Corporate Governance Statement of Arion Bank hf.
This Corporate Governance Statement is designed to help foster open and honest relations between the Board of Directors, shareholders, customers and other stakeholders, such as the Bank's employees and the general public. Corporate governance provides a basis for responsible management and decision-making, with the objective of generating lasting value.The Corporate Governance Statement of Arion Bank hf. (Arion Bank or the Bank) is based on legislation, regulations and recognized guidelines which are in force at the time Bank's financial statement is adopted by the Board of Directors. This statement has been prepared in accordance with Article 19 (3) of the Financial Undertakings Act No. 161/2002 and Guidelines on Corporate Governance, 4th edition, issued by the Icelandic Chamber of Commerce, NASDAQ Iceland hf. and the Confederation of Icelandic Employers in March 2012.
Legal and Regulatory Framework
Arion Bank is a financial institution which operates in accordance with Financial Undertakings Act No. 161/2002. The Bank is a universal bank which provides a comprehensive range of financial services relating to savings, loans, asset management, corporate finance and capital markets. The Bank has issued financial instruments which have been admitted for trading on regulated securities markets, in Iceland, Norway and Luxembourg, and is therefore subject to the disclosure requirements of issuers pursuant to the Securities Transactions Act No. 108/2007 and the rules of the relevant stock exchanges.
The Financial Supervisory Authority (FME) supervises the operations of Arion Bank in accordance with the provisions of Act No. 87/1998 on the Official Supervision of Financial Operations. Further information on the FME and an overview of the legal and regulatory framework applicable to the Bank can be seen on the FME’s website, www.fme.is. Numerous other pieces of legislation apply to the Bank’s operations.
Internal Control, Auditing and Accounting
Internal Control at Arion Bank is organized into three lines of defence with the aim of ensuring effectiveness, defining responsibility and coordinating risk management. This structure is also designed to foster a sense of risk awareness and responsibility among all employees of the Bank.
The set-up distinguishes between the following roles:
- People who bear and manage risk
- People who monitor and check internal controls
- People who perform an independent survey of the effectiveness of internal controls
The first line of defence is made up of people who have day-to-day supervision of the relevant business and its organization. They are responsible for maintaining effective internal controls and managing risk in day-to-day operations. This involves identifying and evaluating risks, putting in place appropriate management tools and countermeasures and supervising the implementation of internal rules and processes, while also ensuring that everything is in compliance with established rules and procedures so that objectives are met. Finally, they are responsible for taking appropriate corrective action in response to conceivable failures or deficiencies.
The second line of defence is set up to ensure that the first line of defence has established adequate internal controls and that it works as intended. Risk Management and Compliance are the main participants in the second line of defence, although other units may also be assigned specific monitoring roles.
The third line of defence is Internal Audit, which keeps the Board and management fully informed of the quality of corporate governance, risk management and internal controls, including how the first and second lines of defence meet their objectives, and by performing independent and objective audits.
Compliance and measures against money laundering and terrorist financing
Arion Bank seeks to detect any risk of failure to fulfil its legal obligations and has taken appropriate measures to minimize such risks.
The Bank employs an independent Compliance Officer in accordance with a charter from the Board of Directors. The role of the Compliance Officer includes the following:
- To monitor and regularly assess the adequacy and effectiveness of measures and actions designed to minimize the risk of failure to fulfil the Bank’s obligations under the Securities Transactions Act and the Act on Measures against Money Laundering and Terrorist Financing.
- To provide the employees of the Bank with the necessary training and advice to enable them to fulfil their and the Bank’s obligations under the Securities Transactions Act and the Act on Measures against Money Laundering and Terrorist Financing.
- To investigate and notify the police of any suspicion of money laundering or terrorist financing and notify the FME of any suspicion of market abuse. The Compliance Officer also conducts independent investigations if there is any suspicion of a violation of the Competition Act.
The Compliance Officer reports directly to the CEO and provides the CEO with regular reports about his work. The Compliance Officer gives the Board of Directors an annual report and also reports to the Board Audit and Risk Committee on a quarterly basis. The Compliance Officer may refer cases directly to the Board if deemed necessary.
The Compliance Officer also undertakes outsourced tasks from Stefnir hf. and certain pension funds.
Compliance had six employees at the end of 2014.
