Internal control and risk management
The aim of CapMan’s internal control and risk management is to ensure that the company’s operations are efficient, appropriate, reliable and in compliance with regulation, and that risks associated with the company’s business and objectives are identified and appropriately monitored and managed. The group’s internal control system is an essential part of the group’s management system and consists of organization structure, policies, processes, working instructions, allocation of tasks and responsibilities, approval authorizations, manual and automated controls, monitoring reports and reviews. The Board and the CEO are responsible for the internal control and the risk management but the internal control is conducted on all levels of the organization, in all business and support functions and every employee is individually responsible for the compliance of policies and instructions and for reporting the faults and malpractice to his/her supervisor or other designated persons. Taking into account the nature and extent of the company’s business CapMan has not considered it necessary to organise internal audit as a separate function. The internal audit of the licensed operation has been outsourced to an external service provider.
Roles and responsibilities
The Board has the responsibility for determining the company’s risk appetite as part of defining its strategic goals and for ensuring that the risk management and internal control are appropriately organized. The Board has established an Audit Committee consisting of Board members the purpose of which is to concentrate more closely on monitoring the risk management and internal control processes. The Board approves annually the action plans of the central control functions risk management and compliance and certain other central policies. Compliance and risk management functions report regularly on their operations and observation to the Audit Committee and at least annually to the Board.
The Management Group is responsible for the implementation of the internal control and risk management processes, for ensuring their operational effectiveness and allocation of adequate resources. The Management Group also defines and monitors the main risks of the business and other functions and prepares an action plan for the most relevant identified risks.
The Group’s CFO, who is also member of the Management Group, coordinates the arrangement and development of internal audit and risk management and, when necessary, reports to the Board on the operation of and observations on risk management and internal control.
The Group has a compliance officer, whose main task is to ensure that laws, regulation and orders of authorities are complied with in the Group’s business and operations.
The organisation of the risk management and internal control of the alternative investment fund manager’s (AIFM) regulated operation are the responsibility of CapMan AIFM Ltd’s Board of Directors. In particular, the Board ensures that the control functions are independent from the business operations. The regulated operation has a dedicated independent Risk Manager responsible for the risk management of the day-to-day operation through monitoring that risk management policies and procedures approved by the Board are followed and that they are appropriate and effective at the level of both the manager and the funds under its management. The Risk Manager reports on his observations to the AIFM’s Board regularly.
The compliance function of the regulated operation is conducted by the Group’s compliance officer.
Risk Management process
Risk management at CapMan is a systematic and continuous activity, which identifies, assesses and controls the risks affecting the Company by reducing, avoiding or transferring the adverse economic or other consequences of the risks. Risk management is a part of the Company’s strategy process, operative planning and daily decision-making.
Risk management is a tool for the Board of Directors and corporate management to systematically examine and anticipate threats, possible losses and any positive aspects that might result. It is also a tool to evaluate and manage both short-term and long-term risks in a holistic way that supports the achievement of Company’s strategic objectives.
In CapMan Plc, the risk management process is aligned with strategy and business planning processes, as presented in the below figure:
More information on CapMan’s risk management and internal control as well as risks relevant to CapMan’s business can be found in the Annual Report, in particular in the Board of Directors’ Report, in the corporate governance statement and in the appendices to the annual accounts.