Fannie Mae 2004 Annual Report Download - page 138

Download and view the complete annual report

Please find page 138 of the 2004 Fannie Mae annual report below. You can navigate through the pages in the report by either clicking on the pages listed below, or by using the keyword search tool below to find specific information within the annual report.

Page out of 358

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
  • 115
  • 116
  • 117
  • 118
  • 119
  • 120
  • 121
  • 122
  • 123
  • 124
  • 125
  • 126
  • 127
  • 128
  • 129
  • 130
  • 131
  • 132
  • 133
  • 134
  • 135
  • 136
  • 137
  • 138
  • 139
  • 140
  • 141
  • 142
  • 143
  • 144
  • 145
  • 146
  • 147
  • 148
  • 149
  • 150
  • 151
  • 152
  • 153
  • 154
  • 155
  • 156
  • 157
  • 158
  • 159
  • 160
  • 161
  • 162
  • 163
  • 164
  • 165
  • 166
  • 167
  • 168
  • 169
  • 170
  • 171
  • 172
  • 173
  • 174
  • 175
  • 176
  • 177
  • 178
  • 179
  • 180
  • 181
  • 182
  • 183
  • 184
  • 185
  • 186
  • 187
  • 188
  • 189
  • 190
  • 191
  • 192
  • 193
  • 194
  • 195
  • 196
  • 197
  • 198
  • 199
  • 200
  • 201
  • 202
  • 203
  • 204
  • 205
  • 206
  • 207
  • 208
  • 209
  • 210
  • 211
  • 212
  • 213
  • 214
  • 215
  • 216
  • 217
  • 218
  • 219
  • 220
  • 221
  • 222
  • 223
  • 224
  • 225
  • 226
  • 227
  • 228
  • 229
  • 230
  • 231
  • 232
  • 233
  • 234
  • 235
  • 236
  • 237
  • 238
  • 239
  • 240
  • 241
  • 242
  • 243
  • 244
  • 245
  • 246
  • 247
  • 248
  • 249
  • 250
  • 251
  • 252
  • 253
  • 254
  • 255
  • 256
  • 257
  • 258
  • 259
  • 260
  • 261
  • 262
  • 263
  • 264
  • 265
  • 266
  • 267
  • 268
  • 269
  • 270
  • 271
  • 272
  • 273
  • 274
  • 275
  • 276
  • 277
  • 278
  • 279
  • 280
  • 281
  • 282
  • 283
  • 284
  • 285
  • 286
  • 287
  • 288
  • 289
  • 290
  • 291
  • 292
  • 293
  • 294
  • 295
  • 296
  • 297
  • 298
  • 299
  • 300
  • 301
  • 302
  • 303
  • 304
  • 305
  • 306
  • 307
  • 308
  • 309
  • 310
  • 311
  • 312
  • 313
  • 314
  • 315
  • 316
  • 317
  • 318
  • 319
  • 320
  • 321
  • 322
  • 323
  • 324
  • 325
  • 326
  • 327
  • 328
  • 329
  • 330
  • 331
  • 332
  • 333
  • 334
  • 335
  • 336
  • 337
  • 338
  • 339
  • 340
  • 341
  • 342
  • 343
  • 344
  • 345
  • 346
  • 347
  • 348
  • 349
  • 350
  • 351
  • 352
  • 353
  • 354
  • 355
  • 356
  • 357
  • 358

framework include establishing corporate-wide policies for risk management, delegating to business units
primary responsibility for the management of the day-to-day risks inherent in the activities of the business
unit, and monitoring aggregate risks and compliance with risk policies at a corporate level.
Our corporate risk framework is supported by a governance structure encompassing the Board of Directors, an
independent corporate risk oversight organization, business units, management-level risk committees and
Internal Audit. As we continue in our efforts to build out our risk oversight organization, our goal is to
establish clear lines of authority, clarify roles and responsibilities, and enact policies and procedures designed
to ensure that we have an independent risk oversight function and a well-disciplined risk management process
with appropriate checks and balances throughout our company.
Risk Policy and Capital Committee of the Board of Directors
The Board of Directors is responsible for approving our risk governance framework and providing capital and
risk management oversight. The Board exercises its oversight of credit risk, market risk, operational risk and
liquidity risk primarily through the Board’s Risk Policy and Capital Committee. The responsibilities of the
Risk Policy and Capital Committee include:
evaluating and, where appropriate, recommending for Board approval enterprise-wide risk management
policies, metrics and limits consistent with our mission and our safety and soundness;
reviewing policies and procedures designed to: (i) define, measure, identify and report on credit, market,
liquidity and operational risk; and (ii) establish and communicate risk management controls throughout
the company;
overseeing compliance with all enterprise-wide risk management policies;
overseeing the Chief Risk Office; and
reviewing the sufficiency of personnel, systems and other risk management capabilities.
Chief Risk Office
The Chief Risk Office is an independent risk oversight organization with responsibility for oversight of credit
risk, market risk and operational risk. The Chief Risk Office is headed by a Chief Risk Officer who reports
directly to the Chief Executive Officer and independently to the Risk Policy and Capital Committee of the
Board of Directors. The Chief Risk Office and the position of Chief Risk Officer were established in 2005.
The Chief Risk Office is responsible for formulating corporate risk policies and monitoring the company’s
aggregate risk profile. The Chief Risk Office works closely with our business units to ensure they have in
place the structure and information systems necessary to adequately measure, report, monitor and control their
key business risks, consistent with corporate standards. The Chief Risk Office also is responsible for validation
of risk models and for developing and implementing an economic risk capital framework.
The Chief Risk Officer is responsible for establishing our overall risk governance structure and providing
independent evaluation and oversight of our risk management activities. In addition to directing the Chief Risk
Office, the Chief Risk Officer oversees our management-level corporate risk committees. The Chief Risk
Officer reports on a regular basis to our Board of Directors regarding our corporate risk profile, including our
aggregate risk exposure, the level of risk by type of risk, performance relative to risk tolerance limits and any
significant risk management issues.
Risk Management Committees
In 2006, we further enhanced our risk governance framework by creating two management-level committees:
(i) the Corporate Risk Management Committee, which focuses on credit and market risk and is a successor to
our Portfolio and Capital Committee; and (ii) the Operational Risk Committee, which focuses on operational
risk. Each committee is responsible for, among other things:
monitoring aggregated risk exposure;
discussing emerging risk issues;
reviewing proposed risk limits;
approving the risk aspects of significant new business initiatives; and
133