JP Morgan Chase 2003 Annual Report Download - page 75

Download and view the complete annual report

Please find page 75 of the 2003 JP Morgan Chase annual report below. You can navigate through the pages in the report by either clicking on the pages listed below, or by using the keyword search tool below to find specific information within the annual report.

Page out of 140

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
  • 115
  • 116
  • 117
  • 118
  • 119
  • 120
  • 121
  • 122
  • 123
  • 124
  • 125
  • 126
  • 127
  • 128
  • 129
  • 130
  • 131
  • 132
  • 133
  • 134
  • 135
  • 136
  • 137
  • 138
  • 139
  • 140

J.P. Morgan Chase & Co. / 2003 Annual Report 73
Integrated reporting: The Firm is presently designing an oper-
ational risk architecture model to integrate the above individual
components into a unified, w eb-based tool. When fully imple-
mented, this model w ill enable the Firm to enhance its reporting
and analysis of operational risk data, leading to improved risk
management and financial performance.
Audit alignment: In addition to conducting independent inter-
nal audits, the Firm’s internal audit group provided guidance on
the design and implementation of the operational risk frame-
w ork. This guidance has helped further the Firm-w ide imple-
mentation of the framew ork, w hich in turn has led to a stronger
overall control environment. The internal audit group utilizes the
business self-assessment results to help focus its internal audits
on operational control issues. The group also reviews the effec-
tiveness and accuracy of the business self-assessment process
during the conduct of its audits.
Operat ional Risk Categories
For purposes of analysis and aggregation, the Firm breaks oper-
ational risk events dow n into five primary categories:
Clients, products and business practices
Fraud, theft and unauthorized activity
Execution and processing errors
Employment practices and w orkplace safety
Physical asset and infrastructure damage
Compliance with Sarbanes-Oxley Section 404
The Firm intends to use, as much as possible, its existing corpo-
rate governance and operational risk management practices to
satisfy the requirements of Section 404 of the Sarbanes-Oxley
Act regarding internal control over financial reporting. The Firm
is currently in the process of evaluating the requirements of
Section 404 and of implementing additional procedures into its
existing practices. The Firm intends to be in full compliance w ith
the requirements of the Act w hen they become effective in
2004. For a further discussion on the Act, see page 79 of this
Annual Report.
Capital allocation for operational and
business risk
During 2003, the Firm implemented a new risk-based capital
allocation methodology w hich estimates operational and busi-
ness risk independently, on a bottoms-up basis, and allocates
capital to each component. Implementation of the new
methodology in 2003 resulted in an overall low er amount of
capital allocated to the lines of business with respect to opera-
tional and business risks.
The operational risk capital model is based on actual losses and
potential scenario-based stress losses, w ith adjustments to the
capital calculation to reflect changes in the quality of the control
environment and w ith a potential offset for the use of risk-
transfer products. The Firm believes the model is consistent w ith
the proposed Basel II Accord and expects to propose it eventually
for qualification under the Advanced M easurement Approach
for operational risk.
Business risk is defined as the risk associated with volatility in the
Firm’s earnings due to factors not captured by other parts of its
economic-capital framew ork. Such volatility can arise from inef-
fective design or execution of business strategies, volatile eco-
nomic or financial market activity, changing client expectations
and demands, and restructuring to adjust for changes in the com-
petitive environment. For business risk, capital is allocated to each
business based on historical revenue volatility and measures of
fixed and variable expenses. Earnings volatility arising from other
risk factors, such as credit, market, or operational risk, is excluded
from the measurement of business risk capital, as those factors
are captured under their respective risk capital models.
Reputation and Fiduciary risk
A firm’s success depends not only on its prudent management
of credit, market, operational and business risks, but equally on
the maintenance of its reputation among many constituents
clients, investors, regulators, as w ell as the general public – for
business practices of the highest quality.
Attention to its reputation has alw ays been a key aspect of the
Firm’s practices, and maintenance of reputation is the responsi-
bility of everyone at the Firm. JPM organ Chase bolsters this indi-
vidual responsibility in many w ays: the Worldw ide Rules of
Conduct, training, policies and oversight functions that approve
transactions. These oversight functions include a Conflicts Office,
w hich examines transactions w ith the potential to create con-
flicts of interest or role for the Firm.
In addition, the Firm maintains a Fiduciary Risk M anagement
Committee (“ FRM C” ) to oversee fiduciary-related risks that may
produce significant losses or reputational damage, and that are not
covered elsew here by the corporate risk management oversight
structure. The primary goal of the fiduciary risk management func-
tion is to ensure that a business, in providing investment or risk
management products or services, performs at the appropriate
standard relative to its relationship w ith a client, w hether it be
fiduciary or nonfiduciary in nature. A particular focus of the FRM C
is the policies and practices that address a business’s responsibilities
to a client, including the policies and practices that address client
suitability determination, disclosure obligations and performance
expectations w ith respect to the investment and risk management
products or services being provided. In this w ay, the FRM C provides
oversight of the Firms efforts to measure, monitor and control the
risks that may arise in the delivery of such products or services to
clients, as w ell as those stemming from its fiduciary responsibilities
undertaken on behalf of employees.
The Firm has an additional structure to account for potential
adverse effects on its reputation from transactions w ith clients,
especially complex derivatives and structured finance transactions.
This structure, implemented in 2002, reinforces the Firm’s proce-
dures for examining transactions in terms of appropriateness,
ethical issues and reputational risk, and it intensifies the Firm’s