The Group’s control and management model aims to ensure the independence of risk reporting, in which responsibilities and roles in day-to-day risk management are stres- sed in particular.
SpareBank 1 Nord-Norge has for many years invested a great deal of resources in the development of effective processes for the identification, measurement and manage- ment of risk, under its own direction and through the SpareBank 1 Alliance.
All managers are responsible for maintaining a full overview of the risk picture in their own business area and/or area of expertise at any given time. In order to satisfy the Group’s primary goals, the Group has chosen to divide the risk management process into three parts:
An important foundation for effective risk management is a risk culture with a high de- gree of risk awareness and risk management throughout the entire Group. To achieve this every employee must have a good under- standing of his or her activities and actions, as well as the associated risks.
Responsibility for ongoing risk management is divided between the Board, boards of the subsidiaries, executive management, speci- alist advisers and general management. Risk management and control are part of Spare- Bank 1 Nord-Norge’s corporate governance, which is described in the chapter ’Corporate governance’. The emphasis is on personal
responsibility and authority in the manage- ment structure, and independence between the business areas, and the departments and the people who monitor them.
The Board in SpareBank 1 Nord-Norge be- ars overall responsibility for the Group’s risk exposure and management, and setting overall targets such as risk profiles, return targets and the allocation of capital. The Board also stipulates the overall limits, authorisations and guidelines for risk ma- nagement in the Group, and all significant aspects of the risk management models and decision-making processes.
In order to ensure an effective and ade- quate process for risk and capital mana- gement, the framework reflect the man- ner in which the Board and the executive management team run the Group. • Strategic goals
• Organisation and organisational culture • Identification of risk
• Risk analysis • Risk strategies • Capital management
(including return and capital adequacy) • Reporting
• Follow-up • Contingency plans • Compliance
In the risk and capital management process, corporate culture provides the foundation for the other elements. The corporate culture includes management philosophy, mana- gement style and the integrity, core values and ethical attitudes of the people in the or- ganisation. It is difficult to compensate for an inadequate corporate culture using other control and management measures. Spare- Bank 1 Nord-Norge has therefore established clear core values and a code of conduct, and made the entire organisation aware of them. The Board’s duties are set out in an annual plan that is revised every year. This ensures that the Board has sufficient time for, and focus on, their key assigned duties. The chief executive is responsible for the Group’s risk management, including the development of efficient management sys-
tems, internal control and continuous fol- low-up, delegating authority in the mana- gement structure, and reporting to the Board.
The business areas are responsible for over- all risk management within their own area. Managers must establish and execute res- ponsible risk management within their areas of responsibility and make sure that this management is actively exercised in accor- dance with the Bank’s risk management policy, management structure, instructi- ons and routines.
The Risk Management and Compliance Department is organised independently of the business areas and reports to the chief executive. The department bears overall responsibility for risk management, inter- nal control and the Group’s compliance with rules and provisions, including re- sponsibility for the Group’s risk models and the further development of effective risk management systems.
The Credit Department is responsible for the preparation and maintenance of targets, strategies, guidelines and routines, ope- rative management and follow-up of the Group’s credit operations and credit risk management. The department performs an independent role in relation to the busi- ness areas and local banks.
The Internal Audit is tasked with providing objective advice to the Board and mana- gement concerning the Group’s risk ma-
nagement and formulation of controls, as well as compliance with established routi- nes, procedures and guidelines. An exter- nal supplier of auditing services bears pro- fessional responsibility for the Group’s in- ternal auditing function, which ensures in- dependence, competence and capacity. The Group Credit Committee makes re- commendations on all grants of credit that will be considered by the Board. The com- mittee plays a central role in the formulati- on of the Group’s credit strategies, policies and regulations.
The Balance Sheet Committee is chaired by the Chief Financial Officer. The committee deals with matters related to the manage- ment of market and financial risk, and is responsible for ensuring compliance with the Board’s adopted limits. The committee also follows up and stipulates the transfer pricing of capital and the capital structure. The Validation Committee is chaired by the Chief Risk Officer. Its main duties are to en- sure that:
• The IRB system is adapted to the portfolios on which it is used • The assumptions on which the IRB
system is based are reasonable • The IRB system is well-integrated
throughout the organisation and is a key part of the Group’s risk manage- ment and decision-making process • SpareBank 1 Nord-Norge complies with the Norwegian FSAs Capital Requirements Regulations Strategic goals Organisation and organisational culture Riks management- strategies Stress tests Capital management Risk analysis Reporting Risk- identification Follow-up
Liquidity Capital adequancy Operations ICT Growth Capital marked Strategic equity stakes Operational activities
Return Capital adequancy
• Return on equity
• Risk adjusted return Regulatory Internal CET1 Core capital adequacy Creditor protection Contingency plans Strategies
Risk Management and Compliance Policy Strategic goals Organisation and organisational culture Riks management- strategies Stress tests Capital management Risk analysis Reporting Risk- identification Follow-up
Liquidity Capital adequancy Operations ICT Growth Capital marked Strategic equity stakes Operational activities
Return Capital adequancy
• Return on equity
• Risk adjusted return Regulatory Internal CET1 Core capital adequacy Creditor protection Contingency plans Strategies
Risk Management and Compliance Policy Strategic goals Organisation and organisational culture Riks management- strategies Stress tests Capital management Risk analysis Reporting Risk- identification Follow-up
Liquidity Capital adequancy Operations ICT Growth Capital marked Strategic equity stakes Operational activities
Return Capital adequancy
• Return on equity
• Risk adjusted return Regulatory Internal CET1 Core capital adequacy Creditor protection Contingency plans Strategies