Risk Analysis and Supply Risk Mitigation at Bank of America SCRLC Meeting June 4 & 5, 2008 Boeing...
15
Risk Analysis and Supply Risk Mitigation at Bank of America SCRLC Meeting June 4 & 5 , 2008 Boeing Corporation Seattle, Washington Major Program Components Overview
-
Upload
patience-hampton -
Category
Documents
-
view
217 -
download
1
Transcript of Risk Analysis and Supply Risk Mitigation at Bank of America SCRLC Meeting June 4 & 5, 2008 Boeing...
Risk Analysis and Supply Risk Mitigation at Bank of America
SCRLC Meeting June 4 & 5 , 2008Boeing Corporation
Seattle, Washington
Major Program Components Overview
Page 2
– $1.4 Trillion in Assets
– According to Forbes latest “Global 2000” listing, BAC is the worlds 4th largest public company just behind CitiGroup Inc, General Electric and AIG. (based on composite sales profits, assets, and market capitalization)
– The world’s 6th most-profitable company
– Offices in 31 countries serving clients across 150 countries
– 38 million consumer relationships
– Retail footprint covers more than 75% of the U.S. population• >16,000 ATM’s • >5,600 Banking Centers• 52% of all internet banking transactions
– The number-one issuer of debit cards in U.S., with over 17 million cards outstanding
– Bankers to 96% of the US Fortune 500 and 82% of the Global Fortune 500
Bank of America Business Profile
Page 3
LOB Customer
Centric
Global Operations and
Supplier Relations
Development
GCIB, GWIM & GBFS Supply Management
Consumer & Card Supply Management
GTO Supply Management
ESP & S Supply
Management
SCM Strategy
Support Partners
Greg TaylorSupply Chain Management
Executive
Joe Hill Joseph Martinez Jill Bossi Cesar Penaherrara Rich Jones Benjamin Robinson
Multicultural Sup Dev
Cross Sell
European SCM
Chilean SCM
Argentinean SCM
Brazilian SCM
Uruguayan SCMAsian SCMSourcing ServicesApplication DeploymentProcess DesignSupplier RegistrationArchiving & RecordsSupplier Manager ServicesTraining & Certification Supplier Scorecards
Transaction Services
• Cash Transport
• Non-Cash X-port
• ATM
• Imaging
Business Solutions
• Desktop & Security
• Tech Outsourcing
• Enterprise Apps
Tech Infrastructure
• Telecom
• Mainframe / Storage
• Midrange / Software
• Enterprise Access / Svcs
Global Wealth & Investment Management
Global Corporate Investment Banking
Global Business & Financial Services
Card & Merchant Services
Deposit and Debit
Consumer Real Estate
E-Commerce & Insurance
Corporate Workplace
Global Human Resources
Corporate Marketing
Corporate Staff & Support
Treasury
Quality & Productivity
Finance
Legal
Risk
Document Management
Corporate Travel Services
Risk and Compliance
• Compliance & Monitoring
• Risk Assessment
• Risk Monitoring
•Project Management Office
•Offshoring
Bank of America Supply Chain Management
SCM Transition
SCM Analytics
Tim Marquardt
Dave McCann
Page 4
2001 9/11
Terrorist Attacks
2001 9/11
Terrorist Attacks
1990s e-
Economy
1990s e-
Economy
2002 Corporat
e Scandal Effect
2002 Corporat
e Scandal Effect
2000+ Globalization
2000+ Globalization
Operationa
l Risk
Operationa
l RiskBusiness
ContinuityBusiness
Continuity
Anti-Money
Laundering
Anti-Money
Laundering
Focus on Operational
RisksRecovery / Continuity from
Event Risks
Eliminate Funding Sources
for Terrorists
US Patriot Act
US Patriot Act
Digital Flow of Customer
Data
Consumer Awareness of Risks
Payments Transformatio
n
Gramm-Leach-Bliley
Act
Gramm-Leach-Bliley
Act
Check 21 Act
Check 21 Act
Customer Informatio
n Protection
Customer Informatio
n Protection
Privacy Privacy
Check Imaging & Truncation
Check Imaging & Truncation
Finance Oversight and
Assurance
Corporate Governance
Corporate Controls and
Data Sarbanes-Oxley Act
Sarbanes-Oxley Act
States AG Investigation
s
States AG Investigation
s
Increased Regulatory Oversight
Increased Regulatory Oversight
Governanc
e
Governanc
e
Email Retention
Email Retention
Increased pressure on
Cost-to-serve
Cross-border funds and
information flowsGlobal companies requiring global
banking partners
Basel II Basel II
Out-sourcing / In-
sourcing/ Off-shoring
Out-sourcing / In-
sourcing/ Off-shoring
Capital Requirement
s Harmonizatio
n
Capital Requirement
s Harmonizatio
n Country Risk of Supply Base
Country Risk of Supply Base
Corporate
Scandal Effect
Corporate
Scandal Effect
US Patriot
Act
US Patriot
Act
Country Risk
of Supply Base
Country Risk
of Supply Base
External EventsLegislation / Oversight
BAC Program
The combination of external events, legislation and
supporting Bank programs has resulted in the current “galaxy”
of Supplier Management activity.
