Risk management
Risk Management is an independent unit and reports to the CEO. Risk Management had 30 full-time employees at the end of 2016. The division is managed by Gísli S. Óttarsson, Chief Risk Officer.
Risk Management is divided into four departments.
Credit Analysis monitors and supports the Bank’s credit decisions and credit granting processes from loan application to loan disbursement. The department is Risk Management’s primary interface with the Bank’s credit committees and prepares opinions on all credit applications that are submitted to the credit committees.
Credit Control monitors weak and impaired credit exposures on a customer-by-customer basis, determines the appropriate level of provisioning and reports provisioning and write-offs to the ACC. Credit Control also monitors the portfolio credit risk such as single name and industry-sector concentrations and furthermore monitors financial relationships of obligors and the large exposures to financially related obligors.
Balance Sheet Risk is responsible for analyzing, monitoring and reporting on risks resulting from balance sheet mismatch, including capital and is responsible for carrying out the Bank’s Internal Capital Adequacy Assessment Process (ICAAP) and Internal Liquidity Adequacy Assessment Process (ILAAP). It is also responsible for developing and running credit rating models and stress tests.
Operational Risk is a part of the Bank's second line of defence and monitors the risks associated with daily operations. The department supports the Bank´s departments’ measures for internal control and is responsible for implementing risk control self-assessments, listing loss events and supervising work procedures.
The Bank’s Data Officer belongs to Risk Management and his role is to organize and implement improvements in data management and data governance for the Bank as a whole.
Further information on the Bank’s risk management is provided in the section on Risk management and in the Pillar 3 Risk Disclosures 2016 report.
Compliance
Compliance is an independent unit which reports directly to the CEO and works in accordance with a special charter from the Board. At the end of 2016 there were 7 full-time equivalent positions in Compliance. The Compliance Officer is Hákon Már Pétursson.
The role of Compliance is to apply effective precautionary measures to ensure that Arion Bank complies at all times with the law, regulations and good business practices, and to foster an affirmative corporate culture in this respect.
- Compliance provides a comprehensive overview of the current legal requirements and responsibilities and encourages employees to know and understand their duties and to ensure that they receive the appropriate instruction, advice and information on the requirements made at any given time.
- Compliance endeavours to ensure that internal control is effective and that any abnormalities are dealt with.
- Compliance tries to ensure that the Bank’s services are not misused and that the Bank knows its counterparties, the nature of all business relationships and its duties in this regard.
- Compliance advocates transparency and makes sure that reporting to customers, investors and the authorities is of the requisite standard.
- Compliance encourages the responsible handling of confidential information.
Internal Audit
The Internal Auditor is appointed by the Board of Directors and reports directly to the Board. The Board sets the Internal Auditor a charter which lays out the responsibilities associated with the position and the scope of the work. The mission of the Internal Auditor is to provide independent and objective assurance and advice designed to add value and improve the Bank's operations. Internal Audit had eight employees at the end of 2015. The Internal Auditor is Lilja Steinthórsdóttir.
The scope of the audit is the Bank, its subsidiaries and pension funds serviced by Arion Bank. The audit is governed by the audit charter, directive No. 3/2008 issued by the FME on the internal audit function in financial institutions and international standards on internal auditing. All audit work is completed by issuing an audit report with deadlines for the implementation of audit findings. Implementations are followed up by the Internal Audit every quarter.
Customers' Ombudsman
The Customers' Ombudsman is appointed by the Chief Executive Officer. The role of the Ombudsman is to ensure fairness and objectivity, prevent discrimination against the customer and make certain that the process for handling cases is transparent and documented. The Customers’ Ombudsman examined 160 cases in 2016, compared with 185 cases in 2015. The Customers' Ombudsman is Helgi G. Björnsson.