ING Direct 2011 Annual Report Download - page 278

Download and view the complete annual report

Please find page 278 of the 2011 ING Direct annual report below. You can navigate through the pages in the report by either clicking on the pages listed below, or by using the keyword search tool below to find specific information within the annual report.

Page out of 332

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
  • 115
  • 116
  • 117
  • 118
  • 119
  • 120
  • 121
  • 122
  • 123
  • 124
  • 125
  • 126
  • 127
  • 128
  • 129
  • 130
  • 131
  • 132
  • 133
  • 134
  • 135
  • 136
  • 137
  • 138
  • 139
  • 140
  • 141
  • 142
  • 143
  • 144
  • 145
  • 146
  • 147
  • 148
  • 149
  • 150
  • 151
  • 152
  • 153
  • 154
  • 155
  • 156
  • 157
  • 158
  • 159
  • 160
  • 161
  • 162
  • 163
  • 164
  • 165
  • 166
  • 167
  • 168
  • 169
  • 170
  • 171
  • 172
  • 173
  • 174
  • 175
  • 176
  • 177
  • 178
  • 179
  • 180
  • 181
  • 182
  • 183
  • 184
  • 185
  • 186
  • 187
  • 188
  • 189
  • 190
  • 191
  • 192
  • 193
  • 194
  • 195
  • 196
  • 197
  • 198
  • 199
  • 200
  • 201
  • 202
  • 203
  • 204
  • 205
  • 206
  • 207
  • 208
  • 209
  • 210
  • 211
  • 212
  • 213
  • 214
  • 215
  • 216
  • 217
  • 218
  • 219
  • 220
  • 221
  • 222
  • 223
  • 224
  • 225
  • 226
  • 227
  • 228
  • 229
  • 230
  • 231
  • 232
  • 233
  • 234
  • 235
  • 236
  • 237
  • 238
  • 239
  • 240
  • 241
  • 242
  • 243
  • 244
  • 245
  • 246
  • 247
  • 248
  • 249
  • 250
  • 251
  • 252
  • 253
  • 254
  • 255
  • 256
  • 257
  • 258
  • 259
  • 260
  • 261
  • 262
  • 263
  • 264
  • 265
  • 266
  • 267
  • 268
  • 269
  • 270
  • 271
  • 272
  • 273
  • 274
  • 275
  • 276
  • 277
  • 278
  • 279
  • 280
  • 281
  • 282
  • 283
  • 284
  • 285
  • 286
  • 287
  • 288
  • 289
  • 290
  • 291
  • 292
  • 293
  • 294
  • 295
  • 296
  • 297
  • 298
  • 299
  • 300
  • 301
  • 302
  • 303
  • 304
  • 305
  • 306
  • 307
  • 308
  • 309
  • 310
  • 311
  • 312
  • 313
  • 314
  • 315
  • 316
  • 317
  • 318
  • 319
  • 320
  • 321
  • 322
  • 323
  • 324
  • 325
  • 326
  • 327
  • 328
  • 329
  • 330
  • 331
  • 332

Risk management continued
ING Insurance US
liquidity problems in distressed markets. Liquidity risk is measured through several metrics including ratios and cash flow scenario analysis,
in a base case and under several stressed scenarios.
OPERATIONAL RISK
Operational risk is defined as the risk of direct or indirect loss resulting from inadequate or failed internal processes, people and systems or
from external events. It includes the risk of reputation loss, as well as legal risk whereas strategic risks are not included. Operational risk
also includes IT risk.
For Operational Risk, ING Insurance US follows the ING Group framework governing the process of identifying, assessing, mitigating,
monitoring and reporting operational risks. The ING framework is based on the elements of the Enterprise Risk Management model of
COSO (Committee of Sponsoring Organisations of the Treadway Commission).
The Operational risk function works with the ING Operational Risk Management (ORM) Scorecard process to evaluate yearly the
embedding level of the Operational Risk Management Framework in each business. Policies and minimum standards governing the
framework are kept in the policy house. During 2011 Operational Risk started with the implementation of an ING Insurance US policy
house in preparing for a stand-alone public organisation.
Risk appetite is defined as the risk level management is prepared to tolerate. The operational risk appetite levels are set by ING Group
inthe form of a risk footprint. Via Operational Risk Committees (ORCs) it is ensured that responsible line managers mitigate the risks that
arenot within the risk appetite. Incidents and operational risks are tracked and on a quarterly basis reported to management in the
Non-Financial Risk Dashboard.
Integrated risk assessments are performed on an ongoing basis across the organisation. Mitigating actions are taken for those risks that
are identified as risks beyond the risk appetite level. Status of the mitigating actions is formally tracked.
To ensure an independent Operational risk function and the possibility for the Operational risk officers to be impartial and objective when
advising business management on Operational Risk, a dual reporting line, directly to ING Insurance US Chief Risk Officer and functionally
to the next higher level ING Group Operational Risk Officer, is in place. The head of Operational risk ultimately reports directly to the ING
Insurance US Chief Risk Officer.
ING INSURANCE US COMPLIANCE RISK
The ING Insurance US Compliance program and function are aligned with ING Group’s Compliance Risk Management Charter and
Framework and the related processes described elsewhere in this Report.
The Scope of the Compliance function
The ING Insurance US Compliance function focuses on managing the risks arising from laws, regulations and standards which are specific
to the financial services industry. The Compliance function actively educates and supports the business in managing compliance risks
including anti-money laundering, preventing terrorist financing, conflicts of interest, sales practices for insurance and investment products,
trading conduct and protection of customer interests.
The Compliance function
In ING Insurance US, the Compliance function is an independent control and risk management department. The ING Insurance US Chief
Compliance Officer reports directly to the ING Insurance US Chief Legal Officer, who is a member of the ING Insurance US Executive
Committee. The ING Insurance US Chief Compliance Officer also has a functional reporting line to the ING Group Chief Compliance Officer.
Compliance Risk Management Framework
ING Insurance US adheres to the ING Group Compliance Framework, which consists of three key components: the Compliance Risk
Management process, an Advisory component and the Scorecard. ING Insurance US Compliance executes a regular process of identifying,
assessing, mitigating, monitoring and reporting compliance risks. The Compliance function works with Operational Risk Management’s
annual evaluation process, assessing the implementation of compliance program elements within each business line andacross the
enterprise.
ING Insurance US also maintains a Whistleblower process, which encourages staff to speak up, without fear of reprisal, if they know ofor
suspect a breach of laws, regulations or internal policies. ING Insurance US also maintains a domestic “hotline” operated by a third-party
vendor that is available to all employees to report suspected misconduct, and reporting employees may elect to remain anonymous in
doing so.
276 ING Group Annual Report 2011