Internal supervision and risk management
Profitable business requires that Privanet supervises its activities constantly. Arranging efficient and dependable internal supervision is a central part of professional management based on healthy and cautious business principles. The parent Company of the Group, Privanet Group Plc, has the main responsibility for seeing to it that the internal supervision of Privanet Group is sufficient and in proportion to the risks involved in business operations.
At Privanet internal supervision is a fixed part of our daily business. Privanet’s internal supervision is executed by, each on their own areas of responsibility, the Boards, CEOs and other management of Privanet companies, as well as the entire staff of Privanet Group.
Risk management is an essential part of internal supervision. The purpose of risk management is to ensure that significant risks are identified, evaluated and measured, and that they are observed and managed as a part of daily business management.
Privanet’s risk management, compliance, and internal supervision functions and the accounting department participate in executing and supervising Privanet’s internal supervision and risk management.
The Board has confirmed the principles of internal supervision and risk management, and the compliance function and internal inspection, where the goals, duties, areas of responsibility, organization, and reporting relationships of each function are described in detail. At least once a year The Board evaluates whether these principles are functional and up to date.
Risk management function
Risk management function tasks are primarily the responsibility of the CEO of each Privanet company. Risk management is executed in a centralized manner by a risk management body independent of the business activity of Privanet Group Plc. Its members include e.g. the CEOs of each Privanet company, the CFO of the Group, and the Compliance Officer. The risk management body reports to the CEO, who in turn reports matters related to risk management to the Board. Organizing risk management in the manner previously described has been deemed appropriate, considering the size of the Privanet organization and the quality and volume of its business.
The risk management body controls, alongside and with the CEOs, the Companies’ compliance with the principles and risk strategies accepted by the Board, evaluates Group risks and observes their implementation, and supervises the functionality of Privanet’s risk management. The main responsibilities of the risk management body include:
- identifying and evaluating central risks periodically and at least once a year,
- evaluating the impact of unusual circumstances (stress tests)
- continuity planning,
- evaluating risks involved in new products and services before they are introduced,
- maintaining and developing the principles, procedures and directives of internal supervision, financial stability management, and risk management, and preparing them to be certified by the Board and
- developing methods of risk evaluation, measurement, and control.
The risk management body performs a process of identification and analysis of the operative risks involved in Privanet’s business activities at least once a year, and also periodically evaluates risks directed at Privanet concerning money laundering and funding terrorism.
Privanet has in its internal instructions confirmed the principles and procedures for identifying and managing business and strategic risks, operative risks, risks related to its business environment, as well as centralization, credit, market, and liquidity risks.
The purpose of the compliance function is to ensure compliance with industry regulations, orders, and instructions at Privanet, and to increase awareness of Privanet’s management and the entire organization about current regulations and procedural requirements. The compliance function assists Privanet’s management in risk management (especially with compliance-related risks), and performs an evaluation of Privanet’s compliance-related risks at least once a year. The compliance function aims at developing internal procedures that help ensure compliance with rules as effectively and appropriately as possible.
The compliance function is managed in a centralized manner from the parent company Privanet Group Plc, and it functions independently from the Board, active management, and business units. The compliance function performs supervision not only as a part of daily business, but also through inspections set in the Board’s inspection plan. The compliance function also reports their observations to the CEO and the Board.