Supply Chain Management – Assumptions & Environment
Page 5
Supply Chain Strategic Propositions
SCM Role and Value Proposition• Create Value:
– Develop and execute supply strategies for LOBs – Deliver credible, transparent and sustainable
productivity gains for the enterprise
• Foster Innovation: – Identify and generate revenue opportunities as
part of the Universal Bank– Protect BAC IP to drive competitive advantage
• Minimize Risk: – Ensure that Bank of America suppliers meet
rigorous risk and quality standards
Build the Brand – SCM Relationship Responsibilities• > 30,000 suppliers• 12,346 active contracts (domestic)• 139 domestic agreements with 102 foreign
Suppliers located in 20 countries• Supplier Diversity
– > 7,500 diverse suppliers– $1,2 B spend with diverse suppliers
• Supplier Cross-Sell 2002-2007– 140 deals with over $58MM in Revenue
• Leading BAC efforts on Environmental Impact• Quarterly OCC Reviews
Shareholder Value / Low Cost Provider• SCM Non-Interest Expense Impact
– $14.5 B supplier sourceable spend (est.)– 35% of the BAC NIE (incl. MBNA)
• SCM Savings Impact– 2002-2005 Sum = $1.18B (SPS $0.19)– 2005 = $654.3MM (SPS $0.10)– 2007P = $900MM (SPS $0.16)– FLEET - $426.0MM Cumulative (2004-2006)– MBNA - $250.0 MM cumulative (2006 = $103MM)
• SCM Operating Leverage Impact– Corporate Travel– Document / Print Management
Top Challenges• Governance Maturity
– Strategic Sourcing– End-to-End supplier management
• Savings Governance and Execution– Savings either accrue or are reinvested per LOB
decision
• Infrastructure Investments– Not sexy but mission critical
• Proactively Managing Operational Risk• Global Supply Chain Integration• Getting Ready for the NEXT BIG THING!
Page 6
Bank of America Supply Chain Mission
Supply Chain Management has the fiduciary responsibility to:
1. Manage (mitigate) Enterprise Supply Base risk
2. Maximize Enterprise Supply Base Value (while not violating #1)
3. Support business partner needs for goods and services.” (while not violating #1 or #2)
Page 7
SC
M
Sou
rcin
g
Exec
.
SC
M
Sou
rcin
g
Man
ag
er
LO
B S
up
plier
Man
ag
er
(S
M)
Pre-Engagement Engagement Establish
Relationship Manage
Relationship
Terminate/Change
Relationship
E2E Supplier Relationship Management Process
SCM Sourcing LOB Supplier Management Shared
• Identify business need for sourcing product or service
• Develop business case
• Complete risk assessment with Sourcing
• Create risk mitigation plan & performance scorecard
• Manage day-to-day supplier operations/-relationship• Manage supplier risk & performance • Complete deliverables per Supplier Management Program (SMP)
• Identify need to change relationship
• Identify supply leverage opportunity, sourcing strategy, & potential suppliers
• Review business case
• Source alternative suppliers• Negotiate with suppliers• Complete risk assessment with LOB & risk partners• Finalize contract terms & conditions
• Consult with LOB on supplier risk and performance issues
• Identify need to change relationship • Modify or terminate contract
• Oversee SMP for LOB and drive appropriate management routines; update LOB leadership on supplier risk & performance issues
• Ensure LOB Supplier Managers comply with SMP standards• Provide VOC input to improve SMP
• Oversee supplier selection and contracting• Partner with LOB Champions to resolve supplier risk and performance issues
• Provide risk subject matter expertise• Partner with LOB to resolve supplier risk and performance issues• Includes Legal, GIPBC, GCOR, Corporate Insurance, etc.
