Wells Fargo's Risk Management is organized along three lines of defense, each of which has distinct objectives and responsibilities. This integrated risk management approach is built on strong relationships and willing partnerships—it promotes greater coordination and communication among the three lines, and strengthens independent oversight by both Corporate Risk and independent assurance by Wells Fargo Audit Services. Wells Fargo views risk management as a strategic priority using sophisticated models, tools, and analytics to support our customers and to monitor and manage our business each day. We look at the risk and reward relationship in every deal that we do and in every decision that we make. We look across the spectrum to understand risks and how they interrelate, both in the analytics we use and in the way our risk managers work together. We take an enterprise-wide view of current and emerging risks, advising senior leaders and our Board of Directors in identifying and monitoring risks that may affect multiple Wells Fargo lines of business, and take appropriate action when business activities exceed the risk tolerance of the firm.
The following groups are part of Wells Fargo Corporate Risk:
- Corporate Credit & Market Risk: responsible for independently overseeing the management of credit risk exposures (including monitoring and reporting on aggregate credit exposures across groups, legal entities, geographies, and jurisdictions) and the quality of credit risk management practices across the company. This oversight extends to all phases of a loan’s life cycle, including origination, underwriting, risk analysis, approval, documentation, boarding, monitoring, loss recognition, modification, and collection activities. More specifically, Corporate Credit & Market Risk develops, maintains and ensures adherence to enterprise-wide credit risk frameworks, policies, and procedures that are aligned with Board-approved risk appetite.
- Corporate Enterprise Risk Group: responsible for independently overseeing a broad collection of activities and risk types. CERG's principal focus, however, is overseeing the management of four key risk types: liquidity risk, strategic risk, emerging risk, and cross-functional risk.
- Corporate Risk Program Office: provides leadership and coordination of the initiatives designed to address open regulatory concerns, strengthen Corporate Risk, and ensure that Wells Fargo meets its aspiration to be a global leader in risk management. Responsible for overseeing the quality and timely completion of Corporate Risk initiatives.
- Operational Risk & Compliance: manages second-line-of-defense risk activities across Enterprise Information Security, Financial Crimes Risk Management, Corporate Model Risk, Operational Risk, Regulatory Compliance Risk Management and Technology Risk. The team is focused on building an operational risk organization with consistency and simplification across all six risk areas, ensuring strong communication and coordination among the three lines of defense. Operational Risk & Compliance comprises the following teams: Corporate Business Initiatives & Operations, Corporate Model Risk, Enterprise Information Security, Financial Crimes Risk Management, Operational Risk, Regulatory Compliance Risk Management, and Technology Risk.