We uphold our commitment to sound governance, responsible business practices and ethical behavior in everything we do. Our commitment to safety and soundness is anchored by our diverse, expert Board of Directors. Our Board has adopted Corporate Governance Guidelines to promote the effective functioning of the Board and its committees. The Board oversees risk policies and the integrity of our financial accounting and financial reporting systems and processes while maintaining high standards of corporate conduct and compliance. It also provides advice to management regarding significant issues facing Fannie Mae and may adopt policies and procedures to help promote the safety and soundness of the company. Our Corporate Governance page outlines the oversight of our Board of Directors in greater detail.
On this page:
No matter the circumstance or challenge, it is our obligation to make responsible decisions, treat others with respect and get things done the right way. Our Code of Conduct for the Board of Directors and the Employee Code of Conduct outline guidance and responsibilities for board members and employees around ethical and lawful conduct. As outlined in the Employee Code of Conduct, Fannie Mae Ethics offers employees and third parties a forum to ask questions or raise concerns in a secure, confidential environment. Annually, employees are required to take an Employee Code of Conduct training and affirm commitment to upholding the code and abiding by our key values, vision, and behaviors.
We know our success, and ultimately the success of the families and communities we serve, depends on our partners’ observance of standards that help ensure safety and soundness in our business dealings. These contractual requirements are made clear and transparent in the following:
Fannie Mae works with suppliers to deliver products, services, and expertise that can be counted on in all markets, at all times. At Fannie Mae, we foster relationships with suppliers of integrity, with proven business practices, who provide our company with quality products and services for excellent value. We have a long-standing commitment to diversity and an active program for the inclusion of women, minorities, and individuals with disabilities, as well as women-, minority-, and disabled-owned businesses.
We established the Community Responsibility and Sustainability Committee of the Board in 2019 to steward our mission-oriented efforts and our commitment to becoming a leading financial ESG company. The Audit Committee, Compensation and Human Capital Committee, Nominating and Corporate Governance Committee, and Risk Policy and Capital Committee also oversee certain ESG activities.
Our dedicated, full-time ESG team focuses on further developing and implementing the company’s ESG strategy, including identifying opportunities to increase the company’s positive environmental and social impact and to report externally on this impact.
Our six Board Committee Charters outline their responsibilities related to and beyond ESG.
Risk management is fundamentally part of our core business model and a primary consideration in our business decisions. Our Board of Directors and management-level risk committees are integral to our risk mitigation program. We manage risk by using the financial services industry standard “three lines of defense” structure: risk ownership and management, risk oversight, and risk assurance. Our Business Units and Operations, Enterprise Risk Management, Compliance & Ethics, Support Functions such as Finance and Human Resources, and Internal Audit units support these lines of defense. All our risk-oriented activities are based on principles set forth by the Committee of Sponsoring Organizations of the Treadway Commission’s Enterprise Risk Management (“ERM”): Integrating with Strategy and Performance framework.
Fannie Mae works to secure and protect the financial information of millions of borrowers from data privacy and security risk, as well as information related to lenders, servicers, employees, investors, and website visitors. Our cybersecurity risk management program aligns to the Committee of Sponsoring Organizations of the Treadway Commission’s Enterprise Risk Management framework and the National Institute of Standards and Technology Framework for Improving Critical Infrastructure Cybersecurity. It has evolved based on the changing needs of our business, the evolving threat environment, and FHFA regulatory guidance. It also extends to oversight of third parties that could be a source of cybersecurity risk, including lenders and servicers that use our systems and third-party service providers. We examine the effectiveness and maturity of our cyber defenses through various means, including internal audits, targeted testing, incident response exercises, maturity assessments, and industry benchmarking. Fannie Mae requires its employees and contractors to take annual training focused on cyber awareness and certify that they will comply with Fannie Mae’s information security policies, standards, and procedures to help protect the confidentiality, integrity, and availability of Fannie Mae’s information and assets.
Cybersecurity risk is overseen by the Board as well as the Risk Policy and Capital Committee and the Strategic Initiatives and Technology Committee of the Board. More information about our Cybersecurity Risk Management Oversight can found in our Form 10-K.
2020 Governance impact
42% of our Board Members are women and 50% of Fannie Mae Board Committees are chaired by women, including our Board of Directors.
11 out of 12
Board Members and all of our committee chairs are independent. Community Responsibility and Sustainability Committee of the Board established in 2019 to steward our mission-oriented efforts and our commitment to ESG.