SunTrust 2007 Annual Report Download - page 57

Download and view the complete annual report

Please find page 57 of the 2007 SunTrust annual report below. You can navigate through the pages in the report by either clicking on the pages listed below, or by using the keyword search tool below to find specific information within the annual report.

Page out of 168

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
  • 115
  • 116
  • 117
  • 118
  • 119
  • 120
  • 121
  • 122
  • 123
  • 124
  • 125
  • 126
  • 127
  • 128
  • 129
  • 130
  • 131
  • 132
  • 133
  • 134
  • 135
  • 136
  • 137
  • 138
  • 139
  • 140
  • 141
  • 142
  • 143
  • 144
  • 145
  • 146
  • 147
  • 148
  • 149
  • 150
  • 151
  • 152
  • 153
  • 154
  • 155
  • 156
  • 157
  • 158
  • 159
  • 160
  • 161
  • 162
  • 163
  • 164
  • 165
  • 166
  • 167
  • 168

In 2007, we continued to make significant enhancements to our Enterprise Risk Management function. The Model Validation
and Enterprise Risk Measurement groups continued to provide reasonable assurance that risks inherent in model
development and usage are properly identified and managed to oversee the calculation of economic capital. Risk
identification, assessment and mitigation planning were formally incorporated into the strategic planning process. SERP
continued to ensure that the approach and plans for risk management are aligned to the vision and mission of Enterprise Risk
Management in addition to managing regulatory compliance. In addition, SERP’s goal is to ensure our future compliance
with the Basel II Capital Accord. Key objectives of SERP include incorporating risk management principles that encompass
company values and standards and are designed to guide risk-taking activity, maximizing performance through the balance of
risk and reward and leveraging initiatives driven by regulatory requirements to deliver capabilities to better measure and
manage risk.
As part of our risk governance framework, we have also established various risk management-related committees. These
committees are jointly responsible for ensuring adequate risk measurement and management in their respective areas of
authority. These committees include: Asset/Liability Management Committee (“ALCO”), Corporate Product Risk
Assessment Committee (“PRAC”), Credit Management Committee and the SERP Steering Committee. Additionally, we
have established an Enterprise Risk Committee (“ERC”), chaired by the CRO, which is responsible for supporting the CRO
in measuring and managing our aggregate risk profile. The ERC consists of various senior executives throughout the
Company and meets on a monthly basis.
The Board of Directors is wholly responsible for oversight of our corporate risk governance process. The Risk Committee of
the Board, which was formed in 2005, assists the Board of Directors in executing this responsibility.
Credit Risk Management
Credit risk refers to the potential for economic loss arising from the failure of SunTrust clients to meet their contractual
agreements on all credit instruments, including on-balance sheet exposures from loans and leases, contingent exposures from
unfunded commitments, letters of credit, credit derivatives, and counterparty risk under interest rate and foreign exchange
derivative products. As credit risk is an essential component of many of the products and services we provide to our clients,
the ability to accurately measure and manage credit risk is integral to maintain both the long-run profitability of our lines of
business and our capital adequacy.
We manage and monitor extensions of credit risk through initial underwriting processes and periodic reviews. We maintain
underwriting standards in accordance with credit policies and procedures, and Credit Risk Management conducts
independent risk reviews to ensure active compliance with all policies and procedures. Credit Risk Management periodically
reviews our lines of business to monitor asset quality trends and the appropriateness of credit policies. In particular, total
borrower exposure limits are established and concentration risk is monitored. We have made a major commitment to
maintain and enhance comprehensive credit systems in order to be compliant with business requirements and evolving
regulatory standards. As part of a continuous improvement process, SunTrust Credit Risk Management evaluates potential
enhancements to our risk measurement and management tools, implementing them as appropriate along with amended credit
policies and procedures.
Borrower/counterparty (obligor) risk and facility risk are evaluated using our risk rating methodology, which has been
implemented in the lines of business representing the largest total credit exposures. We use various risk models in the
estimation of expected and unexpected losses. These models incorporate both internal and external default and loss
experience. To the extent possible, we collect internal data to ensure the validity, reliability, and accuracy of our risk models
used in default and loss estimation.
Operational Risk Management
We face ongoing and emerging risks and regulations related to the activities that surround the delivery of banking and
financial products. Coupled with external influences such as market conditions, fraudulent activities, disasters, security risks,
country risk, and legal risk, the potential for operational and reputational loss has increased significantly.
We believe that effective management of operational risk - defined as the risk of loss resulting from inadequate or failed
internal processes, people and systems, or from external events - plays a major role in both the level and the stability of the
profitability of the institution. Our Operational Risk Management function oversees an enterprise-wide framework intended
45