Enity’s risk management
Risk is an inherent part of Enity’s operations, and the ability to effectively manage risk is fundamental to sustainable financial performance and long-term value creation. Recognizing this, the Board of Directors has adopted a robust risk management framework designed to support sound decision-making and protect the Group’s goals and objectives.
The framework is integrated into the overall governance and internal control framework and encompasses strong governance structures, clearly defined policies and processes, a formalized risk appetite, and a system of control mechanisms that collectively enable consistent and effective risk oversight.
The Board of Directors defines the Group’s overall risk appetite, establishing the types and level of risk that the Group is willing to accept in pursuit of its strategic goals. The risk appetite serves as a guiding point for business decisions across the organization, ensuring that risks are taken within acceptable parameters and are balanced against expected rewards.
The Group’s risk management structure is built on a well-established three lines of defence model, which clearly defines responsibilities across risk owners, risk oversight functions, and independent assurance to ensure a sound and effective management of risks at all levels of the organization.
First line of defence – The business functions, where managers own their risks and are responsible for the day-to-day risk management, compliance and internal control. The managers of business functions report to the Senior Management Team and the CEO.
Second line of defence – The Risk Management function and the Compliance function constitute the second line of defence and are responsible for developing, supporting and maintaining the risk management compliance and internal control frameworks. These functions provide independent oversight and monitoring of all areas of Enity. The CRO and the Head of Compliance report operationally to the CEO and functionally to the Boad of Directors.
Third line of defence – The Internal Audit Function is responsible for a totally independent audit of risk management, compliance and internal control in the business and control functions. The Internal Audit function reports directly to the Board of Directors. Enity has outsourced the internal audit to Deloitte AB.