Financial Review 2025
Read more
Aktia's key risks and risk management
Risk event refers to a calculated or unexpected event that has a negative impact on results (loss) or capital adequacy. The term covers both the probability of a risk event taking place, as well as the impact of the event taking place.
Aktia Group focuses primarily on banking, asset management, and life insurance operations. Risks and risk management are thus an important part of Aktia’s operating environment and business activities. The main areas of risk are credit, interest rate, and liquidity risks in the Bank Group and interest rate, other market risks, and actuarial risks in the life insurance business. All operations are exposed to business and operational risks.
Key risks
Credit risk is defined as the risk of losses brought about by the debtor failing to fulfil obligations towards Aktia, while counterparty risk is defined as the risk of losses or negative valuation differences due to deterioration of the counterparty’s creditworthiness.
Risk profile
Aktia’s lending is diversified between private individuals and small and medium-sized enterprises. Retail lending consists mainly of mortgage lending with real estate collateral, supplemented by lending in credit cards and loans for private investments. Aktia aims to keep a low risk level in the credit portfolio, by focusing credit granting to counterparties with high credit quality and adequate collateral loan-to-value ratios to cover potential losses.
The bank is exposed to counterparty risk through derivative contracts, which is mitigated by collateral arrangements according to agreements with each counterparty. Counterparties are selected through an evaluation process focusing on their ratings and they are mainly systemically important financial institutions.
Market risks arise from price and volatility changes in the financial markets. Market risks for Aktia Bank are divided into interest rate, spread, foreign exchange rate, and equity risks. The life insurance company is exposed to interest rate, spread, foreign exchange rate, equity, real estate, and concentration risks. The life insurance company's market risk is related to the interest rate risk in technical provisions in addition to the investment assets.
Risk profile
Aktia's market risk is mainly a structural interest rate risk in the balance sheet, while exchange rate risk is low as lending and funding are mainly euro-denominated. No trading activities are carried out by the Group. Aktia is also exposed to market risk in its investment activities both within the bank and within Aktia Life Insurance. The Bank Group aims for low market risks and low volatility in its earnings.
Operational risk is defined as the risk of loss arising from inadequate, unclear or failed internal processes, inadequate or unclear internal rules, deficient or unreliable systems, and inadequate or unreliable information, as well as those caused by personnel – including through human error – or external event, and is divided into four risk categories: operational risk in operations, compliance risk, financial crime risk and ICT risk.
Risk profile
The Board of Directors confirms the risk appetite for the different risk categories annually. In 2025 the risk appetites were the following:
- The risk appetite for operational risk in business operations is mainly moderate.
- The risk appetite for compliance risk is mainly low.
- The risk appetite for financial crime risk is mainly low.
- The risk appetite for ICT risk is mainly low.
In particular, the provision of risk insurance products poses insurance risks, such as risks related to reduced or extended life expectancy, disability and illness risk, cost parameter risk, customer behaviour risk and catastrophe risk arising from a large number of insured events realised simultaneously.
Risk profile
The risk management of insurance products is primarily based on successful underwriting and careful monitoring of the profitability and risk ratios of products. In addition, the company uses reinsurance to limit the risks related to major individual large insured events and to reduce result volatility.
Interest rate risk in the banking book (IRRBB) refers to the current or anticipated impact on earnings or capital due to adverse interest rate movements. Structural interest rate risk arises from repricing mismatches of assets and liabilities, option risk and from interest rate risk related to changes in the shape and dynamics of the yield curve. IRRBB is measured using the six standardised interest rate shock scenarios outlined in the EBA Guidelines, supplemented by internally defined shock scenarios. Negative interest rate shocks are floored in accordance with the EBA Guidelines.
Funding and liquidity risk imply a risk that the Group will not be able to meet its payment obligations, or could only do so at high cost, and is defined as the availability and cost of refinancing, as well as differences in maturity between assets and liabilities. Funding risk also arises if funding is largely concentrated in individual counterparties, instruments, or markets.
Risk profile
To ensure market-related refinancing, the bank strives to maintain a diverse range of funding sources and an adequate diversification across different markets and investors. Aktia maintains a liquidity buffer for which a target is set annually by the Board of Directors. The liquidity buffer consists almost entirely of securities which are eligible as pledges to the central bank. Aktia's appetite for liquidity risk is low.
Other risks include business risk, strategic risk, and reputational risk. Business risk refers to the risk of decreased income and increased costs due to decreasing volumes, price pressures or competition. Strategic risk is closely related to business risk and is defined as risk of losses due to mistaken business decisions or failure to react to the changes in society, regulatory system, or the banking sector, while reputational risk is a decline in confidence towards the Group due to negative publicity. Risks in sustainability of operations, and risks in environmental, social and governance issues affect all operations of Aktia.
Risk profile
Business and strategic risk are predominantly risks that, when realised, have an impact on the Group's performance and profitability. Reputational risk is similar but may also have an impact on the Group's liquidity. Business risk and strategic risk are reduced by diversification in operations. Some strategic risks may also be realised as operational risk incidents and they are managed by the same measures as mentioned above. Corporate responsibility is a crucial aspect of Aktia’s operations in the short term and the long term. Corporate responsibility is one of the pillars in Aktia’s strategy. Aktia aims to be a solvent, reliable and environmentally responsible partner for economic well-being and the most attractive workplace in the business.
Internal governance and risk management
The system of internal governance is designed to ensure that the activities of the Aktia Group comply with the applicable regulatory requirements and the operational guidelines adopted by the Board. Aktia applies the “Three Lines of Defence” methodology to internal governance and risk management.
Internal governance is thus implemented at all levels of the organisation. Ensuring the appropriate and effective organisation and adequate risk management and internal governance is part of the duties of the Board of Directors of Aktia Bank Plc.
The primary responsibility for internal governance and risk management lies with the business operations and its support functions, i.e. the first line of defence.
The second line of defence, with a supporting control responsibility, consists of the independent Risk Control Function and Compliance Function. In addition, the Group's insurance company has an independent actuarial function and risk management function, and the fund company has a risk management function.
The third line of defence, Internal Audit, is a separate and independent function from the other functions. Through this function, the Group's Board of Directors ensures that the internal control, together with related risk management in the business operations, is properly organised within the Group. The control functions report to the Board of Directors of the relevant company.
The Board determines principles, instructions, risk strategies and risk appetite in the Group, and thus establishes a framework for risk management for Aktia Group.
The key principles for risk management in Aktia Group as well as the processes and internal governance are described in detail in the Pillar III Report.