Understanding an Organization's Risks Helps Reinforce the Risk Culture
Each of the ERF's components reinforces the desired risk culture of TD Bank, and they are all equally necessary to ensure that TD successfully manages its risk. The ERF sets the direction of how TD manages enterprise risk. The TD Risk Inventory sets out TD's major risk categories and related subcategories to enable a consistent language and approach to measuring, reporting, and disclosing TD's risks. This inventory of risks facilitates consistent enterprise risk identification and becomes the starting point to develop the appropriate risk strategies and processes to manage TD's risk exposure. Definitions of common terms include:
Strategic risk is the potential for financial loss or reputational damage arising from ineffective business strategies, improper implementation of business strategies, or a lack of responsiveness to changes in the business environment. The CEO manages strategic risk supported by the members of the senior management team. Together they define the overall strategy, in consultation with and subject to approval by the board.
Credit risk is the risk of loss if a borrower or counterparty in a transaction fails to meet its agreed payment obligations. Credit risk is one of the most significant and pervasive risks in the banking sector. Every loan, extension of credit, or transaction that involves transfer of payments between TD and other parties or financial institutions exposes TD to some degree of credit risk. The responsibility of credit risk management is enterprisewide. Each business segment's credit risk control unit is primarily responsible for credit decisions and must comply with established policies, exposure guidelines, and credit approval limits.
Market risk is the risk of loss in financial instruments or the balance sheet due to adverse movements in market factors such as interest and exchange rates, prices, credit spreads, volatilities, and correlations. TD is exposed to market risk in its trading and investment portfolios, as well as through its nontrading activities. The primary responsibility for managing market risk in trading activities lies with Wholesale Banking with oversight from Market Risk Control within Risk Management.
Liquidity risk is the risk of having insufficient cash or collateral resources to meet financial obligations without raising funds at unfavorable rates or being unable to sell assets at a reasonable price in a timely manner. Demand for cash can arise from deposit withdrawals, debt maturities, and commitments to provide credit or liquidity support. The Asset/Liability and Capital Committee oversees the liquidity risk management program.
Operational risk is the risk of loss resulting from inadequate or failed internal processes, people, and systems or from external events. Operational risk is embedded in all of the bank's business activities, including the practices for managing other risks such as credit, market, and liquidity risk. Operational Risk Management is an independent function that designs and maintains TD's overall operational risk management framework. This framework sets out the enterprise-wide governance processes, policies, and practices to identify, assess, report, mitigate, and control operational risks.
Insurance risk is the risk of financial loss due to actual experience emerging differently from expected in insurance product pricing or reserving. This could be due to adverse fluctuations in timing, actual size, and/or frequency of claims mortality, morbidity, policyholders' behavior, or associated expenses incurred. Senior management within the insurance business units has primary responsibility for managing insurance risk with oversight by the Chief Risk Officer for Insurance, who reports into Risk Management.
Legal, regulatory, and compliance risk is the risk of negative impact to business activities, earnings or capital, regulatory relationships, or reputation as a result of failure to comply with or to adapt to current and changing regulations, laws, industry codes, rules, or regulatory expectations. Legal risk includes the potential for civil litigation or criminal or regulatory proceedings being commenced against the bank that, once decided, could materially and adversely affect its business, operations, or financial condition. Business segments and corporate areas are responsible for managing day-to-day regulatory and legal risk, while the Legal, Compliance, Global Anti-Money Laundering, and Regulatory risk groups assist them by providing advice and oversight.
Capital adequacy risk is the risk of insufficient capital available in relation to the amount of capital required to carry out the bank's strategy and to satisfy regulatory capital adequacy requirements. Capital is held to protect the viability of the bank in the event of unexpected financial losses. The board of directors has the ultimate responsibility for overseeing adequacy of capital and capital management. The board reviews the adherence to capital limits and targets, and reviews and approves the annual capital plan and the Capital Management Policy.
Reputational risk is the potential that stakeholder impressions, whether true or not, regarding an institution's business practices, actions, or inactions, will or may cause a decline in the institution's value, brand, liquidity, or customer base. TD Bank's enterprise-wide Reputational Risk Management Policy is approved by the Risk Committee of the Board. This policy sets out the framework under which each business unit is required to implement a reputational risk policy and procedures. These include designating a business-level committee to review reputational risk issues and to identify issues to be brought to the Enterprise Reputational Risk Committee.