Our objective is to ensure open and functional corporate governance. In our business operations, we adhere to our values, our Code of Conduct and good insurance practice. We act ethically and fairly. One of the goals of our corporate responsibility scheme is to develop our reporting relating to good governance.

Compliance and risk management supporting good governance

As a pension company, we operate as a private enterprise, while simultaneously managing a vital societal task governed by laws and regulations. For this reason, it is important that what we do is transparent and in line with our task. Alongside legislation, we have in place internal operating guidelines ensuring that all of Veritas’ employees adhere to the common rules.

Compliance

The compliance function refers to the independent oversight of the lawfulness of a company’s operations and adherence to any other external and internal rules pertaining to its business.

The task of the compliance function is to support business particularly in the identification and management of legal and compliance risks, as well as supervise and report same to the Executive Group and the Board of Directors.

At Veritas, Compliance consists of the following elements:

Proactive

  • Values, Code of Conduct, operating principles, guidelines, policies, etc. 
  • Training, communications and advisory
  • Monitoring and communicating legislative and regulatory initiatives
  • Engagement in business development
  • Anticipatory identification of compliance risks

Supervisory

  • Compliance audits and the follow-up of the related findings
  • Compliance reporting

Responsive

  • Initiation of requisite remedial measures, in case of detecting any activity contravening regulations or being otherwise incorrect.
  • Internal investigations, e.g., in cases of malfeasance.

Compliance is embedded in the tasks of every director and manager.

All Veritas employees are responsible for adhering to the guidelines and regulations in their own work.

The compliance function begins with top management, i.e., the CEO and the Board of Directors, who are responsible for the lawfulness of the company’s operations. Veritas has additionally appointed a Compliance Officer, whose superior is the General Counsel. Compliance is embedded in the tasks of every director and manager.  All Veritas employees are responsible for adhering to the guidelines and regulations in their own work.

The Compliance Officer acts as the chairman of internal oversight meetings. The tasks of the Compliance Officer include, inter alia, reviewing the compliance of different functions and segments in accordance with the action plan devised on the basis of risks, receiving compliance notifications and monitoring the progression of the remedial measures related to same. Their tasks also include the provision of training and communication concerning compliance matters, as well as the related procedures. The Compliance Officer reports to the Board of Directors twice a year and to the Executive Group every two months.

At Veritas, the compliance function is supported by the compliance network. The network consists of the Compliance Officer and the legal counsels supporting the business, along with other designated persons.

The compliance network convenes regularly. It maintains a list of pending regulatory initiatives to be monitored, of their schedule and of the requirements they entail for the company. Any pending EU-level and national regulatory initiatives are regularly communicated to the different functions, Executive Group and Board of Directors. Furthermore, a table of all regulatory initiatives being monitored is available for viewing by all employees in the intranet.

The compliance function: 

  1. Audits the compliance of different functions and segments in accordance with the devised risk-based action plan.
  2. Reports regularly to the Board of Directors and the Executive Group on any findings.
  3. Proactively identifies and assesses adverse consequences associated with non-compliance and communicates same.
  4. Monitors pending regulatory initiatives, communicates them actively and supports preparation for same in business.
  5. Coordinates the upholding of the company’s Code of Conduct, aiming at promoting ethical and responsible operating procedures.
  6. Annually devises and submits to the Executive Group and Board of Directors for approval internal guidelines required by law.
  7. Arranges training sessions and communicates matters pertaining to compliance procedures within the organisation (incl. Board of Directors and Executive Group).
  8. Maintains an insider register of Veritas’ permanent insiders and updates insider information as concerns the insiders of the pension insurance company.
  9. Oversees compliance with anti-money laundering regulations.

Year 2021

Audit by the Financial Supervisory Authority

The Financial Supervisory Authority conducted a compliance audit of Veritas during the time period of 30 September 2019 through 10 March 2021. The objective of the audit was to ascertain how the compliance function has been organised at Veritas.  

The audit evaluated the manner of execution of the compliance function and the prerequisites for its operation. The key aspects that were assessed included the organisation of the compliance function, the company’s compliance in practice, detection, recording and relaying to the company’s decision-making process of any shortcomings in compliance, as well as compliance interaction within the organisation.

According to the Financial Supervisory Authority’s final report, the practical implementation of Veritas’ compliance function has been arranged appropriately and no significant shortcomings were detected in the audit.

Risk management

The risk management function carries on risk monitoring and its operations encompass, inter alia, proactive risk monitoring, modelling and the generation of risk information. The objective is to create a clear understanding of the risks faced by the company and to analyse their importance and monitor their development. At Veritas, risk management encompasses matters pertaining to investment risks, operative risks and enterprise risk management (ERM).

The Board of Directors regularly adopts the risk management policy. The policy determines the risks, risk management principles and objectives, as well as organisation, tasks and reporting.

The risk management function is responsible for devising the company’s risk and solvency assessment (ORSA). The risk and solvency assessment is a process involving the regular assessment of the risks and threats encountered by a company. The prerequisite for a successful ORSA process is open dialogue and challenging the assessments between the risk management function, as well as the company’s management and other personnel. ORSA is a tool that supports management decision-making.

Risk surveys identify the risks the company is facing. The risk survey involves reviewing the impacts of new and developing risks at the company level. Climate risks were investigated in 2021 and a more comprehensive assessment of same will be included in ORSA in the future.