US Bank 2014 Annual Report Download - page 42

Download and view the complete annual report

Please find page 42 of the 2014 US Bank annual report below. You can navigate through the pages in the report by either clicking on the pages listed below, or by using the keyword search tool below to find specific information within the annual report.

Page out of 173

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
  • 115
  • 116
  • 117
  • 118
  • 119
  • 120
  • 121
  • 122
  • 123
  • 124
  • 125
  • 126
  • 127
  • 128
  • 129
  • 130
  • 131
  • 132
  • 133
  • 134
  • 135
  • 136
  • 137
  • 138
  • 139
  • 140
  • 141
  • 142
  • 143
  • 144
  • 145
  • 146
  • 147
  • 148
  • 149
  • 150
  • 151
  • 152
  • 153
  • 154
  • 155
  • 156
  • 157
  • 158
  • 159
  • 160
  • 161
  • 162
  • 163
  • 164
  • 165
  • 166
  • 167
  • 168
  • 169
  • 170
  • 171
  • 172
  • 173

Operational risk is the risk of loss resulting from inadequate
or failed internal processes, people, or systems, or from
external events, including the risk of loss resulting from
breaches in data security. Operational risk can also include
failures by third parties with which the Company does
business. Compliance risk is the risk of loss arising from
violations of, or nonconformance with, laws, rules,
regulations, prescribed practices, internal policies, and
procedures, or ethical standards, potentially exposing the
Company to fines, civil money penalties, payment of
damages, and the voiding of contracts. Compliance risk also
arises in situations where the laws or rules governing certain
Company products or activities of the Company’s customers
may be ambiguous or untested. Strategic risk is the risk to
earnings or capital arising from adverse business decisions
or improper implementation of those decisions. Reputational
risk is the potential that negative publicity or press regarding
the Company’s operations, business practices or products,
whether true or not, will cause a decline in the customer
base, costly litigation, or revenue reductions. In addition to
the risks identified above, other risk factors exist that may
impact the Company. Refer to “Risk Factors” beginning on
page 155, for a detailed discussion of these factors.
The Company’s Board and management-level
governance committees are supported by a “three lines of
defense” model for establishing effective checks and
balances. The first line of defense, the business lines,
manages risks in conformity with established limits and
policy requirements. In turn, business leaders and their risk
officers establish programs to ensure conformity with these
limits and policy requirements. The second line of defense,
which includes the Chief Risk Officer’s organization as well
as policy and oversight activities of corporate support
functions, translates risk appetite and strategy into
actionable risk limits and policies. The second line of defense
monitors first line of defense conformity with limits and
policies, and provides reporting and escalation of emerging
risks and other concerns to senior management and the Risk
Management Committee of the Board of Directors. The third
line of defense, internal audit, is responsible for providing the
Audit Committee of the Board of Directors and senior
management with independent assessment and assurance
regarding the effectiveness of the Company’s governance,
risk management, and control processes.
Management provides various risk reports to the Risk
Management Committee of the Board of Directors. The Risk
Management Committee discusses with management the
Company’s risk management performance, and provides a
summary of key risks to the entire Board of Directors,
covering the status of existing matters, areas of potential
future concern, and specific information on certain types of
loss events. The discussion also covers quarterly reports by
management assessing the Company’s performance relative
to the risk appetite statements and the associated risk limits,
including:
– Qualitative considerations, such as the macroeconomic
environment, regulatory and compliance changes,
litigation developments, and technology and cybersecurity;
– Capital ratios and projections, including regulatory
measures and stressed scenarios;
– Credit measures, including adversely rated and
nonperforming loans, leveraged transactions, credit
concentrations and lending limits;
– Interest rate and market risk, including market value and
net income simulation, and trading-related Value at Risk;
– Liquidity risk, including funding projections under various
stressed scenarios;
– Operational, compliance and strategic risk, including
losses stemming from events such as fraud, processing
errors, control breaches, breaches in data security, or
adverse business decisions, as well as reporting on
technology performance, and various legal and regulatory
compliance measures; and
– Reputational risk considerations, impacts and responses.
Credit Risk Management The Company’s strategy for credit
risk management includes well-defined, centralized credit
policies, uniform underwriting criteria, and ongoing risk
monitoring and review processes for all commercial and
consumer credit exposures. The strategy also emphasizes
diversification on a geographic, industry and customer level,
regular credit examinations and management reviews of
loans exhibiting deterioration of credit quality. The Risk
Management Committee oversees the Company’s credit risk
management process.
In addition, credit quality ratings as defined by the
Company, are an important part of the Company’s overall
credit risk management and evaluation of its allowance for
credit losses. Loans with a pass rating represent those loans
not classified on the Company’s rating scale for problem
credits, as minimal risk has been identified. Loans with a
special mention or classified rating, including loans that are
90 days or more past due and still accruing, nonaccrual
loans, those considered troubled debt restructurings
(“TDRs”), and loans in a junior lien position that are current
but are behind a modified or delinquent loan in a first lien
position, encompass all loans held by the Company that it
considers to have a potential or well-defined weakness that
40