A central feature of the activities of all financial companies is carefully calculated risk-taking according to a predetermined strategy. Arion Bank thus takes risk which is compatible with its risk appetite which is regularly reviewed and approved by the Board of Directors. The Bank’s risk appetite, set by the Board, is translated into exposure limits and targets that are monitored by Risk Management. The Board is responsible for Arion Bank’s internal capital adequacy assessment process, the main objective of which is to ensure that Arion Bank understands its risk profile and has systems in place to assess, quantify and monitor its total risk exposure.
Risk Management is managed by the Chief Risk Officer. The division is an independent unit and reports directly to the CEO. Risk Management comprises five departments whose role is to analyze, monitor and regularly report to the CEO and Board of Directors on the risks faced by the Bank.
The Internal Auditor is appointed by the Board of Directors and reports directly to the Board. The Board sets the Internal Auditor a charter which lays out the responsibilities associated with the position and the scope of the work. The mission of the Internal Auditor is to provide independent and objective assurance and advice designed to add value and improve the Bank’s operations. The scope of the audit is the Bank, most of its subsidiaries and pension funds serviced by Arion Bank.
The audit is governed by the audit charter, directive No. 3/2008 issued by the FME on the internal audit function in financial institutions and international standards on internal auditing. All audit work is completed by issuing an audit report with deadlines for the implementation of audit findings. Implementations are followed up by the Internal Audit every quarter.
Internal Audit had eight employees at the end of 2014.
Auditing and accounting
The Bank’s Finance division is responsible for the preparing the accounts and this is done in accordance with the International Financial Reporting Standards (IFRS). The Bank publishes its financial statement on a quarterly basis and management statements are generally submitted to the Board 10 times a year. The Board Audit and Risk Committee examines the annual financial statement and interim financial statements, while the external auditors review and audit the accounts twice a year. The Board Audit and Risk Committee gives its opinion on the accounts to the Board of Directors, which then approves and endorses the accounts.
The Customers’ Ombudsman is appointed by the Chief Executive Officer. The role of the Ombudsman is to ensure fairness and objectivity, prevent discrimination against the customer and make certain that the process for handling cases is transparent and documented. The Customers' Ombudsman examined 202 cases in 2014, compared with 186 cases in 2013.
Cornerstones, code of ethics and corporate social responsibility
Arion Bank’s Cornerstones are names used to describe its core principles. The Cornerstones are designed to provide guidance when making decisions and in everything else employees say and do. They refer to the Bank’s role, attitude and conduct. Arion Bank’s Cornerstones are: We make a difference. We get things done. We say what we mean.
The management and employees of Arion Bank are conscious of the fact that the Bank’s activities affect different stakeholders and society at large. The Bank’s code of ethics is designed to serve as a key to responsible decision-making at Arion Bank. The code of ethics is approved by the Board of Directors.
One of the fundamental principles of corporate social responsibility is to align the interests of companies with those of the wider community. Arion Bank is a responsible member of Icelandic society and as such takes an active role in its construction and future development. Corporate social responsibility means that the Bank must perform its role conscientiously, ensuring that its customers receive first-rate services and get the support they need. In addition Arion Bank supports a select number of causes which it believes benefit and improve the community, such as: Innovation, environmental issues, financial education, sports, culture and charities. Many of these projects require the active participation of employees, which is the key to achieving results.
Board of Directors and Committees
The main duties of the Board of Directors of Arion Bank are to manage the Bank between shareholders’ meetings and as further described in the law, regulations and articles of association. The Board tends to those operations of the Bank which are not considered part of the day-to-day business, i.e. it makes decisions on issues which are unusual or of a significant nature. One the Board’s main duties is to supervise the Bank’s activities. The Board of Directors meets at least ten times a year. The rules of procedure of the Board of Directors and its subcommittees take into account the law and the aforementioned Guidelines on Corporate Governance. The rules of procedure of the Board of Directors can be found on the Bank’s website. In other respects the Board of Directors works in accordance with the laws and regulations in effect at any particular time and its role is defined in detail in the rules of procedure of the Board of Director, which have been established on the basis of Article 54 (2) of the Financial Undertakings Act, Article 70 (5) of the Public Limited Companies Act No. 2/1995, FME Guidelines No. 1/2010, and the articles of association of the Bank.
One of the main duties of the Board of Directors is to appoint a Chief Executive Officer who is responsible for the day-to-day operations in accordance with a strategy set out by the Board. The Board of Directors and the Chief Executive Officer shall carry out their duties with integrity and ensure that the Bank is run in a healthy and normal manner with the interests of the customers, the community, the shareholders and the Bank itself as a key consideration, cf. Article 1 (1) of the Financial Undertakings Act. The Chief Executive Officer shall ensure that the Board receives sufficient support to carry out its duties.
