127
  • 128
  • 129
  • 130
  • 131
  • 132
  • 133
  • 134
  • 135
  • 136
  • 137
  • 138
  • 139
  • 140
  • 141
  • 142
  • 143
  • 144
  • 145
  • 146
  • 147
  • 148
  • 149
  • 150
  • 151
  • 152
  • 153
  • 154
  • 155
  • 156
  • 157
  • 158
  • 159
  • 160
  • 161
  • 162
  • 163
  • 164
  • 165
  • 166
  • 167
  • 168
  • 169
  • 170
  • 171
  • 172
  • 173
  • 174
  • 175
  • 176
  • 177
  • 178

13
Risk Categories
Our risk management program is organized around six major risk categories: credit risk, market risk, liquidity risk,
operational risk, legal and compliance risk, and strategic risk. We evaluate the potential impact of a risk event on the company
by assessing the financial impact, the impact to our reputation, the legal and regulatory impact, and the client/customer impact.
In addition, we have established various policies to help govern these risks.
Credit Risk. Credit risk arises from the potential that a borrower or counterparty will fail to perform on an obligation.
Our credit risk includes consumer credit risk and counterparty credit risk. Consumer credit risk is primarily incurred by issuing
loans to consumers. Counterparty credit risk is incurred through a number of activities including settlement, certain marketing
programs, treasury and asset/liability management, network incentive programs, vendor relationships and insurers.
Management of consumer credit risk is the primary responsibility of the Discover Bank Credit Committee. The
responsibilities of the Discover Bank Credit Committee include: (i) establishing consumer credit risk philosophy and tolerance;
(ii) establishing procedures for implementing and ensuring compliance with risk identification, measurement, monitoring, and
management policies and procedures for consumer credit risk management; and (iii) reviewing, on a periodic basis, aggregate
risk exposures and efficacy of risk measurement, monitoring and management policies and procedures within the credit risk
management department.
Counterparty credit risk is managed through our Counterparty Credit Committee. Our Counterparty Credit Committee's
responsibilities include: (i) establishing an enterprise-wide approach to counterparty credit risk management through a program
for the identification, measurement, management and reporting of counterparty credit risks; (ii) providing oversight for
controls, limits, thresholds and governance processes related to our ongoing management of counterparty credit risks;
(iii) reviewing our enterprise-wide portfolio of counterparty risks and ensuring those risks remain within our tolerances; and
(iv) approving acceptance of and limits for counterparties that represent significant exposure to us.
Market Risk. Market risk is the risk to our financial condition resulting from adverse movements in market rates or
prices, such as interest rates, foreign exchange rates, credit spreads or equity prices. We are exposed to various types of market
risk, in particular interest rate risk and other risks that arise through the management of our investment portfolio. Market risk
exposures are managed through the Asset/Liability Management Committee. The responsibilities of our Asset/Liability
Management Committee include: (i) maintaining oversight and responsibility for all risks associated with the asset/liability
management process, including risks associated with liquidity and funding, market risk and our investment portfolio; and
(ii) recommending limits to be included in our risk appetite and limit structure.
Liquidity Risk. Liquidity risk is the potential that we will be unable to meet our obligations as they come due because of
an inability to obtain adequate funding or liquidate assets without significantly lowering market prices because of inadequate
market depth or market disruptions. Liquidity risk exposures are managed through our Asset/Liability Management Committee.
The responsibilities of our Asset/Liability Management Committee are described above.
Operational Risk. Operational risk arises from the potential that inadequate information systems, operational problems,
breaches in internal controls, fraud or external events will result in reputational harm or losses. Operational risk also arises from
model risk, which is the potential that we will incur a financial loss, make incorrect business decisions or cause damage to our
reputation as a result of: (i) errors in financial and decision model design and development, (ii) misapplication of financial or
decision models, or (iii) errors in the financial and decision model production process. We further differentiate operational risk
into the following sub-categories: theft and fraud; employment practices and workplace safety; customer, products and business
practices; technology; physical asset and data security; processing; financial and reporting; and external provider.
Operational risk exposures are managed through a combination of business line management and enterprise-wide
oversight. Enterprise-wide oversight is provided through our Operational Risk Committee. Responsibilities of our Operational
Risk Committee include: (i) establishing and communicating operational risk policies, tolerance and philosophy;
(ii) establishing procedures for implementing our operational risk measurement, monitoring and management policies; and
(iii) reviewing aggregate risk exposures and the efficacy of our risk identification, measurement, monitoring and management
policies and procedures, and related controls within our business units. In addition, model risk is managed through a model
governance process and models are subject to independent validation.
Compliance and Legal Risk. Compliance risk is the operational risk of legal or regulatory sanctions, financial loss or
damage to reputation resulting from failure to comply with laws, regulations, rules, other regulatory requirements, or codes of
conduct and other standards of self-regulatory organizations applicable to us. Legal risk arises, in part, from the potential that
unenforceable contracts, lawsuits or adverse judgments can disrupt or otherwise negatively affect our operations or condition.
These risks are inherent in all of our businesses. Both compliance and legal risk are sub-sets of operational risk but are
recognized as a separate and complementary risk category by us given their importance and the specific capabilities and
resources we deploy to manage these risk types effectively.
Table of Contents