SunTrust 2004 Annual Report Download - page 40

Download and view the complete annual report

Please find page 40 of the 2004 SunTrust annual report below. You can navigate through the pages in the report by either clicking on the pages listed below, or by using the keyword search tool below to find specific information within the annual report.

Page out of 116

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
  • 115
  • 116

38 SUNTRUST 2004 ANNUAL REPORT
MANAGEMENTS DISCUSSION continued
ing risk.These three areas of risk are managed on a consolidated
basis under the Company’s enterprise risk management framework.
As part of its risk governance framework, the Company has also
established various risk management-related committees.These
committees are jointly responsible for ensuring adequate risk
measurement and management in their respective areas of
authority.These committees include: Asset/Liability Management
Committee (ALCO), Credit Management Committee, and Opera-
tional Risk Committee. Additionally, the Company has established
an Enterprise Risk Committee (ERC), chaired by the CRO, that is
responsible for supporting the CRO in measuring and managing
the Company’s aggregate risk profile.The ERC consists of various
senior executives throughout the Company and meets on a bi-
monthly basis.
The Board of Directors is wholly responsible for oversight of the
Company’s corporate risk governance process. In 2005, the
Company formed the Risk Committee of the Board, which will assist
the Board of Directors in executing this responsibility.
CREDIT RISK MANAGEMENT
Credit risk refers to the potential for economic loss arising from the
failure of SunTrust clients to meet their contractual agreements on
all credit instruments, including on-balance-sheet exposures from
loans and leases, contingent exposures from unfunded commit-
ments, letters of credit, credit derivatives, and counterparty risk
under interest rate and foreign exchange derivative products. As
credit risk is an essential component of many of the products and
services provided by the Company to its clients, the ability to accu-
rately measure and manage credit risk is integral to maintain both
the long-run profitability of its lines of business and capital ade-
quacy of the enterprise.
SunTrust manages and monitors extensions of credit risk through
initial underwriting processes and periodic reviews. SunTrust main-
tains underwriting standards in accordance with credit policies and
procedures; and, Credit Risk Management conducts independent
risk reviews to ensure active compliance with all policies and proce-
dures.Credit Risk Management periodically reviews its lines of busi-
ness to monitor asset quality trends and the appropriateness of
credit policies. In particular, total borrower exposure limits are
established and concentration risk is monitored. SunTrust has made
a major commitment to maintain and enhance comprehensive
credit systems in order to be compliant with business requirements
and evolving regulatory standards.As part of a continuous improve-
ment process, SunTrust Credit Risk Management evaluates poten-
tial enhancements to its risk measurement and management tools,
implementing them as appropriate along with amended credit poli-
cies and procedures.
Borrower/Counterparty (obligor) risk and facility risk are evaluated
using the Company’s risk rating methodology, which has been
implemented in the lines of business representing the largest total
credit exposures. SunTrust uses various risk models in the estima-
tion of expected and unexpected losses.These models incorporate
both internal and external default and loss experience.To the extent
possible, the Company collects internal data to ensure the validity,
reliability, and accuracy of its risk models used in default and loss
estimation.
OPERATIONAL RISK MANAGEMENT
SunTrust is instituting an Operational Risk Management program
which encompasses the use of a structured and disciplined
approach for the identification, assessment, measurement, mitiga-
tion, monitoring, and reporting of operational risk-related events.
This framework includes SunTrust’s policy to maintain a compre-
hensive system of internal controls for each operating unit, line of
business and subsidiary.
The framework being implemented by the Company defines opera-
tional risk as the risk of loss resulting from inadequate or failed
internal processes, people, and systems, or external events.This def-
inition includes compliance (legal) risk, which is the risk of loss from
violations of, or nonconformance with laws, rules, regulations, pre-
scribed practices, or ethical standards.The Company’s definition of
operational risk does not include strategic or reputational risks.
SunTrust believes that effective management of operational risk
plays a major role in both the level and the stability of the prof-
itability of the institution. SunTrust has established a corporate
level Operational Risk Management function, headed by the Chief
Operational Risk Officer,to support the management of operational
risk. The Chief Operational Risk Officer also oversees the
Operational Risk Forum, a monthly meeting of all of SunTrust’s
operational risk managers.
The corporate governance structure includes an Operational Risk
Manager and support staff embedded within each line of business
and corporate function. These risk managers, while reporting
directly to their respective line or function, facilitate communica-
tions with the Company’s corporate risk functions and execute the
requirements of the corporate framework and policy. The
Operational Risk Manager works closely with the corporate
Operational Risk Management function to ensure consistency
and best practices.
MARKET RISK MANAGEMENT
Market risk refers to potential losses arising from changes in interest
rates, foreign exchange rates, equity prices, commodity prices, and
other relevant market rates or prices. Interest rate risk, defined as
the exposure of net interest income and Economic Value of Equity
(EVE) to adverse movements in interest rates, is SunTrust’s primary
market risk, and mainly arises from the structure of the balance
sheet (non-trading activities). SunTrust is also exposed to market
risk in its trading activities, mortgage servicing rights, mortgage
warehouse and pipeline, and equity holdings of The Coca-Cola
Company common stock.The ALCO meets regularly and is respon-
sible for reviewing the interest-rate sensitivity position of the
Company and establishing policies to monitor and limit exposure to