Lead
LO
B
Ch
am
pio
n
LO
B
Ris
k
Part
ne
rs
Note: Roles highlighted in blue represent 1st LOD; roles highlighted in orange represent 2nd LOD.
8
Rev. 1/16/08
Supplier Management Program (SMP) Purpose
Supplier Management Program (SMP)
A framework of governance, processes and tools to manage enterprise supplier risk and performance annually for Tier 1 and Tier 2 suppliers. Supplier Managers and Suppliers submit program deliverables which enable our
ability to assess, manage and mitigate supplier performance and risk issues in a timely manner.- LOB Supplier Managers – Serve as a liaison between the supplier and Bank of America while managing day to day
relationship, monitoring supplier performance, and identifying and mitigating supplier risk. - LOB Champions – Tier and assign LOB Supplier Manager to LOB Suppliers, act as a point of escalation and drive appropriate
management routines for the LOB, represent the LOB as a member of the Supplier Risk Steering Committee and work with support partners to drive SMP deliverables and issue resolution.
The Three Lines of Defense1st Line of Defense - Business unit managers are accountable for all risks in their units, both existing and emerging. For SMP - LOB Champions & Supplier Managers.2nd Line of Defense - Business partners acting independently, work with business units to identify, assess and mitigate all risks. For SMP - includes SCM, GIPBC, Legal, Compliance & Operational Risk, etc.3rd Line of Defense - Corporate Audit and Credit Review independently test, verify and evaluate management controls.For SMP - Audit.
SMP Suppliers
The Supplier Management Program provides a framework for managing tier 1 and tier 2 suppliers, which include the 550 most critical/highest risk of Bank of America’s 31,000 total Suppliers.
Tier 1 – Supplier scores Significantly High for Information Security, Business Continuity, Financial or Other Operational risks OR annual supplier spend totals $150mm or more.
Tier 2 – Supplier scores High for Information Security, Business Continuity, Financial or Other Operational risks OR annual supplier spend ranges between $35mm and $150mm.Supplier Risk Steering Committee (SRSC)
The SRSC, which includes the LOB Champions, meets quarterly to review the Enterprise SMP status, the program status for key LOBs, and key supplier risk issues and themes across LOBs. The SRSC also decisions SMP enhancements, monitors key initiatives status, and encourages best practices sharing across the LOBs.
The SRSC provides quarterly Supplier Risk updates to the Compliance and Operational Risk Committee (CORC).
