PNC Bank 2015 Annual Report Download - page 88

Download and view the complete annual report

Please find page 88 of the 2015 PNC Bank annual report below. You can navigate through the pages in the report by either clicking on the pages listed below, or by using the keyword search tool below to find specific information within the annual report.

Page out of 256

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
  • 115
  • 116
  • 117
  • 118
  • 119
  • 120
  • 121
  • 122
  • 123
  • 124
  • 125
  • 126
  • 127
  • 128
  • 129
  • 130
  • 131
  • 132
  • 133
  • 134
  • 135
  • 136
  • 137
  • 138
  • 139
  • 140
  • 141
  • 142
  • 143
  • 144
  • 145
  • 146
  • 147
  • 148
  • 149
  • 150
  • 151
  • 152
  • 153
  • 154
  • 155
  • 156
  • 157
  • 158
  • 159
  • 160
  • 161
  • 162
  • 163
  • 164
  • 165
  • 166
  • 167
  • 168
  • 169
  • 170
  • 171
  • 172
  • 173
  • 174
  • 175
  • 176
  • 177
  • 178
  • 179
  • 180
  • 181
  • 182
  • 183
  • 184
  • 185
  • 186
  • 187
  • 188
  • 189
  • 190
  • 191
  • 192
  • 193
  • 194
  • 195
  • 196
  • 197
  • 198
  • 199
  • 200
  • 201
  • 202
  • 203
  • 204
  • 205
  • 206
  • 207
  • 208
  • 209
  • 210
  • 211
  • 212
  • 213
  • 214
  • 215
  • 216
  • 217
  • 218
  • 219
  • 220
  • 221
  • 222
  • 223
  • 224
  • 225
  • 226
  • 227
  • 228
  • 229
  • 230
  • 231
  • 232
  • 233
  • 234
  • 235
  • 236
  • 237
  • 238
  • 239
  • 240
  • 241
  • 242
  • 243
  • 244
  • 245
  • 246
  • 247
  • 248
  • 249
  • 250
  • 251
  • 252
  • 253
  • 254
  • 255
  • 256

committee membership includes representatives from business
and risk stakeholder groups that are responsible for helping
ensure risk issues are proactively identified, decisioned,
monitored, communicated and managed appropriately within
the risk management framework.
Risk Organization and Governance
PNC employs a comprehensive risk management governance
framework to help ensure that risks are identified, balanced
decisions are made that consider risk and return, and risks are
adequately monitored and managed. Risk committees
established within this governance framework provide oversight
for risk management activities at the Board, corporate, and
business levels. Committee composition is designed to provide
effective oversight balanced across the three lines of defense in
accordance with the OCC’s heightened risk management and
governance expectations and guidelines. See further discussion
in the Supervision and Regulation section in Item 1 of this
Report.
Risk is managed across three lines of defense:
Business Front Line Units (BFLU) – As the first line of
defense, business front line units are accountable for
identifying, owning and managing risks to within
acceptable levels while adhering to the risk management
framework established by Independent Risk Management.
Our businesses strive to enhance risk management and
internal control processes. Integrated and comprehensive
processes are designed to adequately identify, measure,
manage, monitor and report risks which may significantly
impact each business.
Independent Risk Management (IRM) – As the second
line of defense, IRM oversees risk management and
establishes standards at the enterprise level to support
business management in meeting their responsibilities for
managing risk. IRM is independent from BFLUs and is
responsible for identifying, measuring, monitoring and
controlling aggregate risks.
Internal Audit – As the third line of defense, Internal Audit
is independent from BFLUs and IRM and develops a risk
based audit program to provide assurance on the
management of risk throughout the organization. This
includes auditing business processes across the
organization and reporting on the effectiveness of controls,
as well as auditing the risk management policy and
infrastructure implemented by IRM.
Within the three lines of defense, the risk organization has
sufficient authority to influence material decisions. The Board
oversees enterprise risk management of PNC for any material
changes to the risk profile and periodically reviews core
elements of enterprise risk including the Risk Appetite
Statement, Risk Capacity, Appetite and Strategy, and Risk
Controls and Limits.
We use our governance structure to assess the effectiveness of
our risk management practices on an ongoing basis, based on
how we manage our day-to-day business activities and on our
development and execution of more specific strategies to
mitigate risks. Specific responsibilities include:
Board of Directors – The Board oversees enterprise risk
management. The Risk Committee of the Board of
Directors evaluates PNC’s risk appetite, management’s
assessment of the enterprise risk profile, and the
enterprise-wide risk structure and processes established by
management to identify, measure, monitor, and manage
risk. The Audit Committee of the Board also has
responsibility for select areas of risk (e.g., Financial
Reporting, Ethics and Internal Controls over Financial
Reporting).
Corporate Committees – The corporate committees are
responsible for overseeing risk standards and strategies,
recommending risk limits, policies and metrics,
monitoring risk exposures, reviewing risk profiles and
key risk issues, and approving significant transactions
and initiatives. At the management level, PNC has
established several senior management-level committees
to facilitate the review, evaluation, and management of
risk. The management-level Executive Committee (EC)
is the corporate committee that is responsible for
developing enterprise-wide strategy and achieving PNC’s
strategic objectives. The EC evaluates risk management,
in part, by monitoring risk reporting from the other
corporate committees, which are the supporting
committees for EC.
Working Committees – The working committees are
generally subcommittees of the corporate committees and
include risk management committees for each of PNC’s
major businesses or functions. Working committees are
intended to define, design and develop the risk
management framework, including risk appetite, at the
business or function level. The working committees help
to implement key enterprise-level activities within a
business or function. These committees recommend risk
management policies for the business or function that are
consistent with the enterprise-wide risk management
objectives and policies. The business level committees
are also responsible for approving significant initiatives
under a certain threshold.
Policies and Procedures – PNC has established risk
management policies and procedures to provide
direction, guidance, and clarity on roles and
responsibilities to management and the Board of
Directors. These policies and procedures are organized in
a multi-tiered framework and require periodic review and
approval by relevant committees within the governance
structure.
70 The PNC Financial Services Group, Inc. – Form 10-K