JP Morgan Chase 2012 Annual Report Download - page 166

Download and view the complete annual report

Please find page 166 of the 2012 JP Morgan Chase annual report below. You can navigate through the pages in the report by either clicking on the pages listed below, or by using the keyword search tool below to find specific information within the annual report.

Page out of 332

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
  • 115
  • 116
  • 117
  • 118
  • 119
  • 120
  • 121
  • 122
  • 123
  • 124
  • 125
  • 126
  • 127
  • 128
  • 129
  • 130
  • 131
  • 132
  • 133
  • 134
  • 135
  • 136
  • 137
  • 138
  • 139
  • 140
  • 141
  • 142
  • 143
  • 144
  • 145
  • 146
  • 147
  • 148
  • 149
  • 150
  • 151
  • 152
  • 153
  • 154
  • 155
  • 156
  • 157
  • 158
  • 159
  • 160
  • 161
  • 162
  • 163
  • 164
  • 165
  • 166
  • 167
  • 168
  • 169
  • 170
  • 171
  • 172
  • 173
  • 174
  • 175
  • 176
  • 177
  • 178
  • 179
  • 180
  • 181
  • 182
  • 183
  • 184
  • 185
  • 186
  • 187
  • 188
  • 189
  • 190
  • 191
  • 192
  • 193
  • 194
  • 195
  • 196
  • 197
  • 198
  • 199
  • 200
  • 201
  • 202
  • 203
  • 204
  • 205
  • 206
  • 207
  • 208
  • 209
  • 210
  • 211
  • 212
  • 213
  • 214
  • 215
  • 216
  • 217
  • 218
  • 219
  • 220
  • 221
  • 222
  • 223
  • 224
  • 225
  • 226
  • 227
  • 228
  • 229
  • 230
  • 231
  • 232
  • 233
  • 234
  • 235
  • 236
  • 237
  • 238
  • 239
  • 240
  • 241
  • 242
  • 243
  • 244
  • 245
  • 246
  • 247
  • 248
  • 249
  • 250
  • 251
  • 252
  • 253
  • 254
  • 255
  • 256
  • 257
  • 258
  • 259
  • 260
  • 261
  • 262
  • 263
  • 264
  • 265
  • 266
  • 267
  • 268
  • 269
  • 270
  • 271
  • 272
  • 273
  • 274
  • 275
  • 276
  • 277
  • 278
  • 279
  • 280
  • 281
  • 282
  • 283
  • 284
  • 285
  • 286
  • 287
  • 288
  • 289
  • 290
  • 291
  • 292
  • 293
  • 294
  • 295
  • 296
  • 297
  • 298
  • 299
  • 300
  • 301
  • 302
  • 303
  • 304
  • 305
  • 306
  • 307
  • 308
  • 309
  • 310
  • 311
  • 312
  • 313
  • 314
  • 315
  • 316
  • 317
  • 318
  • 319
  • 320
  • 321
  • 322
  • 323
  • 324
  • 325
  • 326
  • 327
  • 328
  • 329
  • 330
  • 331
  • 332

Management’s discussion and analysis
176 JPMorgan Chase & Co./2012 Annual Report
capital model uses actual losses, a comprehensive inventory
of forward looking potential loss scenarios with adjustments
to reflect changes in the quality of the control environment
in determining Firmwide operational risk capital. This
methodology is designed to comply with the advanced
measurement rules under the Basel II Framework.
Operational risk management system
The Firms operational risk framework is supported by
Phoenix, an internally designed operational risk system,
which integrates the individual components of the
operational risk management framework into a unified,
web-based tool. Phoenix enhances the capture, reporting
and analysis of operational risk data by enabling risk
identification, measurement, monitoring, reporting and
analysis to be done in an integrated manner across the
Firm.
Audit alignment
Internal Audit utilizes a risk-based program of audit
coverage to provide an independent assessment of the
design and effectiveness of key controls over the Firms
operations, regulatory compliance and reporting. This
includes reviewing the operational risk framework, the
effectiveness of the business self-assessment process, and
the loss data-collection and reporting activities.
Insurance
One of the ways operational loss is mitigated is through
insurance maintained by the Firm. The Firm purchases
insurance to be in compliance with local laws and
regulations, as well as to serve other needs. Insurance may
also be required by third parties with whom the Firm does
business. The insurance purchased is reviewed and
approved by senior management.
Cybersecurity
The Firm devotes significant resources to maintain and
regularly update its systems and processes that are
designed to protect the security of the Firms computer
systems, software, networks and other technology assets
against attempts by third parties to obtain unauthorized
access to confidential information, destroy data, disrupt or
degrade service, sabotage systems or cause other damage.
The Firm and several other U.S. financial institutions
continue to experience significant distributed denial-of-
service attacks from technically sophisticated and well-
resourced third parties which are intended to disrupt
consumer online banking services. The Firm has also
experienced other attempts to breach the security of the
Firm’s systems and data. These cyberattacks have not, to
date, resulted in any material disruption of the Firms
operations, material harm to the Firms customers, and
have not had a material adverse effect on the Firms results
of operations.
Business resiliency
JPMorgan Chases global resiliency and crisis management
program is intended to ensure that the Firm has the ability
to recover its critical business functions and supporting
assets (i.e., staff, technology and facilities) in the event of a
business interruption, and to remain in compliance with
global laws and regulations as they relate to resiliency risk.
The program includes corporate governance, awareness and
training, as well as strategic and tactical initiatives to
ensure that risks are properly identified, assessed, and
managed.
The Firms Global Resiliency team has established
comprehensive and qualitative tracking and reporting of
resiliency plans in order to proactively anticipate and
manage various potential disruptive circumstances such as
severe weather, technology and communications outages,
flooding, mass transit shutdowns and terrorist threats,
among others. The resiliency measures utilized by the Firm
include backup infrastructure for data centers, a
geographically distributed workforce, dedicated recovery
facilities, ensuring technological capabilities to support
remote work capacity for displaced staff and
accommodation of employees at alternate locations.
JPMorgan Chase continues to coordinate its global
resiliency program across the Firm and mitigate business
continuity risks by reviewing and testing recovery
procedures. The strength and proficiency of the Firm’s
global resiliency program has played an integral role in
maintaining the Firms business operations during and
quickly after various events that have resulted in business
interruptions, such as Superstorm Sandy and Hurricane
Isaac in the U.S., monsoon rains in the Philippines, tsunamis
in Asia, and earthquakes in Latin America.