AIG 2014 Annual Report Download - page 178

Download and view the complete annual report

Please find page 178 of the 2014 AIG annual report below. You can navigate through the pages in the report by either clicking on the pages listed below, or by using the keyword search tool below to find specific information within the annual report.

Page out of 378

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
  • 115
  • 116
  • 117
  • 118
  • 119
  • 120
  • 121
  • 122
  • 123
  • 124
  • 125
  • 126
  • 127
  • 128
  • 129
  • 130
  • 131
  • 132
  • 133
  • 134
  • 135
  • 136
  • 137
  • 138
  • 139
  • 140
  • 141
  • 142
  • 143
  • 144
  • 145
  • 146
  • 147
  • 148
  • 149
  • 150
  • 151
  • 152
  • 153
  • 154
  • 155
  • 156
  • 157
  • 158
  • 159
  • 160
  • 161
  • 162
  • 163
  • 164
  • 165
  • 166
  • 167
  • 168
  • 169
  • 170
  • 171
  • 172
  • 173
  • 174
  • 175
  • 176
  • 177
  • 178
  • 179
  • 180
  • 181
  • 182
  • 183
  • 184
  • 185
  • 186
  • 187
  • 188
  • 189
  • 190
  • 191
  • 192
  • 193
  • 194
  • 195
  • 196
  • 197
  • 198
  • 199
  • 200
  • 201
  • 202
  • 203
  • 204
  • 205
  • 206
  • 207
  • 208
  • 209
  • 210
  • 211
  • 212
  • 213
  • 214
  • 215
  • 216
  • 217
  • 218
  • 219
  • 220
  • 221
  • 222
  • 223
  • 224
  • 225
  • 226
  • 227
  • 228
  • 229
  • 230
  • 231
  • 232
  • 233
  • 234
  • 235
  • 236
  • 237
  • 238
  • 239
  • 240
  • 241
  • 242
  • 243
  • 244
  • 245
  • 246
  • 247
  • 248
  • 249
  • 250
  • 251
  • 252
  • 253
  • 254
  • 255
  • 256
  • 257
  • 258
  • 259
  • 260
  • 261
  • 262
  • 263
  • 264
  • 265
  • 266
  • 267
  • 268
  • 269
  • 270
  • 271
  • 272
  • 273
  • 274
  • 275
  • 276
  • 277
  • 278
  • 279
  • 280
  • 281
  • 282
  • 283
  • 284
  • 285
  • 286
  • 287
  • 288
  • 289
  • 290
  • 291
  • 292
  • 293
  • 294
  • 295
  • 296
  • 297
  • 298
  • 299
  • 300
  • 301
  • 302
  • 303
  • 304
  • 305
  • 306
  • 307
  • 308
  • 309
  • 310
  • 311
  • 312
  • 313
  • 314
  • 315
  • 316
  • 317
  • 318
  • 319
  • 320
  • 321
  • 322
  • 323
  • 324
  • 325
  • 326
  • 327
  • 328
  • 329
  • 330
  • 331
  • 332
  • 333
  • 334
  • 335
  • 336
  • 337
  • 338
  • 339
  • 340
  • 341
  • 342
  • 343
  • 344
  • 345
  • 346
  • 347
  • 348
  • 349
  • 350
  • 351
  • 352
  • 353
  • 354
  • 355
  • 356
  • 357
  • 358
  • 359
  • 360
  • 361
  • 362
  • 363
  • 364
  • 365
  • 366
  • 367
  • 368
  • 369
  • 370
  • 371
  • 372
  • 373
  • 374
  • 375
  • 376
  • 377
  • 378

ITEM 7 / ENTERPRISE RISK MANAGEMENT
161
or a committee thereof and a set of supporting tools, including risk tolerances, risk limits and policies, which we use to manage
our risk profile and financial resources.
We articulate our aggregate risk-taking by setting risk tolerances on capital and liquidity measures. These measures are set at
the AIG Parent as well as the legal entity level and cover consolidated and insurance company capital and liquidity ratios. We
must comply with standards for capital adequacy and maintain sufficient liquidity to meet all our obligations as they come due
in accordance with our internal capital management and liquidity policies. The risk appetite for our insurance operations inform
the requirements for capital adequacy for individual legal entities. Our risk tolerances take into consideration regulatory
requirements, rating agency expectations, and business needs. The GRC routinely reviews the level of risk taken by the
consolidated organization in relation to the established risk tolerances. A consolidated risk report is also presented periodically,
as required, to the RCC by our CRO.
Risk Limits
A key component of our Risk Appetite Framework is having a process in place that establishes and maintains appropriate
limits on the material risks identified for our core businesses and allows monitoring and meeting of both internal and external
stakeholder’s expectations. Our objectives include:
Monitoring of risks, providing early warning indicators, and ensuring timely oversight and enforceability;
Defining a consistent and transparent approach to limits governance from the group-level to regional entities; and
Alignment with Risk Appetite Statement, where applicable.
To support the monitoring and management of AIG’s and its business units’ material risks, ERM has established a limits
framework that employs a three-tiered hierarchy:
Level I Limits are AIG consolidated level limits. They define our aggregate maximum exposures for core risks within the
boundaries set by the Risk Appetite Statement, and constrain our concentration in specific risk types. These limits are set to
manage key risks identified by ERM and to meet requirements by regulators and rating agencies at a consolidated level.
Level 1 Limits are reported to the FRG, GRC and RCC.
Level II Limits are business unit level limits. They define our appetite for specific, material risk taking activities within
business units and corporate functions. These key risks are identified by ERM for the business unit and/or corporate
function, and risk limits are developed to meet the specific requirements of regulators and rating agencies. Level II Limits
are reported to the BU RCC and FRG.
Level III Limits monitor risk utilization on the regional or local level and are developed to address any specific requirements
by regulators and rating agencies for that region not captured by the Level I and Level II limits. Level 3 Limits are reported
at the local entity BU RCC.
All limits are reviewed by the FRG, GRC or business unit level risk committees on a periodic basis and revisions, if applicable,
are approved by those committees.
The business units are responsible for complying with all risk limits. The ERM teams and chief risk officers within each
business unit monitor such compliance and provide regular, timely reporting to our senior management and risk committees.
Limit breaches are required to be reported in a timely manner and are documented and escalated in accordance with their
level of severity or materiality. Responsibility for addressing and/or remediating any breach rests with individuals within the
specific unit that experienced the breach.
Risk Identification and Measurement
One tool we use to inform our Risk Appetite Framework is risk identification. We conduct risk identification through a number
of processes at the business unit and corporate level focused on capturing our material risks and key areas of focus for follow-
up risk management actions. A key initiative is our annual integrated bottom-up risk identification and assessment process