Huntington National Bank 2015 Annual Report Download - page 27

Download and view the complete annual report

Please find page 27 of the 2015 Huntington National Bank annual report below. You can navigate through the pages in the report by either clicking on the pages listed below, or by using the keyword search tool below to find specific information within the annual report.

Page out of 208

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
  • 115
  • 116
  • 117
  • 118
  • 119
  • 120
  • 121
  • 122
  • 123
  • 124
  • 125
  • 126
  • 127
  • 128
  • 129
  • 130
  • 131
  • 132
  • 133
  • 134
  • 135
  • 136
  • 137
  • 138
  • 139
  • 140
  • 141
  • 142
  • 143
  • 144
  • 145
  • 146
  • 147
  • 148
  • 149
  • 150
  • 151
  • 152
  • 153
  • 154
  • 155
  • 156
  • 157
  • 158
  • 159
  • 160
  • 161
  • 162
  • 163
  • 164
  • 165
  • 166
  • 167
  • 168
  • 169
  • 170
  • 171
  • 172
  • 173
  • 174
  • 175
  • 176
  • 177
  • 178
  • 179
  • 180
  • 181
  • 182
  • 183
  • 184
  • 185
  • 186
  • 187
  • 188
  • 189
  • 190
  • 191
  • 192
  • 193
  • 194
  • 195
  • 196
  • 197
  • 198
  • 199
  • 200
  • 201
  • 202
  • 203
  • 204
  • 205
  • 206
  • 207
  • 208

19
Item 1A: Risk Factors
Risk Governance
We use a multi-faceted approach to risk governance. It begins with the board of directors defining our risk appetite as aggregate
moderate-to-low. This does not preclude engagement in select higher risk activities. Rather, the definition is intended to represent an
aggregate view of where we want our overall risk to be managed.
Three board committees primarily oversee implementation of this desired risk appetite and monitoring of our risk profile:
The Audit Committee oversees the integrity of the consolidated financial statements, including policies, procedures, and
practices regarding the preparation of financial statements, the financial reporting process, disclosures, and internal
control over financial reporting. The Audit Committee also provides assistance to the board in overseeing the internal
audit division and the independent registered public accounting firm’s qualifications and independence; compliance with
our Financial Code of Ethics for the chief executive officer and senior financial officers; and compliance with corporate
securities trading policies.
The Risk Oversight Committee assists the board of directors in overseeing management of material risks, the approval
and monitoring of the Company’s capital position and plan supporting our overall aggregate moderate-to-low risk
profile, the risk governance structure, compliance with applicable laws and regulations, and determining adherence to
the board’s stated risk appetite. The committee has oversight responsibility with respect to the full range of inherent
risks: market, credit, liquidity, legal, compliance/regulatory, operational, strategic, and reputational. This committee also
oversees our capital management and planning process, ensures that the amount and quality of capital are adequate in
relation to expected and unexpected risks, and that our capital levels exceed “well-capitalized” requirements.
The Technology Committee assists the board of directors in fulfilling its oversight responsibilities with respect to all
technology, cyber security, and third-party risk management strategies and plans. The committee is charged with
evaluating Huntington’s capability to properly perform all technology functions necessary for its business plan,
including projected growth, technology capacity, planning, operational execution, product development, and
management capacity. The committee provides oversight of the technology segment investments and plans to drive
efficiency as well as to meet defined standards for risk, security, and redundancy. The Committee oversees the allocation
of technology costs and ensures that they are understood by the board of directors. The Technology Committee monitors
and evaluates innovation and technology trends that may affect the Company’s strategic plans, including monitoring of
overall industry trends. The Technology Committee reviews and provides oversight of the company’s continuity and
disaster recovery planning and preparedness.
The Audit and Risk Oversight Committees routinely hold executive sessions with our key officers engaged in accounting and
risk management. On a periodic basis, the two committees meet in joint session to cover matters relevant to both, such as the construct
and appropriateness of the ACL, which is reviewed quarterly. All directors have access to information provided to each committee and
all scheduled meetings are open to all directors.
Further, through its Compensation Committee, the board of directors seeks to ensure its system of rewards is risk-sensitive and
aligns the interests of management, creditors, and shareholders. We utilize a variety of compensation-related tools to induce
appropriate behavior, including common stock ownership thresholds for the chief executive officer and certain members of senior
management, a requirement to hold until retirement or exit from the Company, a portion of net shares received upon exercise of stock
options or release of restricted stock awards (50% for executive officers and 25% for other award recipients), equity deferrals,
recoupment provisions, and the right to terminate compensation plans at any time.
Management has implemented an Enterprise Risk Management and Risk Appetite Framework. Critically important is our self-
assessment process, in which each business segment produces an analysis of its risks and the strength of its risk controls. The segment
analyses are combined with assessments by our risk management organization of major risk sectors (e.g., credit, market, liquidity,
operational, legal, compliance, reputational, and strategic) to produce an overall enterprise risk assessment. Outcomes of the process
include a determination of the quality of the overall control process, the direction of risk, and our position compared to the defined risk
appetite.
Management also utilizes a wide series of metrics (key risk indicators) to monitor risk positions throughout the Company. In
general, a range for each metric is established, which allows the Company, in aggregate, to operate within an aggregate moderate-to-
low risk profile. Deviations from the range will indicate if the risk being measured exceeds desired tolerance, which may then
necessitate corrective action.
We also have four executive level committees to manage risk: ALCO, Credit Policy and Strategy, Risk Management, and Capital
Management. Each committee focuses on specific categories of risk and is supported by a series of subcommittees that are tactical in
nature. We believe this structure helps ensure appropriate escalation of issues and overall communication of strategies.