Bank of Montreal 2015 Annual Report Download - page 79

Download and view the complete annual report

Please find page 79 of the 2015 Bank of Montreal annual report below. You can navigate through the pages in the report by either clicking on the pages listed below, or by using the keyword search tool below to find specific information within the annual report.

Page out of 193

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
  • 115
  • 116
  • 117
  • 118
  • 119
  • 120
  • 121
  • 122
  • 123
  • 124
  • 125
  • 126
  • 127
  • 128
  • 129
  • 130
  • 131
  • 132
  • 133
  • 134
  • 135
  • 136
  • 137
  • 138
  • 139
  • 140
  • 141
  • 142
  • 143
  • 144
  • 145
  • 146
  • 147
  • 148
  • 149
  • 150
  • 151
  • 152
  • 153
  • 154
  • 155
  • 156
  • 157
  • 158
  • 159
  • 160
  • 161
  • 162
  • 163
  • 164
  • 165
  • 166
  • 167
  • 168
  • 169
  • 170
  • 171
  • 172
  • 173
  • 174
  • 175
  • 176
  • 177
  • 178
  • 179
  • 180
  • 181
  • 182
  • 183
  • 184
  • 185
  • 186
  • 187
  • 188
  • 189
  • 190
  • 191
  • 192
  • 193

MD&A
MANAGEMENT’S DISCUSSION AND ANALYSIS
Risk Types
The framework provides for management of each individual risk type: credit and counterparty, market, liquidity and funding, operational, model,
insurance, legal and regulatory, business, strategic, reputation, and environmental and social. We have identified risk types with a potentially material
impact on our business and we consider those based upon their materiality and our ability to manage and mitigate those risks.
Credit and
Counterparty
Market Operational Business Strategic ReputationLiquidity
and Funding
Insurance Legal and
Regulatory
Environmental
and Social
Model
Risk Principles
Within the framework, risk-taking and risk management activities across the enterprise are guided by our Risk Principles:
management of risk is a responsibility at all levels of the organization;
material risks to which the enterprise is exposed are identified, measured, managed, monitored and reported;
risk identification and measurement will include both qualitative and quantitative elements, including views of risk relative to the external
operating environment and stress testing and scenario analysis;
decision-making is based on a clear understanding of risk, accompanied by robust metrics and analysis; and
an Economic Capital methodology is employed to measure and aggregate risk across all risk types and business activities in order to facilitate the
incorporation of risk into business returns.
Three Lines of Defence
Our framework is anchored in the three-lines-of-defence approach to managing risk, which is fundamental to our operating model, as described below:
Three Lines of Defence Responsibilities
First Line:
Operating groups, which own
the risks in their operations
Own, measure and manage all risks in their lines of business.
Identify, monitor, quantify and report risks arising from their operating activities and initiatives.
Establish appropriate internal control structures in accordance with our risk management framework.
Pursue suitable business opportunities within their established risk appetite.
Act within their delegated risk-taking authority as set out in established corporate policies.
Second Line:
Enterprise Risk and Portfolio
Management (ERPM) group
Corporate Support Areas (CSAs)
Provide independent oversight, effective challenge and independent assessment of risks and risk
management practices.
Set enterprise risk management policies and establish infrastructure, processes and practices that
identify, assess, manage and monitor all significant risks across the enterprise.
Independently assess, quantify, monitor, manage, mitigate and report all significant risks.
Third Line:
Corporate Audit Division
Provide an independent assessment of the effectiveness of internal control within the enterprise,
including risk management and governance processes that support the enterprise, its objectives
and the Board of Directors’ discharge of its responsibilities.
Risk Culture
At BMO, we believe that risk management is the responsibility of every employee within the organization. This key tenet shapes and influences our
risk culture and is evident in the actions and behaviours of our employees and leaders as they identify, interpret and discuss risks, and make choices
and decisions that balance risks and opportunities and seek to optimize risk-adjusted returns. Our risk culture is deeply rooted within our policies,
business processes, risk management frameworks, risk appetite, limits and tolerances, capital management and compensation practices, and is
evident in every aspect of how we operate across the enterprise.
Our risk culture is grounded in a “Being BMO” risk management approach that encourages openness, constructive challenge and personal
accountability. Timely and transparent information sharing is key to how we engage stakeholders in key decisions and strategy discussions, thereby
bringing rigour and discipline to decision-making. This not only leads to the timely identification, escalation and resolution of issues, but also
encourages open communication, independent challenge and a clear understanding of the key risks faced by our organization, so that our employees
are equipped and empowered to make decisions and take action in a coordinated and consistent manner, supported by a strong monitoring and
control framework. Our governance and leadership forums, committee structures and learning curriculums also reinforce and foster our risk culture.
Certain elements of our risk culture that are embedded throughout the enterprise include:
Risk appetite – promotes a clear understanding of the most prevalent risks that our businesses face and facilitates alignment of business strategies
within our risk appetite, leading to sound business decision-making and execution, supported by a strong monitoring framework.
Communication and escalation channels encourages information sharing and engagement between ERPM and the operating groups, leading to
greater transparency and open and effective communication. We also foster and encourage a culture in which concerns about potential or emerging
risks are escalated to senior management so that they can be evaluated and appropriately addressed.
Compensation philosophy – pay is aligned with prudent risk-taking to ensure that compensation rewards the appropriate use of capital and does
not encourage excessive risk-taking.
Training and education – our programs are designed to foster a deep understanding of BMO’s capital and risk management frameworks across the
enterprise, providing employees and management with the tools and awareness they need to fulfill their responsibilities for independent oversight
regardless of their position in the organization. Our education strategy has been developed in partnership with BMO’s Institute for Learning, our risk
management professionals, external risk experts and teaching professionals.
Rotation programs – two-way rotation allows employees to transfer between ERPM and the operating groups, thereby effectively embedding our
strong risk culture across the enterprise.
90 BMO Financial Group 198th Annual Report 2015