Goal
Implement a World Class Enterprise Supplier Management Program to identify and mitigate supplier risk and maximize supplier performance and value
9
Rev. 1/16/08
Supplier Management Program Structure and Governance
• Comprehensive, enterprise-wide Supplier Management Program
• Governed by Supplier Risk Executive Committee
• Focus process rigor on most critical and complex supplier relationships
• Drive program consistency through role clarity, training, & certification
• Comprehensive, enterprise-wide Supplier Management Program
• Governed by Supplier Risk Executive Committee
• Focus process rigor on most critical and complex supplier relationships
• Drive program consistency through role clarity, training, & certification
Approach ApproachSM Program GovernanceSM Program Governance
Supplier Risk Executive CommitteeMilton Jones, CFO Group
Greg Taylor, Supply Chain Management Chris Higgins, GIPBC
Mike Brosnan, Global Risk
Supplier Risk Executive CommitteeMilton Jones, CFO Group
Greg Taylor, Supply Chain Management Chris Higgins, GIPBC
Mike Brosnan, Global Risk
LOB Champions
Global Supply Chain Management Greg Taylor
Global Risk Management Mike Brosnan
Finance Services Keith Jacobsen
GT&O S&F Ops Jeanne Spradlin
GT&O NCG Edie Fletcher
GT&O CIOs Meril Thornton
Corporate Workplace Jeff Hipple
Global Human Resources Eadie Ferretti
Global Marketing Dave Upton
GC&SBB - Deposits Gregg Sheehy
GC&SBB – eCommerce Ellen Fox
GC&SBB – CRE/Insurance Tim O’Brien
GC&SBB – Card Services Jeff Hennessy
GC&SBB – Student Banking Tom Nerad
GC&SBB – Small Business Banking David Head
Global Product Solutions Tim Burdick
Global Capital Markets & Investment Banking Marta Johnson
Corporate Investments Leslee Bertsch
Global Wealth & Investment Management Chantalle Couba
Global Commercial Bank Mary Jo von Tillow
Non-US Joe Hill
LOB Champions
Global Supply Chain Management Greg Taylor
Global Risk Management Mike Brosnan
Finance Services Keith Jacobsen
GT&O S&F Ops Jeanne Spradlin
GT&O NCG Edie Fletcher
GT&O CIOs Meril Thornton
Corporate Workplace Jeff Hipple
Global Human Resources Eadie Ferretti
Global Marketing Dave Upton
GC&SBB - Deposits Gregg Sheehy
GC&SBB – eCommerce Ellen Fox
GC&SBB – CRE/Insurance Tim O’Brien
GC&SBB – Card Services Jeff Hennessy
GC&SBB – Student Banking Tom Nerad
GC&SBB – Small Business Banking David Head
Global Product Solutions Tim Burdick
Global Capital Markets & Investment Banking Marta Johnson
Corporate Investments Leslee Bertsch
Global Wealth & Investment Management Chantalle Couba
Global Commercial Bank Mary Jo von Tillow
Non-US Joe HillSM Program Council – Caroline DellingerSM Program Council – Caroline Dellinger SM Program
TeamsSM Program
Teams
• 552 Tier 1 and 2 suppliers, with approximately 245 supplier managers, covering approximately 55% of bank’s spend
• Currently US, EMEA, and Canada, with plans to extend to Asia, India, Mexico, etc. in 2008
• 552 Tier 1 and 2 suppliers, with approximately 245 supplier managers, covering approximately 55% of bank’s spend
• Currently US, EMEA, and Canada, with plans to extend to Asia, India, Mexico, etc. in 2008
Program ScopeProgram Scope
Page 10
Supplier Mgmt Program - Supplier Tiering & SM’s
Non-
Tiered
Tier 2
Tier 1
All Suppliers
• Supplier Tiering is risk based with three key components.
• Supplier Tiering is risk based with three key components.
Supplier TieringSupplier Tiering
1. Criticality of supplier’s product or service to:• Operation of Bank of America• Operation of Line of Business
2. Sensitive Data Handling Risk
3. Annual Spend
1. Criticality of supplier’s product or service to:• Operation of Bank of America• Operation of Line of Business
2. Sensitive Data Handling Risk
3. Annual Spend
Tier CriteriaTier Criteria
• Supplier tier classifications
• Tier 1 & Tier 2 Suppliers require Supplier Managers
• Supplier tiers revisited annually
• Tier 3 = Low $, Low IS
• Tier 4 = Negligible exposure
• Supplier tier classifications
• Tier 1 & Tier 2 Suppliers require Supplier Managers
• Supplier tiers revisited annually
• Tier 3 = Low $, Low IS
• Tier 4 = Negligible exposure
Tier AssignmentTier Assignment
• Assigned by Line of Business
• All Supplier Managers must:
• Complete 2.5 day Supplier Manager training program
• Achieve certification w/in 60 days after completion of training
• Recertify Annually
• Manage suppliers to annual performance and risk management deliverables
• Assigned by Line of Business
• All Supplier Managers must:
• Complete 2.5 day Supplier Manager training program
• Achieve certification w/in 60 days after completion of training
• Recertify Annually
• Manage suppliers to annual performance and risk management deliverables
Supplier ManagersSupplier Managers
Manage Manage
11
Rev. 1/16/08
Supplier Management Program Requirements
* Not required for Tier 2 Suppliers.
