At Investor, risk management is an integral part of the Group’s processes, which means that control and responsibility for control is close to the business operations. The main identified risks at the Investor Group are commercial risks, financial risks (market risks, credit risks, liquidity risks and financing risks), operational risks and legal and regulatory risks.

The Board is ultimately responsible for the company’s risk management activities. The work of the Board’s Finance and Risk Committee and Audit Committee is dedicated to risk management issues. Risk instructions and policies constitute the framework for risk management and this framework and any resulting activities are reviewed and evaluated no less than once a year by the Board.

Investor’s Risk policy sets measurement and mandates for market risks for the short trading, the excess liquidity and financing activities. The policy also outlines principles for foreign exchange risk management in connection with investments and cash flows in foreign currency, measurements and limits for credit risks and principles to minimize legal, regulatory and operational risks in the business.

The Board of each operating subsidiary is responsible for ensuring the efficiency of the operating subsidiary’s internal regulations, internal controls, risk management and financial reporting, as well as reporting on these items to respective company’s Board of Directors. Investor’s Board representatives provide this information to Investor’s investment organization, where analysis and follow-up take place.

Control Functions

The Risk Control Function identifies and monitors the risks that Investor is exposed to. This function is responsible for all internal reporting of Investor’s significant risks at the aggregate level. The Risk Control function reports to the Finance and Risk Committee. Furthermore, this function is responsible for coordinating risk management work in the business, developing awareness of different types of risk and contributing to the creation of a healthy culture in connection with risks and risk management.

The Compliance function supports Investor’s compliance with laws and regulations, and maintains internal regulatory systems to this end. The Compliance function reports to the Finance and Risk Committee.

The Internal Control function provides objective support to the Board on matters relating to the internal control structure, partly by investigating major areas of risk an partly by performing reviews and follow-ups in selected areas. The function works proactively by proposing improvements in the control environment. The Internal Control function plans its work in consultation with the Audit Committee, Management group and the external auditor.

Risk Assessment

The identification and evaluation of the Group’s risks are carried out on an annual basis at Investor. The annual risk assessment encompasses all of the Group’s processes. It is carried out as a self-evaluation and includes setting action plans to mitigate the identified risks.

Using each business area’s risk assessment as its basis, the Audit Committee then decides which of the identified risks the Internal Control should focus on during the coming review period. Follow-up measures for other risks are monitored by the Finance and Risk Committee. More information about risk management and internal control can be found in the Corporate Governance Report .

The continuous risk assessment