The term risk management refers to systematically assess, identify, analyse and mitigate risks. The aim is to ensure that the capital base is sufficient in relation to risk exposure, that fluctuations in financial profits and asset valuations remains within targets and limits set, and that pricing of risk is correct in order to achieve sustained profitability. Aktia Bank pursues a conservative risk policy, and risk management has a central role in all the activities of the organisation.
Roles and responsibilities of risk management
The Board of Directors have the primary responsibility for risk management in the Group. Risk-taking is regulated by the Board of Directors through guidelines and capital allocation for major risk activities and business units as part of the Group's strategy as well as through organising risk management within the Group through instructions, internal control and capital management process. In addition to these general principles, Aktia Bank's process for managing risk is based on the three-lines-of-defence model
The first line of defence – Business lines
The first line of defence comprises of business lines. Risk management is a part of internal control and, therefore, the business line management bears the responsibility for risk management measures. The persons with line management are responsible for establishing processes and competence for risk management and internal control, including identifying and analysing risks and making decisions on how risk will be managed through pricing, covenants, collateral or other risk mitigating measures.
The second line of defence – Risk Control and Compliance
The second line of defence comprises of control functions independent from the business lines, i.e. Risk Control function and Compliance function responsible for developing, maintaining and monitoring the framework for risk management.
Risk Control function develops, maintains and monitors instructions and limits for risk-taking, assesses and analyses risk exposures, estimates the need for economic capital, manages capital allocation and monitors how risk management is realised in the business lines..
Compliance function is responsible for ensuring compliance with laws, regulations and rules in the Group's business activities, supporting business management in implementation of internal rules and regulations as wells as identifying, assessing and reporting risks related to shortcomings in compliance.
The third line of defence – Internal Audit
The third line of defence comprises of the Internal Audit function which is independent and separate from other units and functions, ensuring that an appropriate level of internal control and risk management is maintained within the Group. Internal Audit also contributes to developing business operations. Internal Audit reports directly to the Board of Directors.
The Aktia Group operates in banking, asset management, life insurance and real estate agency services. Risks and risk management are a substantial feature of the Group's operating environment and business activities.
The main risk areas in banking are credit risk, interest rate and liquidity risk, and within life insurance activities, market and interest rate risk. Business risks and operational risks apply to all business areas. Aktia Bank pursues a conservative risk policy.