1. Supplier Manager certified/re-certified2. Supplier registered online3. Supplier tier and risk tool (START)4. Supplier performance scorecard5. Supplier risk summary (SRS)6. Insurance certificate review 7. LOB contingency plan (if required)1
8. SAS 70 Type II Audit (if required)2
9. Audited Financial Statements for non-public Tier 1 suppliers
10. Off-shoring and sub-contracting survey11. Supplier business continuity plan1
12. Supplier information security and business continuity questionnaire (SAQ)
13. Supplier business continuity remediation plan accepted (if required)1
14. Supplier business continuity remediation plan completed (if required)1
15. Supplier information security remediation plan accepted (if required)3
16. Supplier information security remediation plan completed (if required)3
17. Supplier portfolio risk dashboard, triggers list & remediation plan4
1. Supplier Manager certified/re-certified2. Supplier registered online3. Supplier tier and risk tool (START)4. Supplier performance scorecard5. Supplier risk summary (SRS)6. Insurance certificate review 7. LOB contingency plan (if required)1
8. SAS 70 Type II Audit (if required)2
9. Audited Financial Statements for non-public Tier 1 suppliers
10. Off-shoring and sub-contracting survey11. Supplier business continuity plan1
12. Supplier information security and business continuity questionnaire (SAQ)
13. Supplier business continuity remediation plan accepted (if required)1
14. Supplier business continuity remediation plan completed (if required)1
15. Supplier information security remediation plan accepted (if required)3
16. Supplier information security remediation plan completed (if required)3
17. Supplier portfolio risk dashboard, triggers list & remediation plan4
Program DeliverablesProgram Deliverables
• Supplier Financial Health• Supplier Information Protection• Supplier Performance Management• Contractual and Insurance Coverage• Supplier Business Continuity Capability• Supplier Work Executed Outside US (Indirect
Offshoring)• BAC Ability to Replace Supplier (Contingency Plans)• Privacy• Supplier Sub-Contracting• Intellectual Asset
• Supplier Financial Health• Supplier Information Protection• Supplier Performance Management• Contractual and Insurance Coverage• Supplier Business Continuity Capability• Supplier Work Executed Outside US (Indirect
Offshoring)• BAC Ability to Replace Supplier (Contingency Plans)• Privacy• Supplier Sub-Contracting• Intellectual Asset
Risk & Performance Elements
Risk & Performance Elements
Notes1Required for suppliers scoring SIG HIGH, HIGH or MED for BC on START2For appropriate suppliers based on START3Required for suppliers scoring SIG HIGH, HIGH or MED for IS on START4Deliverables in blue are the LOB Champion’s responsibility
It is the responsibility of the LOB to ensure that the program deliverables are complete, Accurate and timely.
It is the responsibility of the LOB to ensure that the program deliverables are complete, Accurate and timely.
Program Deliverable Quality
Program Deliverable Quality
12
Rev. 1/16/08
Supplier Management Program Metrics
2008 Hoshin & Performance Plans• Business Executives – 1) SPI as component of Business Risk
Review and/or 2) % Compliance to SMP Deliverables as component of Compliance Program Effectiveness Indicator (CPEI)
• LOB Champions and Senior Supplier Managers– 1) SPI and 2) % targeted supplier enablements 3) % Compliance to SMP Deliverables as component of Compliance Program Effectiveness Indicator (CPEI, if B1 or 2)
• Managers of Supplier Managers and Supplier Managers – 1) SMP deliverables are current, complete and submitted on-time in accordance with annual SMP Deliverable schedule. Deliverables that are not of acceptable quality will be rejected. 2) % Targeted payment channel supplier enablements completed
The Supplier Portfolio Index (SPI) • Integrated view of supplier residual risk and performance.
• Intended to drive simple actions for assessing and remediating risk and performance issues.
• Single risk and performance metric for a portfolio of suppliers (business unit, LOB and enterprise).
• Can be disaggregated to individual components to understand where corrective action is required.
