Internal control and risk management
The company has a strategy approved by the Board of Directors. In addition to the strategy, the Board has confirmed internal guidelines for the company, which are related to administration and risk management and which serve as the key principles for the company’s risk management and internal control. The company also has a considerable amount of other internal guidelines in support of the arrangement of administration and risk management.
The internal instructions approved by the Board and described above include an internal policy known as the Municipality Finance Corporate Governance Policy, which is updated on a regular basis. The Corporate Governance Policy also includes principles for managing any conflicts of interest.
Due to the nature of its operations, Municipality Finance is inevitably exposed to numerous risks, and internal control and risk management therefore form part of the company’s strategic planning and management. Efficient internal control and risk management are included in the company’s daily functions, increasing security and customer satisfaction, facilitating the achievement of the goals set, and ensuring that the company’s risk position remains at the desired level.
The purpose of internal audit is to ensure that the risks associated with lending, funding acquisition, investment and other business operations are in line with the company’s approved risk profiles and that the company attains the objectives set for its business. The aim is to keep the overall risk status at such a low level that its credit rating is the best possible in relation to that of the Finnish state and that the company’s strong credit rating is not compromised through any measures of its own. Internal control at Municipality Finance comprises financial administration that handles financial reporting, a risk management function which reports on the company’s risk position and any changes to it and is independent of the business of the company, and internal audit performed by business units which produce reports that are processed by supervisors, the President and CEO assisted by the Executive Management Team, as well as the company’s Board of Directors.
Municipality Finance’s general principles, limits and measurement methods used in risk management are determined by the Board of Directors. The implementation of risk management is the responsibility of the President and CEO, who is assisted by the Executive Management Team, and various functions/departments in accordance with the duties delegated to them.
MuniFin’s risk position related monitoring and reporting duties have been segregated to the independent risk management function, which also prepares various analyses in support of decision-making by the company management. Risk management and the company’s risk position are reported to the Executive Management Team and the Board of Directors (including Board’s Risk Committee) on a regular basis.
The management of operational risks, including information systems critical to the company’s business operations, and the monitoring of operational risks are part of the ordinary processes of units and departments. In addition, the company’s independent risk management function bears overall responsibility for the monitoring of operational risks. Part of the management of operational risks comprises tasks related to compliance with external and internal regulation, such as follow-up on regulation that affects the company’s operations, communication, training and monitoring. These tasks are the responsibility of Compliance and Operational Risk department being part of the risk management function.
Internal audit tasks include assessing the reliability and accuracy of Municipality Finance’s financial and other management information. These tasks also include ensuring that the company has adequate and properly organised manual and IT systems for its operations and that the risks associated with the operations are being managed sufficiently.
Every year, the company’s Board of Directors approves an operational plan for internal audit for each financial period. All audits performed by internal audit were reported to the company’s executive management, Audit Committee and Board of Directors. The company maintains follow-up on recommendations issued by internal audit, and the implementation of such measures is reported to the company’s Executive Management Team, Control Committee and Board of Directors on an annual basis. Internal audit assesses the status of implementation of such measures.
The company’s auditor must be an auditing corporation certified by the Central Chamber of Commerce. The auditor’s term is the financial period, and the term ends at the closing of the Annual General Meeting following its election. The company’s financial period is the calendar year. The lead audit partner may act as the company’s auditor for a maximum of seven consecutive terms.
The Audit Committee prepares the election of the auditor and makes a suggestion to the Board of Directors, which presents a proposal on the election to the Annual General Meeting. In the election process, the Audit Committee must take note of the auditor’s independence. The auditing function is monitored and supervised by the Audit Committee.
Insider administration, managers’ transactions and conflicts of interest
As an issuer of a financial instrument admitted to trading in a regulated market, Municipality Finance is obliged to maintain an insider list. This list features a section of permanent insiders in which Municipality Finance’s employees who have regular access to inside information on Municipality Finance are included. This section of the insider list also includes other individuals and corporate bodies who have access to the company’s inside information on a regular basis.
While Municipality Finance does not, in practice, offer investment services, through its position as a credit institution authorised to offer investment services it is, however, obligated to maintain a public insider register, in which the members of the Board of Directors, the Managing Director and the Deputy Managing Director must be declared. Other individuals in the company are not subject to the declaration requirement, as the company’s current business operations do not include offering investment services in a form that would give employees the opportunity to receive insider information.
Municipality Finance has guidelines in place for insiders, which have been approved by the Executive Management Team. Those included in the insider register and the insider list are obliged to comply with these guidelines.
Municipality Finance is obligated to make public all transactions conducted by its managers with the financial instruments issued by the company. Municipality Finance has concluded that the notification obligation applies to the members of the Board of Directors and Executive Management Team.
The company has a Responsibility Policy approved by the Board of Directors and principles are in place for managing conflicts of interest. The key principle in this policy is that Municipality Finance always strives for the equal treatment of its customers and other partners. The company’s business operations must not be based on the personal interests of any individuals. In every case, Municipality Finance will inform the customer or other counterparty if a business transaction may involve the risk of a conflict of interest. Members of the company’s Board of Directors act independently, taking account of the interests of both the company and all of its shareholders.