Corporate governance and internal control

Corporate governance within Hoist Finance

Hoist Finance is subject to external and internal control systems.

The external control systems, which serve as the framework for Hoist Finance’s corporate governance, are the Swedish Companies Act, Annual Accounts Act, Banking and Financing Business Act, the Swedish Financial Supervisory Authority’s regulations and general guidelines, Nasdaq Stockholm’s Rule Book for Issuers, other relevant laws and regulations, and the Swedish Corporate Governance Code. Governance, management and control are allocated between the shareholders at the Annual General Meeting (AGM), the Board and the CEO pursuant to Swedish corporate law, the Swedish Corporate Governance Code and the Articles of Association.

The internal control systems include the Hoist Finance Articles of Association adopted by the AGM. The Board has also adopted policies and instructions that clarify the division of responsibilities within the Group. Corporate Governance Report Good corporate governance aims to create favourable conditions for shareholder involvement. This is done through well-defined and well-balanced assignment of responsibilities between the company’s executive and shareholder functions. This ensures that accurate information is being presented to the market. The following are of particular importance in this context:

  • Rules of procedure for the Board;
  • Instructions for the CEO;
  • Policy for internal governance and control;
  • Remuneration policy;
  • Instruction for the Risk and Audit Committee;
  • Instructions for the Remuneration Committee;
  • Instructions for the Investment Committee.

Governance structure

Roles and responsibilities

The Board is ultimately responsible for limiting and overseeing Hoist Finance’s risk exposure. The Board and the Risk and Audit Committee are responsible for establishing the main rules and guidelines for internal control.

The Risk and Audit Committee assists the Board by continuously monitoring the risks that may affect financial reporting and by producing manuals, policies and accounting policies. The Risk and Audit Committee interacts directly with the external auditors.

The CEO is responsible for the effective design and implementation of internal control within the Group. The CFO is responsible for the design, implementation and correct application of the internal control framework at the central level. Local management is responsible for design, implementation and correct application at the local level.

Hoist Finance roles and responsibilities with respect to internal control and risk management are structured in three lines of defence.

The first line of defence, comprised of the Board, CEO and business organisation, is responsible for conducting operations in accordance with the adopted risk exposure and internal control framework and pursuant to rules and regulations applicable to Hoist Finance. The first line of defence has a well-functioning governance structure and effective processes to identify, measure, assess, monitor, minimise and report risks.

The second line of defence is comprised of the Risk Control function, the Compliance function and the Security function, independent units that monitor and control Hoist Finance's risks and report independently of each other to the Board and the CEO.

The third line of defence is the Internal Audit function that conducts independent audits and reviews and provides the Board with evaluations of Hoist Finance’s internal control and risk management processes.

The three lines of defence jointly form the internal control framework, which is designed to develop and maintain systems that ensure:

  • Effective and efficient business operations;
  • Satisfactory risk control;
  • Business management;
  • Reliable reporting of financial and non-financial information (internally and externally); and
  • Compliance with laws, regulations, supervisory authority requirements and internal policies and procedures.