The Supplier Portfolio Index consists of three equally weighted components:
– Supplier Manager Certification• indicates supplier is managed to the Supplier Management process
– Supplier Performance Scorecard• reflects how well the cost/reward relationship is delivered
– Composite Supplier Risk Index• measures the residual risk of the supplier relationship at the current level of
mitigation
Certified Tier 1&2 Supplier Mgrs
Supplier Performance Scorecard
Composite SupplierRisk Index
Supplier Portfolio Index (one supplier risk metric)
Supplier PerformanceScorecard
Supplier Manager Certification Status
(management to the process)
Composite Supplier RiskIndex
33%33%33%
Metric
Metric
Metric
Metric
Metric
Info Sec Bus Cont Financial Op Risk SCM
IS Score BC Assessment
Credit Score other SCM
survey questions
SCM survey
questions
SCM survey
questions
Agg
rega
ting
Dis
aggr
egat
ing
13
Rev. 1/16/08
Supplier Management Program Reporting
1. Dates above columns indicate due date of deliverable REPORT DATE GEN I Due Dates T1 9/30/05 8/31/05 3/31/05 3/31/05 4/30/05 7/15/05 10/15/05 7/15/05 10/15/05 7/15/05 10/15/05 7/15/05 10/15/05 8/31/05 7/31/05 8/31/05 7/31/05 6/30/05
2. A = Annual Deliverable, Q = Quarterly Deliverable, ( ) = Deliverable Number (i.e. 1 – 18) 9/14/05 CADENCE SCHEDULE T2 9/30/05 8/31/05 3/31/05 3/31/05 4/30/05 10/15/05 7/15/05 10/15/05 6/30/05
3. Deliverable required due to Cadence GEN II Due Dates T1 9/30/05 8/31/05 6/30/05 6/30/05 8/31/05 10/15/05 10/15/05 10/15/05 11/30/05 10/15/05 10/15/05 11/30/05 10/31/05 10/31/05 10/31/05 7/31/05
T2 9/30/05 8/31/05 6/30/05 6/30/05 8/31/05 10/15/05 10/15/05 10/15/05 7/31/05
SCM Services Business Continuity Corporate Information Security
A A A (1) A (2) A (3) A (4) A (5) A (11) A (12) A (13) A (14) A (8) A (15) A (16) A (17) A (18) A
CMSi
Comp
any
ID SUPP
LIER
NA
ME
GENE
RATI
ON
Tier
Status
Line
of Bu
siness
(2
Dot)
Steeri
ng
Comm
ittee
LOB
Cham
pion
Supp
lier
Man
ager
Sour
cing
Man
ager
Top 8
0% Li
sted
Supp
lier
Sens
itive
Infor
matio
n to b
e Ex
chan
ged
Opera
tiona
lly
Critic
al Su
pplie
r
Regis
tered
for
Train
ing
Train
ed
Certi
fied/
Re-C
ertifie
d
Supp
lier's
Re
gistra
tion
Refre
shed
Finan
cial
Viab
ility R
isk
Ratin
g Date
SCM
Risk
Surv
ey
Comp
lete
Risk
Plan
Re
ceive
d and
Co
mplia
nt
Q2 Sc
oreca
rd
Curre
nt /Fi
led
Q3 Sc
oreca
rd
Curre
nt /Fi
led
Q2 Su
pplie
r M
anag
er To
ol
(SMT)
Q3 Su
pplie
r M
anag
er To
ol
(SMT)
Q2 C
ertific
ate of
In
sura
nce
Curre
ntQ3
Cert
ificate
of
Insu
ranc
e Cu
rrent
Q2 C
urren
t Co
ntrac
t Do
cume
ntatio
n On
File
Q3 C
urren
t Co
ntrac
t Do
cume
ntatio
n On
File
LOB
Conti
ngen
cy
Supp
lier B
usine
ss Co
ntinu
ity
Quest
ionna
ire on
Fil
e
Supp
lier B
usine
ss Co
ntinu
ity
Asses
smen
t on
File
Supp
lier B
usine
ss Co
ntinu
ity Pl
an
on Fi
le
Off S
hore
Surv
ey
SAT I
nitiat
ed:
Supp
lier
Comp
