Corporate governance within Hoist Finance
Hoist Finance is subject to external and internal control systems.
The external control systems, which serve as the framework for Hoist Finance’s corporate governance, are the Swedish Companies Act, Annual Accounts Act, Banking and Financing Business Act, regulations and general guidelines by the Swedish Financial Supervisory Authority as well as the European Banking Association, Nasdaq Stockholm’s Rule Book for Issuers, other relevant laws and regulations, and the Swedish Corporate Governance Code. Governance, management and control are, pursuant to Swedish corporate law, the Swedish Corporate Governance Code, and the Articles of Association, allocated between the shareholders at the Annual General Meeting (AGM), the Board and the CEO.
The internal control systems include the company’s Articles of Association adopted by the AGM. The Board has also adopted policies and instructions that clarify the division of responsibilities within the Group. The following are of particular importance in this context:
- Rules of procedure for the Board;
- Instructions for the CEO;
- Policy for internal governance and control;
- Instruction for the Risk and Audit Committee;
- Instructions for the Remuneration Committee;
- Instructions for the Investment & Credit Committee;
- Instructions for the Finance Committee;
- Order Of Authorisation.
Governance structure
Roles and responsibilities
The Board is ultimately responsible for limiting and overseeing Hoist Finance’s risk exposure. The Board and the Risk and Audit Committee are responsible for establishing the main rules and guidelines for internal control.
The Risk and Audit Committee assists the Board by continuously monitoring the risks that may affect financial reporting and by adopting manuals, policies and accounting policies. The Risk and Audit Committee interacts directly with the external auditors.
The CEO is responsible for the effective design and implementation of internal control within the Group. Local management is responsible for design, implementation and correct application at the local level.
Hoist Finance’s roles and responsibilities with respect to internal control and risk management are structured in three lines of defence.
The first line of defence is comprised of the business organisation, which is responsible for conducting operations in accordance with the adopted risk exposure, internal control framework and regulations applicable to Hoist Finance. The first line of defence has a well-functioning governance structure and effective processes to identify, measure, assess, monitor, minimise and report risks.
The second line of defence is comprised of the Risk Control function, the Compliance function and the Security function, independent units that monitor and control Hoist Finance's risks and report independently of each other to the Board and the CEO.
The third line of defence is the Internal Audit function that conducts independent audits and reviews and provides the Board with evaluations of Hoist Finance’s internal control and risk management processes.
The three lines of defence jointly form the internal control framework, which is designed to develop and maintain systems that ensure:
- Effective and efficient business operations;
- Satisfactory risk control;
- Business management;
- Reliable reporting of financial and non-financial information (internally and externally); and
- Compliance with laws, regulations, supervisory authority requirements and internal policies and procedures.