Risk involves uncertainty in various forms and is a natural element of all types of business. Carnegie’s ability to assess and manage risks while maintaining adequate capital strength and liquidity to manage unforeseen events is critical to the Group’s long-term profitability. The ultimate purpose is to ensure that risks are manage defectively and that we have sufficient capital and liquidity in relation to the risks we take.
Carnegie’s risk profile consists of both financial and non-financial risks. Financial risks, such as market and credit risks, are generally low and the Group sustained no losses of material size in 2016. Non-financial risks include operational risk, compliance risk and reputational risk. Carnegie works continuously to improve protection against these types of risk. Preparations for the implementation of MIFID II and IFRS9, among else, commenced in 2016. This will transition to an implementation phase in 2017 to ensure compliance when the new regulations take effect in January 2018. Carnegie has further developed its approach to sustainability management, where consideration is given to financial, environmental and social aspects. We have clear policies to promote sound business ethics and professionalism in all areas of operations. One aspect of this is to continuously manage these issues and monitor compliance with the Carnegie approach to risk management.
Risk management
Risk management at Carnegie is based on the principle of three lines of defense. The model distinguishes between functions that own risk and compliance (first line), functions that monitor risk and compliance (second line) and functions for independent audit (third line).
The fundamental principle is that responsibility for risk management and control always resides with the source of the risk. This means that every employee is responsible for managing risks in their own area of responsibility. As such, risk management encompasses all employees, from the CEO and other senior executives and downwards.
Beyond the control and monitoring performed by the business units, Carnegie has three control functions that are independent from business operations: Risk Management, Compliance and Internal Audit. Risk Management and Compliance supervise risk management and regulatory compliance within the business areas.
The third arm, Internal Audit, is responsible for verifying that the business areas and the other control functions perform their tasks as required. In addition, the external auditors perform independent audits of the company’s risk management and control environment.
Liquidity and financing
At year-end (2020), 16 (15) percent of Carnegie’s financing was comprised of equity, while deposits from the public accounted for 68 (71) percent and other debt accounts for 16 (14) percent of the balance sheet total.
Capital management
Carnegie’s profitability and financial stability are directly dependent upon the ability to manage risks in the business. Aimed at maintaining good financial stability even in the face of unexpected losses, Carnegie has designed an internal capital target. The target is set by the Board based on regulatory requirements and the internal assessment of capital needs. In addition to the capital target, Carnegie has a recovery plan that describes the possible measures that can be taken in the event of a strained financial situation.
The group’s financial position (2020) remains strong with a common equity Tier 1 capital ratio of 26.4 percent (25,2) and capital adequacy of 26.4 percent (25.2).