Sallie Mae 2015 Annual Report Download - page 75

Download and view the complete annual report

Please find page 75 of the 2015 Sallie Mae annual report below. You can navigate through the pages in the report by either clicking on the pages listed below, or by using the keyword search tool below to find specific information within the annual report.

Page out of 257

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
  • 115
  • 116
  • 117
  • 118
  • 119
  • 120
  • 121
  • 122
  • 123
  • 124
  • 125
  • 126
  • 127
  • 128
  • 129
  • 130
  • 131
  • 132
  • 133
  • 134
  • 135
  • 136
  • 137
  • 138
  • 139
  • 140
  • 141
  • 142
  • 143
  • 144
  • 145
  • 146
  • 147
  • 148
  • 149
  • 150
  • 151
  • 152
  • 153
  • 154
  • 155
  • 156
  • 157
  • 158
  • 159
  • 160
  • 161
  • 162
  • 163
  • 164
  • 165
  • 166
  • 167
  • 168
  • 169
  • 170
  • 171
  • 172
  • 173
  • 174
  • 175
  • 176
  • 177
  • 178
  • 179
  • 180
  • 181
  • 182
  • 183
  • 184
  • 185
  • 186
  • 187
  • 188
  • 189
  • 190
  • 191
  • 192
  • 193
  • 194
  • 195
  • 196
  • 197
  • 198
  • 199
  • 200
  • 201
  • 202
  • 203
  • 204
  • 205
  • 206
  • 207
  • 208
  • 209
  • 210
  • 211
  • 212
  • 213
  • 214
  • 215
  • 216
  • 217
  • 218
  • 219
  • 220
  • 221
  • 222
  • 223
  • 224
  • 225
  • 226
  • 227
  • 228
  • 229
  • 230
  • 231
  • 232
  • 233
  • 234
  • 235
  • 236
  • 237
  • 238
  • 239
  • 240
  • 241
  • 242
  • 243
  • 244
  • 245
  • 246
  • 247
  • 248
  • 249
  • 250
  • 251
  • 252
  • 253
  • 254
  • 255
  • 256
  • 257

73
The credit risk related to Private Education Loans is managed within a credit risk infrastructure which includes: (i) a well-
defined underwriting, asset quality and collection policy framework; (ii) an ongoing monitoring and review process of portfolio
concentration and trends; (iii) assignment and management of credit authorities and responsibilities; and (iv) establishment of
an allowance for loan losses that covers estimated future losses based upon an analysis of portfolio metrics and economic
factors.
Credit risk related to derivative contracts is managed by reviewing counterparties for credit strength on an ongoing basis
and through our credit policies, which place limits on the amount of exposure we may take with any one counterparty and
require collateral to secure the position. The credit and counterparty risk associated with derivatives is measured based on the
replacement cost should the counterparty with contracts in a gain position to the Company fail to perform under the terms of the
contract.
Operational Risk. Operational risk is the risk to earnings resulting from inadequate or failed internal processes, people
and systems and third-party vendors, or from external events. Operational risk is pervasive in that it exists in all business lines,
functional units, legal entities and geographic locations, and it includes information technology risk, physical security risk on
tangible assets, as well as regulatory, legal and governance risk.
Operational risk exposures are managed through a combination of business line management and enterprise-wide
oversight. The ORC is the oversight body for operational risks and supports the ERC in its oversight duties. The sub-committee
is responsible for escalation to the ERC, as appropriate. Additionally, operational risk metrics, thresholds and limits are
included in the periodic reporting to the Risk Committee of our Board of Directors in the context of the ERM framework.
Regulatory, Legal and Governance Risk. Regulatory risk is the current and prospective risk to earnings or capital arising
from violations of, or non-conformance with, laws, rules, regulations, prescribed practices, internal policies and procedures, or
ethical standards. Legal risk is the risk to earnings, capital or reputation manifested by claims made through the legal system
and may arise from a product, a transaction, a business relationship, property (real, personal or intellectual), conduct of an
employee or a change in law or regulation. Governance risk is the risk of not establishing and maintaining a control
environment that aligns with stakeholder and regulatory expectations, including “tone at the top” and Board performance. These
risks are inherent in all of our businesses. Regulatory, legal and governance risk are sub-sets of operational risk, but have taken
on greater significance in the current environment. We can be exposed to these risks in key areas such as our private education
lending, servicing and collections, and oversight of third-party vendors, if compliance with legal and regulatory requirements is
not properly implemented, documented or tested, as well as when an oversight program does not include appropriate audit and
control features.
Primary ownership and responsibility for legal and regulatory risk is placed with the business segments to manage their
specific legal and regulatory risks. Our Compliance group supports these activities by providing extensive training, monitoring
and testing of the processes, policies and procedures utilized by our business segments, maintaining consumer lending
regulatory and information security policies and procedures, and working in close coordination with our Legal group. Our
Operational Risk Committee has oversight over the establishment of standards related to our monitoring and control of legal
and regulatory risks, and the General Counsel reports regularly to the Risk Committee of our Board of Directors.
Our Code of Business Conduct and the on-going training our employees receive in many compliance areas provide a
framework for our employees to conduct themselves with the highest integrity. We instill a risk-conscious culture through
communications, training, policies and procedures. We have strengthened the linkage between the management performance
process and individual compensation to encourage employees to work toward corporate-wide compliance goals.
Market Risk. Market risk is the risk to earnings or capital resulting from changes in market conditions, such as interest
rates, credit spreads, or other volatilities. We are exposed to various types of market risk, in particular the risk of loss resulting
from interest rate risk, basis risk and other risks that arise through the management of our investment, debt and education loan
portfolios. Market risk exposures are managed primarily through ALCO. These activities are closely tied to those related to the
management of our funding and liquidity risks. The Risk Committee of our Board of Directors periodically reviews and
approves the investment and asset and liability management policies and contingency funding plan developed and administered
by ALCO. The Risk Committee of our Board of Directors as well as our Chief Financial Officer report to the full Board of
Directors on matters of market risk management.