PNC Bank 2012 Annual Report Download - page 118
Download and view the complete annual report
Please find page 118 of the 2012 PNC Bank annual report below. You can navigate through the pages in the report by either clicking on the pages listed below, or by using the keyword search tool below to find specific information within the annual report.-
1 -
2
-
3
-
4
-
5
-
6
-
7
-
8
-
9
-
10
-
11
-
12
-
13
-
14
-
15
-
16
-
17
-
18
-
19
-
20
-
21
-
22
-
23
-
24
-
25
-
26
-
27
-
28
-
29
-
30
-
31
-
32
-
33
-
34
-
35
-
36
-
37
-
38
-
39
-
40
-
41
-
42
-
43
-
44
-
45
-
46
-
47
-
48
-
49
-
50
-
51
-
52
-
53
-
54
-
55
-
56
-
57
-
58
-
59
-
60
-
61
-
62
-
63
-
64
-
65
-
66
-
67
-
68
-
69
-
70
-
71
-
72
-
73
-
74
-
75
-
76
-
77
-
78
-
79
-
80
-
81
-
82
-
83
-
84
-
85
-
86
-
87
-
88
-
89
-
90
-
91
-
92
-
93
-
94
-
95
-
96
-
97
-
98
-
99
-
100
-
101
-
102
-
103
-
104
-
105
-
106
-
107
-
108 -
109 -
110 -
111 -
112 -
113 -
114 -
115 -
116 -
117 -
118 -
119 -
120 -
121 -
122 -
123 -
124 -
125 -
126 -
127 -
128 -
129
-
130
-
131
-
132
-
133
-
134
-
135
-
136
-
137
-
138
-
139
-
140
-
141
-
142
-
143
-
144
-
145
-
146
-
147
-
148
-
149
-
150
-
151
-
152
-
153
-
154
-
155
-
156
-
157
-
158
-
159
-
160
-
161
-
162
-
163
-
164
-
165
-
166
-
167
-
168
-
169
-
170
-
171
-
172
-
173
-
174
-
175
-
176
-
177
-
178
-
179
-
180
-
181
-
182
-
183
-
184
-
185
-
186
-
187
-
188
-
189
-
190
-
191
-
192
-
193
-
194
-
195
-
196
-
197
-
198
-
199
-
200
-
201
-
202
-
203
-
204
-
205
-
206
-
207
-
208
-
209
-
210
-
211
-
212
-
213
-
214
-
215
-
216
-
217
-
218
-
219
-
220
-
221
-
222
-
223
-
224
-
225
-
226
-
227
-
228
-
229
-
230
-
231
-
232
-
233
-
234
-
235
-
236
-
237
-
238
-
239
-
240
-
241
-
242
-
243
-
244
-
245
-
246
-
247
-
248
-
249
-
250
-
251
-
252
-
253
-
254
-
255
-
256
-
257
-
258
-
259
-
260
-
261
-
262
-
263
-
264
-
265
-
266
-
267
-
268
-
269
-
270
-
271
-
272
-
273
-
274
-
275
-
276
-
277
-
278
-
279
-
280
 |
 |
We continue to enhance our methodology to estimate capital
requirements for Operational Risk using a proprietary version
of an Advanced Measurement Approach (AMA). Under the
AMA approach, the results of the program elements described
above are key inputs directly incorporated into the capital
calculation methodology.
Risk professionals from Operational Risk Management,
Technology Risk Management, Business Resiliency,
Compliance, and Legal work closely with business areas to
evaluate risks and help ensure that appropriate controls are
established prior to the introduction of new or enhanced
products, services, and technologies. These risk professionals
also consult with business areas in the design and
implementation of mitigation strategies to address risks and
issues identified through ongoing assessment and monitoring
activities.
PNC’s technology risk management program is aligned with
the operational risk framework. Management of technology
risk is embedded into the culture and decision making
processes of PNC through an information and technology risk
management framework designed to help ensure secure,
sound, and compliant IT systems and infrastructure in support
of business strategies and goals. PNC’s Technology Risk
Management (TRM) function supports enterprise management
of technology risk by independently assessing technology and
information security risks, and by serving in an oversight role
by measuring, monitoring, and challenging enterprise
technology capabilities.
Our business resiliency program manages the organization’s
capabilities to provide services in the case of an event that
results in material disruption of business activities.
Prioritization of investments in people, processes, technology
and facilities is based on different types of events, business
risk and criticality. A testing program validates our resiliency
capabilities on an ongoing basis, and an integrated governance
model is designed to help assure appropriate management
reporting.
Enterprise Compliance is responsible for coordinating the
compliance risk component of PNC’s Operational Risk
framework. Compliance issues are identified and tracked
through enterprise-wide monitoring and tracking programs.
Key compliance risk issues are escalated through a
comprehensive risk reporting process at both a business and
enterprise level and incorporated, as appropriate, into the
development and assessment of the firm’s operational risk
profile. The Compliance, Conflicts & Ethics Policy
Committee, chaired by the Chief Compliance Officer,
provides oversight for compliance, conflicts and ethics
programs and strategies across PNC. This committee also
oversees the compliance processes related to fiduciary and
investment risk. In order to help understand and where
appropriate proactively address emerging regulatory issues,
Enterprise Compliance communicates regularly with various
regulators with supervisory or regulatory responsibilities with
respect to PNC, its subsidiaries or businesses and participates
in forums focused on regulatory and compliance matters in the
financial services industry.
PNC uses insurance where appropriate to help mitigate the
effects of operational risk events. In 2012, PNC implemented
a Network Security & Privacy Liability program to address
associated risks. The purchase of insurance protects against
accidental losses, which, in the aggregate, may affect
personnel, financial objectives, or our ability to meet
responsibilities to various stakeholder groups. While certain
corporate risks are retained through a subsidiary, various
insurers provide the balance of coverage. Uncertainty, related
to insurer coverage determinations, may result in reduced
benefit received from insurance mitigation. Oversight of
insurance purchased is provided by Risk committees within
the governance structure.
On a quarterly basis, an enterprise operational risk report is
developed to report key operational risks to senior
management and the Board of Directors. The report
encompasses key operational risk management conclusions,
including the overall operational risk level, risk management
effectiveness and outlook, grounded in quantitative measures
and qualitative factors. Key enterprise operational risks are
also included in the enterprise risk report. In addition,
operational risk is an integrated part of the quarterly business-
specific risk reports.
Model Risk Management
PNC relies on quantitative models to measure risks and to
estimate certain financial values. Models may be used in such
processes as determining the pricing of various products,
grading and granting loans, measuring interest rate risks and
other market risks, predicting losses, and assessing capital
adequacy, as well as to estimate the value of financial
instruments and balance sheet items. There are risks involved
in the use of models as they have the potential to provide
inaccurate output or results, could be used for purposes other
than those for which they have been designed, or may be
operated in an uncontrolled environment where unauthorized
changes can take place and where other control risks exist.
Model Risk Management is responsible for policies and
procedures describing how model risk is evaluated and
managed, and the application of the governance process to
implement these practices throughout the enterprise. The
Model Risk Management Committee, a subcommittee of the
Enterprise Risk Management Committee, oversees all aspects
of model risk, including PNC’s compliance with regulatory
requirements, and approves exceptions to policy when
appropriate.
To better manage our business, our practices around the use of
models, and to comply with regulatory guidance and
requirements, we have in place policies and procedures that
define our governance processes for assessing and controlling
The PNC Financial Services Group, Inc. – Form 10-K 99