Risk manage­ment and inter­nal control

Risk manage­ment and inter­nal control

Internal control

Internal control means all activities that ensure that Mandatum Group’s businesses are carried out towards desired targets in accordance with desired policies and practices and in compliance with applicable legal and regulatory requirements. Accordingly, the tasks of internal control are performed by different actors starting from the top management.

In order to ensure the proper running of operations, Mandatum plc’s Board has approved Group-level policies and guidelines concerning corporate governance, financial target setting, remuneration, risk management, compliance, reporting and internal audit in conformity with and supplementing the existing legal and regulatory framework. With the policies and guidelines Mandatum plc’s Board directs the Group’s activities towards desired practices and, with appropriate control mechanisms provided by the policies, ensures that potential deviations are discovered without undue delay.


Financial reporting

Mandatum Group’s financial reporting process aims to ensure that the executive management have timely and reliable information supporting their decision-making, and that external stakeholders can also rely on the financial information provided to them.

Mandatum’s financial reporting process
Mandatum’s Group-level financial reporting is organised under the Management Accounting and Group Accounting units operating under the Group Chief Financial Officer. The Management Accounting unit is responsible for preparing and monitoring the Group’s and parent company’s strategic targets and forecasts and for monthly earnings monitoring and reporting.


Non-financial reporting

Mandatum plc is committed to developing the sustainability activities of the Group, as well as the related reporting, targets and target monitoring in line with the Group’s internal and external stakeholders’ interests and expectations.

Mandatum plc’s Board of Directors has the responsibility for and ultimate oversight of Group level sustainability, covering the entire range of environmental (including climate change), social, and governance (ESG) aspects. The Board has assigned its Audit Committee to monitor Mandatum Group’s sustainability reporting and activities.

At Mandatum, various business areas, operational departments, and units are actively involved in the Group’s sustainability endeavours and reporting.

Non-financial disclosures according to the Non-Financial Reporting Directive (NFRD) are published annually, starting in Spring 2024.


Risk management

The Board of Directors of Mandatum plc is responsible for ensuring that the Group’s risks are properly managed and controlled. The Board establishes both the risk management policies and closely connected remuneration principles and provides guidance on the risk management governance structure and internal control in the business areas. Working within the framework of these principles and guidelines, the subsidiaries tailor their risk management practices to take account of the special features of their respective business activities. The Board makes decisions on strategy, performance targets and overall guidelines regarding risk-taking and capital management.

The risk management strategy of Mandatum plc and all of its subsidiaries consists of ensuring a sound and well-understood risk culture in each company and ensuring that risks are known, assessed, managed, monitored, and reported and in the correct proportion related to their effect on short-term and long-term financial results. Moreover, the strategy aims to ensure the Group companies hold adequate buffers to regulatory capital requirements and maintain operational capabilities also under financial turmoil. Successful risk management supports the general efficiency, safety and continuity of the operations and secures Mandatum’s reputation and reliability in the eyes of customers and stakeholders.

More information is available in Mandatum Group’s risk management policy.

More detailed information on Mandatum’s risk management is available in the Risk Management Report.


Mandatum Group’s risk management governance framework

Mandatum plc Risk Management Organisation.png


At Mandatum, compliance is at the core of all activities and the responsibility of each Mandatum employee. The purpose of the compliance function is to support business activities, ensuring the compatibility with applicable norms of all Group activities in an ethically sustainable manner.

The starting point of the Mandatum Group compliance principles is that compliance with norms is an established part of Mandatum’s corporate culture, and the principles ensure that compliance activities are properly organised, and that Mandatum is capable of responding to the changing requirements of the business environment. In addition to public compliance principles, the Group companies’ Boards have approved an internal compliance policy that concerns the arranging of the compliance function and its responsibilities in the Mandatum Group.

The independent second line compliance function is part of Mandatum’s governance and risk management system and internal control. The compliance function supports Mandatum’s Boards of Directors, Audit Committee and management, ensuring that Mandatum Group companies have the internal guidelines, processes, resources and tools they need to comply with binding laws, regulations and guidelines. The compliance function is also involved in identifying the organisation’s risks by assessing the compliance risks.

Further information is available in Mandatum Group’s compliance principles.


See also: Internal audit

See also: Insider administration and related party transactions