leted
SAT
Supp
lier A
grees
to
Reme
diate:
LOB A
ccepts
Re
media
tion
Plan:
Antic
ipated
Cl
osure
Date
OVER
ALL (
With
Ex
tra C
redit f
or
Early
Co
mplet
ions)
Q2 Q3 Q2 Q3 Q2 Q3 Q2 Q3Company Number Company Name Cadence Supplier Tier Code Line of Business (2 Dot) Steering Committee LOB Champion Supplier Manager Sourcing Manager/ Lead Top 80% Listed Supplier Sensitive Information to be Exchanged Operationally Critical Supplier Registered for Training Trained Certified Supplier Registered Financial Viability Risk Rating Date SCM Risk Survey Complete Risk Plan Received and Compliant Q2-SC Q3-SC Q2-SMT Q3-SMT Q2-CI Q3-CI Q2-CF Q3-CF LOB Contingency Plan Current/Validated Business Continunity Questionaire on File Business Continunity Assessment on File Business Continunity Plan on File Off Shore Survey Complet SAT Initiated: Supplier Completed SAT Supplier Agrees to Remediate: LOB Accepts Remediation Plan: Anticipated Closure Date
3ARC-02302 3 Arch Financial Services Corporation Gen II Tier 2 Bob Whyte Gerald-Johnson, Sharon Tierney, Carl No N/A ... N/A N/A N/A Y Y Y N/A N/A N/A N/A N 20%
3GSL-03290 3GS LLC Gen II Tier 2 Bob Whyte Buckles, Cal Alford, Ann Yes Yes 5/5/04 5/5/04 8/31/05 Yes 3/21/05 Yes N/A N/A ... N/A N/A N/A Y Y Y N/A N/A N/A N/A Y N N N N 60%
SL00103 A C S Image Solutions Inc Gen I Tier 1 T & O Transaction Services Meril Thornton Hatch, Aaron Lambert, Teri Yes Yes Yes 6/2/04 6/2/04 12/27/04 No 4/14/05 Yes N/A Yes ... No ... Y Y Y Y No Y Y Y Y Y Y Y Y 7/15/2005 60%
ACAD-04437 Academy Collection Service Gen II Tier 2 Bob Whyte Edmiston, Jerri Wallace, Matt Yes Yes 8/12/04 8/12/04 Yes 7/22/05 Yes N/A N/A ... N/A N/A N/A Y Y Y N/A N/A N/A N/A Y Y IP IP IP IP 80%
ACCE-04797 Accenture LTD Gen I Tier 1 T & O COO Meril Thornton Schelble, John Major, Russ Yes Yes Yes 9/15/04 9/15/04 11/10/04 Yes 7/5/05 Yes N/A Yes ... Yes ... N ... N ... No Y N Y Y Y Y Y Y Completed 40%
ACEA-03445 Ace American Insurance Company Gen II Tier 2 Bob Whyte Stanfield, Vanessa McKeehan, Austin 3/8/05 3/8/05 5/25/05 No N/A ... N/A N/A N/A Y Y Y N/A N/A N/A N/A N 100%
ACIW-04033 ACI Worldwide Inc. Gen I Tier 1
T & O CCB/CP Business Technology Group Meril Thornton Schwappach, Michele Lambert, Teri Yes No Yes 11/8/04 11/8/04 11/23/04 Yes 4/15/05 Yes N/A Yes ... Yes ... Y Y Y ... No Y N Y Y N/A N/A N/A N/A N/A 56%
ACTI-03311 Active Decisions Gen I Tier 2 E-Commerce Bob Whyte Sitler, Deborah Pumphrey, Jeannie No Yes No 4/7/04 4/7/04 9/7/05 Yes 4/18/05 Yes N/A N/A ... N/A N/A N/A N/A N Y N/A N/A N/A N/A Y Y IP IP IP IP 100%
ACTU-04365 Actuate Corporation Gen I Tier 1 T & O Network Computing Group Meril Thornton Martel, Joanne Johnson, Ron No No Yes 9/13/05 Yes 5/31/05 Yes N/A Yes ... Yes ... Y Y Y ... No Y N Y Y N/A N/A N/A N/A N/A 75%
