Risk management and control

Managing risk is an integral part of Gjensidige’s day-to-day operations. Identification, assessment, management and control of risk exposure as well as analyses of the effects of potential strategic decisions on the risk profile are an essential part of operations. The aim is to ensure that the level of risk-taking is in keeping with the approved risk appetite and to enhance value creation.

Group policy on Risk management and internal control

Risk management system

The Group’s control functions are organised on the basis of the principle of three lines of defence, as illustrated below.

Risk_Management_system

 
1. line: Risk management and internal control 2. line: Assess, evaluate and advice, quality assurance, quantification/aggregation of risk 3. line: Independent function, confirm and give advice on risk management, internal control system, corporate governance

 

Risk management functions

The Board’s responsibilities

The Board has overall responsibility for ensuring that the level of risk-taking in the Group is satisfactory relative to the Group’s financial strength and willingness to take risks, and it has adopted a risk appetite statement that covers the most important types of risks. This entails ensuring that necessary governing documents, procedures and reporting are in place in order to secure satisfactory risk management and compliance with laws and regulations and that the risk management and internal control efforts are appropriately organised and documented.

CEO’s responsibilities

The Group CEO is responsible for overall risk management in the Group. The Group’s capital committee has an advisory role with regard to the assessment and proposal of changes in use of capital. Similarly the Group’s risk committee has a supervisory role with regard to the Group’s total risk situation and an advisory role in relation to the group CEO with regard to risk management. Both committees are chaired by the group CEO. Responsibility for ongoing risk management is delegated to the responsible line managers in their respective areas.

Risk Management function

The risk management function is responsible for monitoring and developing Gjensidige risk management and internal control system. In addition, the function shall have an overview of the risks Gjensidige is or may be exposed to, and what this means for the group solvency.

Compliance function

The compliance function shall detect and prevent risks related to compliance with external and internal regulations. The risk management function and compliance function is headed by the Chief Risk Officer, and reports to Group CEO when it comes to subject matters.

Actuary function

The actuary function is responsible for coordinating the calculation and control of the technical provisions of insurance companies. The responsibility is centralised in the Group 's Actuary department.

Internal Audit

The Group has an independent internal audit function, which monitors that the risk management and internal control systems function. The audit function reports directly to the Board.

Capital management

Gjensidige’s minimum capitalisation is determined on the basis of the strictest of three criteria: Regulatory requirements, rating requirements and internal risk-based requirements. The Group has a strong capitalisation seen from all three of these perspectives.