SunTrust 2008 Annual Report Download - page 63

Download and view the complete annual report

Please find page 63 of the 2008 SunTrust annual report below. You can navigate through the pages in the report by either clicking on the pages listed below, or by using the keyword search tool below to find specific information within the annual report.

Page out of 188

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
  • 115
  • 116
  • 117
  • 118
  • 119
  • 120
  • 121
  • 122
  • 123
  • 124
  • 125
  • 126
  • 127
  • 128
  • 129
  • 130
  • 131
  • 132
  • 133
  • 134
  • 135
  • 136
  • 137
  • 138
  • 139
  • 140
  • 141
  • 142
  • 143
  • 144
  • 145
  • 146
  • 147
  • 148
  • 149
  • 150
  • 151
  • 152
  • 153
  • 154
  • 155
  • 156
  • 157
  • 158
  • 159
  • 160
  • 161
  • 162
  • 163
  • 164
  • 165
  • 166
  • 167
  • 168
  • 169
  • 170
  • 171
  • 172
  • 173
  • 174
  • 175
  • 176
  • 177
  • 178
  • 179
  • 180
  • 181
  • 182
  • 183
  • 184
  • 185
  • 186
  • 187
  • 188

The risk governance framework incorporates a variety of senior management risk-related committees. These committees are
responsible for ensuring adequate risk measurement and management in their respective areas of authority. These committees
include: Corporate Risk Committee (“CRC”), Asset/Liability Management Committee (“ALCO”), Corporate Product Risk
Assessment Committee (“PRAC”), and the SERP Steering Committee. The CRC is chaired by the CRO and supports the
CRO in measuring and managing our aggregate risk profile. The CRC consists of various senior executives and meets on a
monthly basis.
Organizationally, we measure and manage risk according to the three traditional risk disciplines of credit risk, market risk
(including liquidity risk) and operational risk (including compliance risk). Corporate risk programs are managed by the Chief
Wholesale Credit Officer and Chief Retail Credit Officer for Credit Risk, the Chief Market Risk Officer for Market Risk, and
the Chief Operational Risk Officer for Operational Risk. The three risk disciplines are managed on a consolidated basis under
our enterprise risk management framework, which also takes into consideration legal and reputation risk factors.
Within each line of business and corporate function is a risk manager and support staff whose primary role is to drive
effective risk management practices throughout the business organization. These risk managers, who report on a dotted line
to the Chief Operational Risk Officer, facilitate communications with corporate risk functions and execute the requirements
of the enterprise risk management framework and policies. Corporate Risk Management works in partnership with the risk
managers to ensure alignment with sound risk management practices as well as industry best practices.
In 2008, we continued to make significant enhancements to our Corporate Risk Management function. The Model Validation
and Performance Measurement groups continued to provide assurance that risks inherent in model development and usage
are properly identified and managed to oversee the calculation of economic capital. Risk identification, assessment and
mitigation planning were formally incorporated into the strategic planning process.
SERP continues to ensure that the approach and plans for risk management are aligned to the vision and mission of
Corporate Risk Management in addition to managing regulatory compliance. In addition, the SERP goal is to ensure our
future compliance with the Basel II Capital Accord. Key objectives of SERP include incorporating risk management
principles that encompass our values and standards and are designed to guide risk-taking activity, maximizing performance
through the balance of risk and reward and leveraging initiatives driven by regulatory requirements to deliver capabilities to
better measure and manage risk.
Credit Risk Management
Credit risk refers to the potential for economic loss arising from the failure of clients to meet their contractual agreements on
all credit instruments, including on-balance sheet exposures from loans and leases, contingent exposures from unfunded
commitments, letters of credit, credit derivatives, and counterparty risk under derivative products. As credit risk is an
essential component of many of the products and services we provide to our clients, the ability to accurately measure and
manage credit risk is integral to maintain both the long-run profitability of our lines of business and our capital adequacy.
The Credit Risk Management group manages and monitors extensions of credit risk through initial underwriting processes
and periodic reviews. They maintain underwriting standards in accordance with credit policies and procedures. The
Corporate Risk Review unit conducts independent risk reviews to ensure active compliance with all policies and procedures.
Credit Risk Management periodically reviews our lines of business to monitor asset quality trends and the appropriateness of
credit policies. In addition, total borrower exposure limits are established and concentration risk is monitored. Credit risk is
partially mitigated through purchase of credit loss protection via third party insurance and use of credit derivatives such as
credit default swaps.
Borrower/counterparty (obligor) risk and facility risk are evaluated using our risk rating methodology, which has been
implemented in all lines of business. We use various risk models in the estimation of expected and unexpected losses. These
models incorporate both internal and external default and loss experience. To the extent possible, we collect internal data to
ensure the validity, reliability, and accuracy of our risk models used in default and loss estimation.
We have made a commitment to maintain and enhance comprehensive credit systems in order to meet business requirements
and comply with evolving regulatory standards. As part of a continuous improvement process, Credit Risk Management
evaluates potential enhancements to our risk measurement and management tools, implementing them as appropriate along
with amended credit policies and procedures.
Operational Risk Management
We face ongoing and emerging risks and regulations related to the activities that surround the delivery of banking and
financial products. Coupled with external influences such as market conditions, fraudulent activities, disasters, security risks,
country risk, and legal risk, the potential for operational and reputational loss has increased significantly.
51