ACXI-04475 Acxiom Corporation Gen I Tier 1 Card Services Bob Whyte Gooden, Jerredith Grabowski, Anne Yes Yes Yes 4/28/04 4/28/04 9/7/05 Yes 2/1/05 Yes Yes Yes ... Yes ... Y ... Y Y Yes Y Y Y Y Y Y Y Y 6/1/2005 100%
ADTS-04518 ADT Security Services Gen I Tier 1 Corporate Security Tom Doran Hobba, Irvin (Skip) Kleinpeter, Shane Yes No Yes 8/12/04 8/12/04 9/7/05 Yes 2/7/05 Yes N/A Yes ... Yes ... Y Y Y Y Yes Y Y Y Y N/A N/A N/A N/A N/A 100%
ADVA-03972 Advanced Call Center Technologies, LLC Gen II Tier 2 Bob Whyte Allen, Joseph Wallace, Matt Yes Yes Yes 6/27/05 Yes N/A N/A ... N/A N/A N/A Y N/A ... N/A N/A N/A Y Y Y Y Y Y 10/12/2005 81%
ADVA-02829 Advanced Technology Innovations LLC Gen II Tier 2 Leigh Hartman Murphy, Beverly Rangel, Martha Yes Yes 7/26/05 7/26/05 Yes 6/27/05 Yes N/A N/A ... N/A N/A N/A Y N/A ... N/A N/A N/A N/A Y N N N N 94%
AEGO-01197 Aegon USA Gen I Tier 1 Insurance Services Group Bob Whyte Jesso, Tonya Lee, Haemin No Yes No 5/19/04 5/19/04 8/3/04 No 4/15/05 Yes N/A Yes ... Yes ... Y Y Y Y N/A Y N Y Y Y Y N N 100%
AETN-04985 Aetna Inc Gen II Tier 1 AE -- PERSONNEL GROUP Heidi Hendrix Delsesto, Frances Taylor, Ernie Yes Yes 3/15/05 3/15/05 5/19/05 Yes 4/13/05 Yes N/A No ... N/A ... Y Y Y Y ... ... ... ... Y N N N N 83%
AFFI-04488 Affiliated Computer Services, Inc Gen II Tier 2 Supply Chain Management Greg Taylor Henretty, Alec Cronin, Tim Yes Yes 5/5/04 5/5/04 6/23/04 Yes 4/11/05 Yes N/A Yes ... Yes N/A N/A Y Y Y Yes N/A N/A N/A Y Y IP IP IP IP 100%
AIDA-03825 Aid Associates Inc. Gen II Tier 2 Bob Whyte Witkus, Gail Wallace, Matt Yes Yes 10/6/04 10/6/04 9/7/05 Yes 6/21/05 Yes N/A N/A ... N/A N/A Y Y Y Y N/A N/A N/A N/A Y N N N N 100%
Q (6) Q (7) Q (9) Q (10)
• Status Report produced weekly• Used by LOB Champion & Supplier
Managers to monitor compliance with program deliverables
• Risk Review prepared quarterly• Used by LOB Champion to identify key risk issues & themes, drive risk remediation plans & report to Supplier Risk Exec. Comm.
Page 14
Performance and Continuous ImprovementProgram Snapshot• 552 of highest risk (Tier 1 & 2) suppliers in program• 2008 YTD 86% of required deliverables completed• 200+ suppliers beginning fourth year of program• 245 Supplier Managers in program; All Certified by October of current year• 60% Recertify
2007 Strategies• Enhanced program quality and simplification (MBF, SM Program Council)• LOB Enablement and Program Integration
• Successful MBNA and US Trust merger integration
2008 Strategies• Move from quantitative to qualitative deliverables (5 Auditable deliverables)• Migration to automated system• Adapt and drive the program internationally• Next gen risk opportunities are Offshore/Subcontractor and Business Continuity
Page 15
Corporate signatureDo Not print this page. For projector presentations only.
Corporate signatureDo Not print this page. For projector presentations only.
