Good governance

Our objective is to ensure open and functional corporate governance. In our business operations, we adhere to our values, our Code of Conduct and good insurance practice. We act ethically and fairly.

Compliance and risk management is embedded in the tasks of every director and manager. Every single Veritas employee is responsible for adhering to the guidelines and regulations as well as for risk management in their own work.

Compliance and risk management supporting good governance

As a pension company, we operate as a private enterprise, while simultaneously managing a vital societal task governed by laws and regulations. For this reason, it is important that what we do is transparent and in line with our task. Alongside legislation, we have in place internal operating guidelines ensuring that all of Veritas’ employees adhere to the common rules. 

Compliance

The compliance function refers to the independent oversight of the lawfulness of a company’s operations and adherence to any other external and internal rules pertaining to its business.

The task of the compliance function is to support business particularly in the identification and management of legal and compliance risks, as well as supervise and report same to the Executive Group and the Board of Directors. At Veritas, Compliance consists of the following elements:

The compliance function begins with top management, i.e., the CEO and the Board of Directors, who are responsible for the lawfulness of the company’s operations.  

Veritas has additionally appointed a Compliance Officer, whose superior is the General Counsel. The tasks of the Compliance Officer include, inter alia, reviewing the compliance of different functions and segments in accordance with the action plan devised on the basis of risks, receiving compliance notifications and monitoring the progression of the remedial measures related to same. Their tasks also include the provision of training and communication concerning compliance matters, as well as the related procedures. The Compliance Officer reports to the Board of Directors twice a year and to the Executive Group every two months.
  
At Veritas, the compliance function is supported by the compliance network. The network consists of the Compliance Officer and the legal counsels supporting the business, along with other designated persons.

The compliance network convenes regularly. It maintains a list of pending regulatory initiatives to be monitored, of their schedule and of the requirements they entail for the company. Any pending EU-level and national regulatory initiatives are regularly communicated to the different functions, Executive Group and Board of Directors. Furthermore, a table of all regulatory initiatives being monitored is available for viewing by all employees in the intranet.

The Compliance function is engaged in planning new business models or in any plans to change the current business models. This serves to ensure that matters set forth in regulations and guidelines are considered in any changes and the related liabilities remain clear even in changing situations.

Whistleblowing channel

Our employees have at their disposal a whistleblowing channel using which they can report any malfeasance and suspected malfeasance detected by them. Not a single whistleblowing notification was submitted in 2022.

Compliance in 2022

The Compliance Officer conducted audits of the compliance of different functions and segments in accordance with the devised risk-based action plan. Compliance-related matters were reported to Veritas’ Executive Group every other month (with the exception of July). The Executive Group received reports, inter alia, on the conducted audits and observations related to same, on notifications pertaining to compliance risks as well as on other current affairs. A compliance report was submitted to the Board of Directors twice during 2022.

The Board of Directors adopted the operating principles for compliance, as well as the statutory updated operating guidelines, such as, for instance, related-party guidelines, operating principles for conflicts of interest situations and anti-bribery guidelines.

Audits by the Financial Supervisory Authority

In 2021, the Financial Supervisory Authority conducted a thematic review of pension insurance companies relating to the procedures concerning the affirmation of the working income under self-employed persons’ pension insurance policies. The objective of the thematic review was to ascertain the regulatory compliance of the enforcement of the Self-Employed Persons’ Pensions Act (YEL). Veritas has implemented the modifications set forth in the action plan it reported to the Financial Supervisory Authority. The Financial Supervisory Authority assessed the measures in 2022 and deemed the modifications to be commensurate.

The Financial Supervisory Authority audited Veritas’ disability risk management in 2021 and 2022. The objective of the audit was to ascertain the quality and scope of the operations pertaining to the management of disability risks relative to the valid regulatory norms as well as the industry and operating license thresholds. According to the Financial Supervisory Authority, Veritas’ disability risk management is at an appropriate level and the modifications effected in the past few years have been a step in the right direction. Veritas considers the recommendations and development action brought forth in the audit in its operations and has submitted an action plan concerning the same to the Financial Supervisory Authority.

Risk management

The risk management function carries on risk monitoring and its operations encompass, inter alia, proactive risk monitoring, modelling and the generation of risk information. The objective is to create a clear understanding of the risks faced by the company and to analyse their importance and monitor their development. At Veritas, risk management encompasses matters pertaining to investment risks, operative risks and enterprise risk management (ERM).

The Board of Directors regularly adopts the risk management policy. The policy determines the risks, risk management principles and objectives, as well as organisation, tasks and reporting.

The risk management function is responsible for devising the company’s risk and solvency assessment (ORSA). The risk and solvency assessment is a process involving the regular assessment of the risks and threats encountered by a company. The prerequisite for a successful ORSA process is open dialogue and challenging the assessments between the risk management function, as well as the company’s management and other personnel. An integral component of the process is also the challenging of the assessment and of the assumptions under same. ORSA is a tool that supports management decision-making.

Risk surveys identify the risks the company is facing. The risk survey involves reviewing the impacts of new and developing risks at the company level.

Reporting channel for risk events

Our employees have at their disposal a reporting channel through which they are able to report any materialised risk events.

Risk management 2022

In 2022, we have actively monitored and analysed the geopolitical situation and the impacts of same, especially on investment markets and preparedness for disruptions. Veritas’ investment risks related to Russia have been assessed as minor. The war in Ukraine has caused mounting uncertainty and risks and increased volatility in investment markets.

The change in the geopolitical situation has also been taken into account in connection with contingency planning. Veritas is prepared for possible disruptions and has taken measures to ensure the continuity of operations. Examples of threats or disruptions discussed include power supply disruptions and cyberattacks. The contingency arrangements have been updated in cooperation with the parties common to the pension industry and security of supply. It is important to inform the staff in advance about possible threats and operating methods in the event of disruptions.

The consideration of climate risks in conjunction with making investment decisions has formed part of the process for quite some time already. In 2022, we developed the assessment and monitoring of developing risks and climate risks also as relates to our other operations. These risks are regularly on the agenda of the risk management function and the evaluation of the same has also been developed in the ORSA. Some of the developing risks are risks the emergence of which we have little or limited control over. Nevertheless, it is important to assess the same, because this provides vital information for developing the operations.

A new tool was introduced within the company for the purposes of risk assessments in the spring of 2022. Experiences of the new tool are positive. The tool has rendered the conducting of surveys and the maintenance of data smoother as well as improved usability.  

Supplier management model

We ourselves are a responsible company and it is important for us that also our partners act responsibly. In certain functions, we retain third-party suppliers and in such connection, we want to ensure that the suppliers are reliable and responsible. At the moment, third-party suppliers are retained, for instance, for the HR system, working time management, payroll services, IT support services and as the latest addition, now also postal services.

Veritas has in place a supplier management model that steers the selection of new suppliers and verifies the suitability and reliability of suppliers. The model also allows us to evaluate, inter alia, the continuity of the suppliers’ business and the state of their corporate responsibility. Thus, the supplier management model also constitutes a component of Veritas’ risk management.