Internal control and risk management covers all operations
The aim of internal control and risk management is to ensure that we can perform our task and manage our business as smoothly, efficiently and reliably as possible.
Internal control and risk management ensures smooth operations
The Act on Employment Pension Insurance Companies requires us to maintain internal control and risk management operating principles. Our operating principles are approved by the Board of Directors.
Internal control and risk management covers all of our operations. Clear roles and responsibilities guide our internal control and risk management, which also includes compliance activities.
Our Board of Directors bears overall responsibility for the adequacy of internal control and risk management. Our President and CEO is responsible for the organisation, guidance and practical arrangement of internal control and risk management. The Board of Directors annually assesses the effectiveness of our internal control and risk management.
Business divisions and support operations
Our business divisions and support operations are responsible for the internal control and risk management for their own activities.
Independent risk control functions
Our independent risk control functions prepare and develop risk management principles and assist the business divisions and support operations in ensuring the effectiveness and adequacy of risk management. Our independent risk control functions cover the monitoring and assessment of the risks related to all of the company’s operations, i.e. investment, insurance, business, operational and compliance risks.
Internal audit
Our internal audit assesses the adequacy of our internal control and risk management.
Both the internal audit and the independent risk control functions report on their findings directly to Ilmarinen’s Board of Directors and the Board’s Audit and Risk Management Committee.