TD Bank 2009 Annual Report Download - page 72

Download and view the complete annual report

Please find page 72 of the 2009 TD Bank annual report below. You can navigate through the pages in the report by either clicking on the pages listed below, or by using the keyword search tool below to find specific information within the annual report.

Page out of 158

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
  • 115
  • 116
  • 117
  • 118
  • 119
  • 120
  • 121
  • 122
  • 123
  • 124
  • 125
  • 126
  • 127
  • 128
  • 129
  • 130
  • 131
  • 132
  • 133
  • 134
  • 135
  • 136
  • 137
  • 138
  • 139
  • 140
  • 141
  • 142
  • 143
  • 144
  • 145
  • 146
  • 147
  • 148
  • 149
  • 150
  • 151
  • 152
  • 153
  • 154
  • 155
  • 156
  • 157
  • 158

TD BANK FINANCIAL GROUP ANNUAL REPORT 2009 MANAGEMENT’S DISCUSSION AND ANALYSIS68
RISK GOVERNANCE STRUCTURE
The key elements of our risk governance structure are:
The Board and its Risk Committee oversee the implementation of an
effective risk management culture throughout the organization and
regularly review and approve Bank-wide risk management policies.
The President and CEO, the Chief Risk Officer (CRO), and other
members of SET are accountable for identifying significant risks and
informing the Risk Committee of the Board and are also responsible
for monitoring, evaluating, and managing risk across the Bank in
accordance with their mandates.
The Bank’s Executive Committees are designated by the CEO in
consultation with the CRO, and support the CEO in the overall
management of risk. These Committees provide oversight on gover-
nance, risk, and control at the most senior level, and review and
endorse risk management policies, strategies, and controls. All the
Committees meet regularly and hold special meetings if required.
In determining the number and focus of Executive Committees,
consideration is given to a number of factors, including the Enterprise
Risk Framework. While the Enterprise Risk Management Committee
(ERMC) provides executive oversight of the risk categories identified
in the Framework, specific Executive Committees are established
when the nature of the risk and business activity requires more
focused oversight.
Risk Management is headed by the CRO who is responsible for
setting enterprise-level policies and practices that reflect the Bank’s
risk appetite. There are clear procedures for when and how risk
events and issues are brought to the attention of executive manage-
ment and the Risk Committee of the Board. Risk Management
also monitors and reports on individual business and enterprise-level
risks that could have a significant impact on the Bank.
Each major business segment within the Bank has its own risk
management function that reports directly to Risk Management
and indirectly to senior business management. This structure
supports an appropriate level of central oversight while emphasizing
ownership and accountability for risk within the business segment.
Business management is responsible for setting and aligning busi-
ness-level risk appetite with enterprise-level risk appetite and
managing risk within approved risk limits as set out in Bank policies.
Any deviation from the limits and escalation protocols provided in
such policies must be approved by the Board or the Risk Committee.
Internal Audit provides independent assurance of the effectiveness
of risk management policies, procedures and internal controls, and
reports on them to management and the Board.
Compliance is responsible for risk-based identification and independ-
ent
review of applicable regulatory risk across the Bank.
HOW WE MANAGE RISK
Risk Management is an independent and enterprise-wide function that
is responsible for the Enterprise Risk Framework and the decision and
implementation of the Bank’s Enterprise Risk Appetite Framework. The
latter sets out the risk appetite of the Bank and the governance process
for its approval and sustainability. Risk Management is governed by the
following principles:
Enterprise-wide in Scope – Risk Management will span all areas of
the Bank, including third-party alliances and joint venture undertak-
ings, all boundaries, both geographic and regulatory.
Transparent and Effective Communication – Matters relating to risk
will be communicated and escalated in a timely, accurate, and
forthright manner.
Enhanced Accountability – Risks are explicitly owned, understood,
and actively managed by business management and all employees,
individually and collectively.
Independent Oversight – Risk policies, procedures, and reporting
will be established independently and objectively.
Integrated Risk and Control Culture – Risk management disciplines
will be integrated into the daily routines, decision-making, and
strategy of the Bank.
Strategic Balance – Risk will be managed to an acceptable level of
exposure, recognizing the need to protect shareholder value.
The Bank’s risk management approach is comprehensive and proactive.
It combines the experience and specialized knowledge of individual
business units, risk professionals, and the corporate oversight functions.
In managing risk, we:
Define our enterprise risk appetite within a comprehensive frame-
work. Adherence to the enterprise risk appetite is managed
and monitored across the Bank by Risk Management, supported
by management oversight committees, and based on a broad
collection of policies and practices, including those relating to
major risk categories.
Develop and maintain appropriate enterprise-wide risk management
policies and practices including guidelines, requirements, and limits
to ensure risks are managed to acceptable levels.
Define the interaction between risk and capital assessment so that
relevant risks can be appropriately captured in the Bank’s assessment
and management of capital adequacy.
Review, challenge, and endorse the internal capital adequacy
assessment process (ICAAP) and related economic capital practices
through a number of senior management committees.
Communicate quantitative and qualitative elements of our risk profile
to senior management and the Board of Directors through an
integrated enterprise-wide risk monitoring and reporting process.
Use risk measurement methodologies, including Value-at-Risk (VaR)
analysis, scenario analysis, and stress-testing to quantify risk.
Require significant business units and corporate oversight functions
to assess their own key risks and internal controls annually through
a structured risk and control self assessment program and through
ongoing monitoring. This allows us to identify, escalate, and monitor
significant risk issues as needed.
Measure performance based on the allocation of risk-based economic
capital to businesses and charge a cost against that capital.
Actively monitor internal and external risk events to assess whether
our internal controls are effective.
Review and access annually how the performance objectives estab-
lished for members of SET were met in relation to the Enterprise
Risk Appetite as an input into compensation decisions.
Employ enterprise-wide stress testing to understand potential
vulnerabilities relevant to the Bank’s risk profile.
Enterprise Stress Testing
The Bank’s Enterprise Wide Stress Testing program involves the devel-
opment, application, and assessment of severe but plausible stress
scenarios on earnings and capital. It enables management to identify
and articulate enterprise-wide risks and understand potential vulnera-
bilities that are relevant to the Bank's risk profile.
Enterprise Wide Stress Testing at the Bank is part of the long term
strategic, financial, and capital planning exercise that helps define and
understand risk tolerance and ensures that the Bank is not exposed to
excessive risks. Furthermore, with the implementation of risk-sensitive
capital measures under Basel II including the Internal Capital Adequacy
Assessment Process (ICAAP), the Bank is required to be aware of
potential fluctuations in capital and how risk-sensitive models behave
in adverse economic conditions.
Stress Testing engages senior management in each business segment,
Finance, Treasury and Balance Sheet Management, Economics and Risk
Management. The results are reviewed by senior executives, incorpo-
rated in the Bank’s planning process and presented to the Risk
Committee of the Board.
The following pages describe the key risks we face and how they
are managed.
Strategic Risk
Strategic risk is the potential for loss arising from ineffective business
strategies, from improper implementation of business strategies, or
from a lack of responsiveness to changes in the business environment.
Management makes strategic decisions today to enhance future
shareholder returns. Senior management actively monitors, assesses,
manages, and mitigates the most significant strategic risks along
with oversight from the Board.