Home > Shareholders > Governance > Risk management

Risks and risk management

CapMan faces many different risks and uncertainties, which could if realised affect its strategic direction, financial position, earnings, operations and reputation. Assessment and management of risks is an integral part of CapMan’s ability to conduct its operations in a successful manner. CapMan classifies risks according to various categories and identifies principal risks for each category. CapMan performs an annual review of the risk environment and reports on any material developments quarterly. The latest risk review is presented below.

Latest risk review

See CapMan’s Risk management process and key risk categories from the latest risk review.

Internal control and risk management

The aim of CapMan’s internal control and risk management is to ensure that the company’s operations are efficient, appropriate, reliable and in compliance with regulation, and that risks associated with the company’s business and objectives are identified and appropriately monitored and managed. The group’s internal control system is an essential part of the group’s management system and consists of organization structure, policies, processes, working instructions, allocation of tasks and responsibilities, approval authorizations, manual and automated controls, monitoring reports and reviews. The Board and the CEO are responsible for the internal control and the risk management but the internal control is conducted on all levels of the organization, in all business and support functions. Each employee is individually responsible for the compliance of policies and instructions and for reporting the faults and malpractice to his/her supervisor or other designated persons. Taking into account the nature and extent of the company’s business CapMan has not considered it necessary to organise internal audit as a separate function. The internal audit of the licensed operation has been outsourced to an external service provider.


Roles and responsibilities

The Board has the responsibility for determining the company’s risk appetite as part of defining its strategic goals and for ensuring that the risk management and internal control are appropriately organized. The Board has established an Audit and Risk Committee consisting of Board members the purpose of which is to concentrate more closely on monitoring the risk management and internal control processes. The Board approves annually the action plans of the central control functions risk management and compliance and certain other central policies. Compliance and risk management functions report regularly on their operations and observation to the Audit and Risk Committee and at least annually to the Board.

The Management Group is responsible for the implementation of the internal control and risk management processes, for ensuring their operational effectiveness and allocation of adequate resources. The Management Group also defines and monitors the main risks of the business and other functions and prepares an action plan for the most relevant identified risks.

The CEO leads the risk management process by defining and allocating responsibility areas. The CEO has nominated the group’s COO as risk manager to be in charge of coordinating the overall risk management process. The risk manager reports to the Audit and Risk Committee on matters concerning internal control and risk management. The management has allocated responsibility for establishing more specific internal control policies and procedures to personnel in charge of different functions.

The Group has a compliance officer, whose main task is to ensure that laws, regulation and orders of authorities are complied with in the Group’s business and operations.

The organisation of the risk management and internal control of CapMan group’s regulated operation (alternative investment fund management and investment services) are the responsibility of Boards of Directors of the respective subsidiaries. In particular, the Boards ensure that the control functions are independent from the business operations. The regulated operations have dedicated independent functions responsible for the day-to-day risk management through monitoring that risk management policies and procedures approved by the Boards are followed and that they are appropriate and effective. The risk management function report on to the relevant Board regularly.

The compliance functions of the regulated operations are performed internally or outsourced to the Group’s compliance function.


Risk management process

Risk management at CapMan is a systematic and continuous activity, which identifies, assesses and controls the risks affecting the Company by reducing, avoiding or transferring the adverse economic or other consequences of the risks. Risk management is a part of the Company’s strategy process, operative planning and daily decision-making.

Risk management is a tool for the Board of Directors and corporate management to systematically examine and anticipate threats, possible losses and any positive aspects that might result. It is also a tool to evaluate and manage both short-term and long-term risks in a holistic way that supports the achievement of Company’s strategic objectives.

At CapMan Plc, the risk management process is aligned with strategy and business planning processes, as presented in the figure:

More information on CapMan’s risk management and internal control as well as risks relevant to CapMan’s business can be found in the Annual Report, in particular in the Board of Directors’ Report, in the corporate governance statement and in the appendices to the annual accounts.