The Board of Directors is elected for a term of one year at the company's annual general meeting. At Arion Bank’s last annual general meeting on 20 March 2014, seven directors and three alternates were elected to the Board of Directors. The elected Board Directors have diverse backgrounds and extensive skills, experience and expertise. On 9 December Björgvin Skúli Sigurdsson stepped down from the Board of Directors. He was replaced by Brynjólfur Bjarnason who was elected to the Board at a shareholders’ meeting on 20 November 2014.
Information on the independence of Directors was sent to shareholders before the shareholders' meeting and the information was published on the Bank's website after the general meeting. The meetings of the AGM and shareholders’ meetings are sent to the shareholders following the meeting but have not been published on the Bank’s website because of the current shareholder structure.
In 2014 the Board of Directors met on 11 occasions. An alternate was called to attend a meeting on two occasions: once due to the inability of a Director to attend and the other time due to changes in the Board.
The Chairman directs and is responsible for the work of the Board. The Chairman chairs Board meetings and ensures that there is enough time is allocated to the discussion of important issues and that strategy issues are discussed thoroughly. The Chairman is not permitted to undertake any other work for the Bank unless part of the normal duties of the Chairman.
At the first scheduled meeting of the new Board following the AGM the Board appoints members to each of its sub-committees and assesses whether it is necessary to appoint external members to certain committees in order to bring in a greater level of expertise. One of the committee members in the Board Audit and Risk Committee, Gudjón Gústafsson, is not a Board Director and is independent of the Bank and its shareholders. The Board sub-committees are as follows:
- Board Audit and Risk Committee: Its main task is to examine issues concerning auditing and risk which the Board needs to make a decision on. The regular tasks of the committee include examining reports of internal controlsregulators, reviewing the risk policy, examining the annual and interim financial statements to ensure the quality of the information contained in them and the independence of the company’s auditors.
- Board Credit Committee: Its main task is to attend to credit issues which exceed the credit limits of its sub-committees.
- Board Remuneration Committee: Its main task is to advise the Board on the terms of remuneration to the Chief Executive Officer and other employees hired directly by the Board. Regular tasks at committee meetings are to review the remuneration policy, the human resources policy, salary distribution and the incentive system if one is in place. The Bank’s remuneration policy shall be examined and approved by a shareholders’ meeting annually.
The Board has decided to go further than stipulated in the Guidelines on Corporate Governance with respect to the disclosure requirements of sub-committees. At every meeting the Board receives the minutes of the previous meeting of each sub-committee and are given access to all the information from the meetings of the sub-committees.
The BCC met 12 times during the year, the BARC met six times and the BRC met seven times. Below is an overview of the attendance of individual Directors:
Board of Directors and Committees
| Board Audit and
|1 Jan - 31 Dec
|1 Jan - 31 Dec
|1 Jan - 20 Mar
|1 Jan - 31 Dec
|1 Jan - 31 Dec
|Björgvin Skúli Sigurðsson
|1 Jan - 9 Oct
|20 Mar - 31 Dec
|1 Jan - 31 Dec
|Ólafur Örn Svansson4
|30 Jan / 18 Nov
|20 Nov - 31 Dec
|1 Jan - 31 Dec
1Agnar Kofoed-Hansen was a Board Member until 20 May 2014. He was replaced by Kirstin Flygenring the same day,
2 Björgvin Skúli Sigurðsson resigned from the Board on 9 october 2014.
3 Kirstín Flygenring was elected to the Board at the Bank´s AGM on the 20 March 2014. She had previously been an Alternate.
4 Ólafur Örn Svansson attended two meeting during the year as an Alternate.
5 Brynjólfur Bjarnason replaced Björgvins Skúla Sigurðssonar on 20 November 2014.
6 Guðjón Gústafsson is a member of the Board Audit and Risk Committee. He is not a Director.
7Måns Höglund was unable to attend the board meeting held on 30 January and Olafur Örn Svansson was called in as an Alternate.
The Board carries out an annual performance appraisal, at which it assesses its work, the necessary number of Board Directors, the Board structure, achievements and work of the sub-committees with respect to the aforementioned. This appraisal was last performed by the Board at its meetings and between meetings during the period 9 October to 10 December 2014.