Risk Management is an independent unit and reports to the CEO. The division is managed by Gísli S. Óttarsson, Chief Risk Officer.
Risk Management is divided into three departments.
Credit Control is responsible for monitoring credit quality of loans and determining appropriate levels of provisioning. Credit Control also monitors the portfolio credit risk such as single name and industry-sector concentrations and furthermore monitors financial relationships of obligors and the large exposures to financially related obligors.
Balance Sheet Risk is responsible for market risk, liquidity risk, capital adequacy, modelling and stress testing. The department analyzes and monitors risks resulting from balance sheet mismatches and trading activities. It also carries out the Bank’s Internal Capital Adequacy Assessment Process (ICAAP) and Internal Liquidity Adequacy Assessment Process (ILAAP). The department is responsible for the development of the Bank’s credit rating models.
Operational Risk is a part of the Bank's second line of defence and provides support to the first line of defence in managing risk associated with the Bank's day-to-day operations. The department supports the Bank’s measures on internal control and is responsible for implementing risk control self-assessments, listing loss events and supervising work procedures.
The Bank’s Data Officer belongs to Risk Management and his role is to organize and implement improvements in data management and data governance for the Bank as a whole.
Compliance is an independent unit which reports directly to the CEO and works in accordance with a special charter from the Board. The Compliance Officer is Hákon Már Pétursson.
The role of Compliance is to apply effective precautionary measures to ensure that Arion Bank complies at all times with the law, regulations and good business practices, and to foster an affirmative corporate culture in this respect.
- Compliance provides a comprehensive overview of the current legal requirements and responsibilities and encourages employees to know and understand their duties and to ensure that they receive the appropriate instruction, advice and information on the requirements made at any given time.
- Compliance endeavours to ensure that internal control is effective and that any abnormalities are dealt with.
- Compliance tries to ensure that the Bank’s services are not misused and that the Bank knows its counterparties, the nature of all business relationships and its duties in this regard.
- Compliance advocates transparency and makes sure that reporting to customers, investors and the authorities is of the requisite standard.
- Compliance encourages the responsible handling of confidential information.
The Security Officer is part of Compliance and works independently for the Bank's security committee. The role of the Security Officer is to ensure that the Bank meets all requirements on security of information, data, financial assets and other valuables. The Bank’s Security Officer is Þórr Tjörvi Einarsson.
The Internal Auditor is appointed by the Board of Directors and reports directly to the Board. The Board sets the Internal Auditor a charter which lays out the responsibilities associated with the position and the scope of the work. The mission of the Internal Auditor is to provide independent and objective assurance and advice designed to add value and improve the Bank's operations. The Internal Auditor is Lilja Steinthórsdóttir.
The scope of the audit is the Bank, its subsidiaries and pension funds serviced by Arion Bank. The audit is governed by the audit charter, directive No. 3/2008 issued by the FME on the internal audit function in financial institutions and international standards on internal auditing. All audit work is completed by issuing an audit report with deadlines for the implementation of audit findings. Implementations are followed up by the Internal Audit every quarter.
The Customers’ Ombudsman is appointed by, and responsible to, the CEO. Helgi G. Björnsson is the Customers’ Ombudsman of Arion Bank.
The role of the Ombudsman is to ensure that the business of customers is handled fairly and objectively, prevent discrimination against customers and make certain that the process for handling cases is transparent and documented. The Customers' Ombudsman examined 162 cases in 2017, compared with 160 cases in 2016.