Risk management

Objective of risk management

The goal of SkartaNYAB’s risk management policy is the systematic identification of risk factors, as well as their continuous monitoring and optimal management so that the Group achieves its strategic and financial objectives. The company sees that controlled risk-taking can have a positive effect on the company’s development. The starting point of SkartaNYAB’s risk management policy is to manage the risk position as a whole, although the identification of individual risks and the means of management at a practical level may differ.

Definition of risk

SkartaNYAB defines risk as an internal or external uncertainty, the realization of which either positively or negatively affects the SkartaNYAB’s ability to achieve the financial and strategic objectives set for it.

Principles of risk management

SkartaNYAB Plc’s Board of Directors has the main responsibility for arranging appropriate and effective risk management in the Group. However, all SkartaNYAB companies, members of SkartaNYAB Plc’s organizational staff and service providers for outsourced operations are always obliged to contribute to the achievement of the goals set out below, to be aware of the importance of internal control and risk management from their own goals and to implement required risk management measures. measures and reporting.

The principles are as follows:
1. The Group and its companies do not knowingly take on such a level of risk in their operations that it could pose a material risk to the liquidity or solvency of the companies or the Group.
2. Ongoing risk management shall ensure that significant risks that may impede the company’s business or the achievement of business objectives are identified, assessed and monitored as part of the day-to-day management of the business.
3. Risk management shall cover all material internal and external business risks, regardless of their measurability or the company’s ability to influence their hedging.
4. Risk management procedures shall be continuously maintained and developed to ensure that all new, material but previously unidentified risks are included in the risk management process.

Internal audit

The internal audit function is an independent and objective evaluation, assurance and consultation function that provides added value to the organisation and improves its functioning. The internal audit function supports the Board of Directors in achieving the Group’s objectives by providing a systematic approach to the evaluation and development of the organisation’s supervisory, management and governance processes, as well as the effectiveness and efficiency of risk management.

The purpose of internal audit is to assess, in accordance with the audit plan approved by the Board of Directors, things such as the effectiveness and completeness of the Group’s risk management and the adequacy of control procedures.

The CFO is responsible for the internal audit duties, and the actual internal audit function has been outsourced to Oy Tuokko Ltd where KHT Janne Elo is the chief internal auditor. Internal audit reports to the CEO and the Board of Directors.