Risk Management is an independent unit and reports to the CEO. Risk Management had 27 full time employees at the end of 2015. The division is managed by Gísli Óttarsson, Chief Risk Officer.
Risk Management is divided into four departments.
Credit Analysis monitors and supports the Bank’s credit decisions and credit granting processes from loan application to loan disbursement. The department is Risk Management’s primary interface with the Bank’s credit committees and prepares comments on all credit applications that are submitted to the Board Credit Committee (BCC) and the Arion Credit Committee (ACC).
Credit Control monitors weak and impaired credit exposures on a customer-by-customer basis, determines the appropriate level of provisioning and reports provisioning and write-offs to the ACC. Credit Control also monitors the portfolio credit risk such as single name and industry-sector concentrations as well as monitoring financial relationships of obligors and the large exposures to financially related obligors.
Balance Sheet Risk is responsible for analyzing, monitoring and reporting on risks resulting from balance sheet mismatch, including capital and is responsible for carrying out the Bank’s Internal Capital Adequacy Assessment Process (ICAAP). It is also responsible for developing and running credit rating models and stress tests.
Operational Risk is a part of the Bank´s second line of defense and monitors the risks associated with daily operations. The department supports the Bank´s departments´ measures for internal control and is responsible for implementing risk control self assessments, listing loss events and supervising work procedures.
The Bank’s Security Officer is part of Risk Management and his main task is to devise a strategy on security issues, supervise security issues and report to the Security Committee and the Executive Management. The Security Officer is also responsible for the Bank’s contingency plans.
Arion Bank seeks to detect any risk of failure to fulfil its legal obligations and has taken appropriate measures to minimize such risks. The Bank employs an independent compliance officer according to a special charter from the Board. The Compliance Officer reports directly to the CEO and provides the CEO with regular reports about his work. The Compliance Officer may refer cases directly to the Board if deemed necessary.
The main roles of Compliance are:
- To monitor and regularly assess the adequacy and effectiveness of measures designed to minimize the risk of failure to fulfil the Bank’s obligations under the Securities Transactions Act and the Act on Measures against Money Laundering and Terrorist Financing.
- To provide the employees with the necessary training and advice to enable them to fulfil their and the Bank’s obligations under the Securities Transactions Act and the Act on Measures against Money Laundering and Terrorist Financing.
- To investigate and notify the authorities of any suspicion of money laundering or terrorist financing or suspicion of market abuse. The Compliance Officer also conducts independent investigations if there is any suspicion of a violation of the Competition Act.
- The Compliance Officer also undertakes outsourced tasks from Stefnir hf. and certain pension funds.
The Compliance Officer of Arion Bank is Hákon Már Pétursson and Compliance had seven employees at the end of 2015.
The Internal Auditor is appointed by the Board of Directors and reports directly to the Board. The Board sets the Internal Auditor a charter which lays out the responsibilities associated with the position and the scope of the work. The mission of the Internal Auditor is to provide independent and objective assurance and advice designed to add value and improve the Bank's operations.
The scope of the audit is the Bank, its subsidiaries and pension funds serviced by Arion Bank. The audit is governed by the audit charter, directive No. 3/2008 issued by the FME on the internal audit function in financial institutions and international standards on internal auditing. All audit work is completed by issuing an audit report with deadlines for the implementation of audit findings. Implementations are followed up by the Internal Audit every quarter.
Internal Audit had seven employees at the end of 2015. The Internal Auditor is Lilja Steinthórsdóttir.
The Customers’ Ombudsman is appointed by the Chief Executive Officer. The role of the Ombudsman is to ensure fairness and objectivity, prevent discrimination against the customer and make certain that the process for handling cases is transparent and documented.
The Customers' Ombudsman examined 185 cases in 2015, compared with 202 cases in 2014.
The Customers' Ombudsman is Helgi G. Björnsson.