Sallie Mae 2013 Annual Report Download - page 122

Download and view the complete annual report

Please find page 122 of the 2013 Sallie Mae annual report below. You can navigate through the pages in the report by either clicking on the pages listed below, or by using the keyword search tool below to find specific information within the annual report.

Page out of 232

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
  • 115
  • 116
  • 117
  • 118
  • 119
  • 120
  • 121
  • 122
  • 123
  • 124
  • 125
  • 126
  • 127
  • 128
  • 129
  • 130
  • 131
  • 132
  • 133
  • 134
  • 135
  • 136
  • 137
  • 138
  • 139
  • 140
  • 141
  • 142
  • 143
  • 144
  • 145
  • 146
  • 147
  • 148
  • 149
  • 150
  • 151
  • 152
  • 153
  • 154
  • 155
  • 156
  • 157
  • 158
  • 159
  • 160
  • 161
  • 162
  • 163
  • 164
  • 165
  • 166
  • 167
  • 168
  • 169
  • 170
  • 171
  • 172
  • 173
  • 174
  • 175
  • 176
  • 177
  • 178
  • 179
  • 180
  • 181
  • 182
  • 183
  • 184
  • 185
  • 186
  • 187
  • 188
  • 189
  • 190
  • 191
  • 192
  • 193
  • 194
  • 195
  • 196
  • 197
  • 198
  • 199
  • 200
  • 201
  • 202
  • 203
  • 204
  • 205
  • 206
  • 207
  • 208
  • 209
  • 210
  • 211
  • 212
  • 213
  • 214
  • 215
  • 216
  • 217
  • 218
  • 219
  • 220
  • 221
  • 222
  • 223
  • 224
  • 225
  • 226
  • 227
  • 228
  • 229
  • 230
  • 231
  • 232

Our funding and liquidity risk management activities are centralized within our Corporate Finance
department, which is responsible for planning and executing our funding activities and strategies. We analyze
and monitor our liquidity risk, maintain excess liquidity and access diverse funding sources depending on current
market conditions. Funding and liquidity risks are overseen and recommendations approved primarily through
our internal Asset and Liability Committee. The Finance and Operations Committee of our Board of Directors is
responsible for periodically reviewing and approving the funding and liquidity positions and contingency funding
plan developed and administered by our internal Asset and Liability Committee. The Finance and Operations
Committee of our Board of Directors also receives regular reports on our performance against funding and
liquidity plans at each of its meetings.
Operational Risk. Operational risk is the risk to earnings resulting from inadequate or failed internal
processes, people and systems or from external events. Operational risk is pervasive in that it exists in all
business lines, functional units, legal entities and geographic locations, and it includes information technology
risk, physical security risk on tangible assets, as well as legal/compliance risk and reputational risk.
Our Board of Directors receives operations reports (which include operating metrics and performance
against annual plan) from our Chief Executive Officer at each regularly scheduled meeting. Additionally, the
Finance & Operations Committee of our Board of Directors receives business development updates regarding our
various business initiatives that provide information and metrics about each key component of business
operations. The Audit Committee of our Board of Directors receives periodic information security updates and
reviews operational and systems-related matters to insure their implementation produces no significant internal
control issues.
Operational risk exposures are managed through a combination of business line management and enterprise-
wide oversight. Our Chief Executive Officer is responsible for all of our business operations (credit, servicing,
collections and technology). Management committees, comprised of senior managers and subject matter experts,
focus on particular aspects of operational risk. Enterprise-wide oversight is conducted by a number of our
internal risk management committees. Most importantly, the Customer Products and Services Assessment
Committee oversees the process, in connection with new, expanded or modified products or services it
recommends for approval, for determining that significant risks are properly identified; confirming that adequate
controls are in place to monitor risks to established, prudent limits; and monitors risk management activities,
exposures, and issues.
Compliance, Legal and Governance Risk. Compliance risk is the current and prospective risk to earnings or
capital arising from violations of, or non-conformance with, laws, rules, regulations, prescribed practices,
internal policies and procedures, or ethical standards. Legal risk is the risk to earnings, capital or reputation that
is manifested by claims made through the legal system and may arise from a product, a transaction, a business
relationship, property (real, personal or intellectual), conduct of an employee or a change in law or regulation.
Governance risk is the risk of not establishing and maintaining a control environment that aligns with stakeholder
and regulatory expectations, including tone at the top and board performance. These risks are inherent in all of
our businesses. Compliance, legal and governance risk are sub-sets of operational risk but are recognized as a
separate and complementary risk category given their importance in our business. We can be exposed to these
risks in key areas such as our private education lending, collections or loan servicing businesses if compliance
with legal and regulatory requirements is not properly implemented, documented or tested, as well as when an
oversight program does not include appropriate audit and control features.
The Audit Committee of our Board of Directors has oversight over the establishment of standards related to
our monitoring and control of legal and compliance risks and the qualification of employees overseeing these risk
management functions. The Audit Committee of our Board of Directors annually approves our Corporate
Compliance Plan, has responsibility for considering significant breaches of our Code of Business Conduct and
receives regular reports from executive management team members responsible for the regulatory and
compliance risk management functions.
120