TD Bank 2007 Annual Report Download - page 72

Download and view the complete annual report

Please find page 72 of the 2007 TD Bank annual report below. You can navigate through the pages in the report by either clicking on the pages listed below, or by using the keyword search tool below to find specific information within the annual report.

Page out of 138

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
  • 115
  • 116
  • 117
  • 118
  • 119
  • 120
  • 121
  • 122
  • 123
  • 124
  • 125
  • 126
  • 127
  • 128
  • 129
  • 130
  • 131
  • 132
  • 133
  • 134
  • 135
  • 136
  • 137
  • 138

TD BANK FINANCIAL GROUP ANNUAL REPORT 2007 Management’s Discussion and Analysis68
Insurance Risk
Insurance risk is the risk of loss due to actual insurance claims
exceeding the expected insurance claims. This risk can arise due
to improper estimation or selection of the underlying risks, poor
product design, adverse development of insurance liabilities,
extreme or catastrophic events, as well as the inherent random-
ness associated with the risks insured.
Insurance by nature involves the distribution of products that
transfer individual risks with the expectation of a return built
into the insurance premiums earned. We are exposed to insur-
ance risk in our property and casualty insurance business, and
in our life and health insurance and reinsurance businesses.
WHO MANAGES INSURANCE RISK
Primary responsibility for managing insurance risk lies with
senior management within the insurance business units, with
oversight from the Risk Management Department. The Audit
Committee of the Board acts as the Audit and Conduct Review
Committee for the Canadian insurance company subsidiaries.
The insurance company subsidiaries also have their own sepa-
rate boards of directors, as well as independently appointed
Actuaries that provide additional risk management oversight.
HOW WE MANAGE INSURANCE RISK
We maintain a number of policies and practices to manage
insurance risk. Sound product design is an essential element.
The vast majority of risks insured are short-term in nature,
that is, they do not involve long-term pricing guarantees.
Geographic diversification and product-line diversification are
important elements, as well. Reinsurance protection is purchased
to further minimize exposure to fluctuations in claims, notably
the exposure to natural catastrophes in the property and casu-
alty insurance business. We also manage risk through effective
underwriting and claim adjudication practices, ongoing moni-
toring of experience, and stress-testing scenario analysis.
Operational Risk
Operational risk is the risk of loss resulting from inadequate
or failed internal processes, people and systems or from
external events.
Operating a complex financial institution exposes our busi-
nesses to a broad range of operational risks, including failed
transaction processing and documentation errors, fiduciary and
information breaches, technology failures, business disruption,
theft and fraud, workplace safety and damage to physical
assets originating from internal or outsourced business activi-
ties. The impact can result in financial loss, reputational harm or
regulatory censure and penalties.
Managing operational risk is imperative to creating and sus-
taining shareholder value, operating efficiently and providing
reliable, secure and convenient access to financial services. This
involves ensuring we maintain an effective operational risk man-
agement framework of policies, processes, resources and inter-
nal controls for managing operational risk to acceptable levels.
WHO MANAGES OPERATIONAL RISK
The Risk Management Department is responsible for the design
and maintenance of our overall operational risk management
framework that sets out the enterprise level governance pro-
cesses, policies and practices to identify, assess, report, mitigate
and control operational risk. The Risk Management Department
facilitates appropriate monitoring and reporting of our opera-
tional risk exposures and policy compliance to senior manage-
ment, the Operational Risk Oversight Committee and the Risk
Committee of the Board.
We also maintain specialist groups who focus exclusively
on managing specific operational risk exposures that require
targeted mitigation activities. These areas are responsible for
setting enterprise-level policies and maintaining appropriate
oversight in particular areas such as business continuity,
outsourcing management, technology risk management and
information security.
The senior management of individual business units has
primary accountability for the ongoing management of
operational risk in accordance with our operational risk man-
agement policies. Each business unit and corporate area has an
independent risk management function that implements the
operational risk management framework consistent with the
nature and scope of the operational risks to which the area is
exposed. Each business unit has a Risk Management Committee
consisting of the senior executives in the unit that provides
oversight on operational risk management issues and initiatives.
HOW WE MANAGE OPERATIONAL RISK
Through the operational risk management framework, we
maintain a system of comprehensive policies, processes and
methodologies to manage operational risk to acceptable levels
and emphasize proactive management practices. Key opera-
tional risk management practices include:
Risk and Control Self-Assessment
Internal control serves as one of the primary lines of defence in
safeguarding our employees, customers, assets, information and
preventing and detecting errors and fraud. The Risk and Control
Self-Assessment is a comprehensive process adopted by each of
our businesses and corporate areas to proactively identify key
operational risks to which they are exposed and assess whether
there are appropriate internal controls in place to mitigate these
risks. Management also uses the results of this process to ensure
their businesses maintain effective internal controls in compli-
ance with our operating and risk management policies.
Operational Risk Event Monitoring
Operational risk event monitoring is important to maintain our
awareness of the risks we encounter and to assist management
in taking constructive action to reduce our exposure to future
losses. We use a centralized reporting system to monitor and
report on internal and external operational risk events. This
event data is analyzed to determine trends for benchmarking,
and to gain an understanding of the types of risks our busi-
nesses and the Bank face.
Risk Reporting
The Risk Management Department, in partnership with business
management, facilitates regular reporting of key risk indicators
and other risk-related metrics to senior management and the
Board of Directors that provide transparent information regard-
ing the level and direction of risk throughout the Bank.
Significant operational risk issues and action plans are systemat-
ically tracked and reported to ensure management accountabil-
ity and attention is maintained.
Insurance
The Risk Management Department actively manages a portfolio
of insurance and other risk mitigating arrangements to provide
additional protection from loss. They assess the type and level
of corporate and third-party insurance coverage that is required
to ensure it meets our tolerance for risk and statutory require-
ments. This includes conducting in-depth risk and financial
analysis and identifying opportunities to transfer our risk where
appropriate.
Technology and Information
Managing the operational risk exposures related to our use of
technology and information is of significant importance.
Technology and information is used in virtually all aspects of our
business and operations, including creating and supporting new
markets, competitive products and delivery channels.