According in the Swedish National Pension Funds Act (2000:192), the Board of Directors is responsible for the Fund’s organization and management of the Fund’s assets. Part of this responsibility is to ensure the high quality of the Fund’s internal control, which is also consistent with the duties of the Board pursuant to the Swedish Companies Act and the Swedish Code of Corporate Governance.
This report has been prepared in compliance with the Swedish Code of Corporate Governance, articles 3.7.2 and 3.7.3, and is thereby limited to internal control over financial reporting. Reporting on internal control is structured according to the division in COSO, the most well established international framework for internal control. This report is not part of the formal annual report and has not been examined by the company’s auditors. In this context, financial reporting refers to the Board’s approved external reports, which are published in connection with the annual and semi-annual accounts.
Monitoring, analysis and reporting of internal control are handled by two functions within the Fund. The Risk Management function is primarily concerned with financial risks, while the Compliance Officer focuses mainly on operating risks and compliance with norms and rules. The work of both functions is carried out independently from the Fund’s other activities, and both report directly to the Managing Director.
Control environment — fund management
The responsibilities of the Board of Directors are regulated by the Swedish National Pension Funds Act. Every year, the Board adopts a normative document in which the roles and responsibilities of the Board and the Managing Director are described. This document contains a number of policies, a risk management plan and a reporting plan, and defines the respective areas of responsibility and authority.
There is a well ingrained risk culture in the Fund, which is partly due to the fact that successful asset management relies on the ability to identify, analyze and manage risks on the basis of a risk mandate.
Two central aspects of this culture are transparent reporting of business activities and a duality principle for processing of business transactions. This means, among other things, that the entire organization can monitor business activities via an enterprise-wide system and that these business transactions require approval from both the Fund’s financial administration and investment units.
Furthermore, there are established and documented routines for valuation of financial instruments and well-defined structures for decision-making in day-to-day operations.
For preventive purposes, the Fund’s risk management activities are focused on avoiding undesired financial risks and minimizing operating risks. This work, combined with a strong risk culture, promotes a high level of understanding regarding the need for internal risk control within the Fund.
Risk assessment
To ensure effective financial reporting and identification of operating risks, a recurring review of the Fund’s processes and documentation is conducted at the request of the Board.
The results of this review are reported to the Board. A central component of this review is the account closing process, which describes valuation, reconciliation and control of securities in connection with closing of the accounts. The account closing process serves as basis for the Fund’s external financial reporting.
Aside from a general evaluation of processes, the Managing Director and Executive Management Team together establish the areas to be prioritized and subjected to special review on a yearly basis. The units within the organization that are affected by the review participate actively in the analysis, which is based on a self-assessment method. This work results in an evaluation of identified risks and proposed measures. The Fund’s Compliance Officer oversees the analysis process and ensures that the Fund’s corrective measures are implemented.
Control structure and activities
The financial information is analyzed and examined by the Fund’s financial administration, control and risk management functions, which verify the performed internal controls and issue opinions on the Fund’s management to the Managing Director. Control activities are conducted with the support of the Fund’s portfolio management system (Dimension) and risk system (Wilshire).
The control function is largely built into these systems, which also produce data for various risk analyses. This creates an effective structure for both prevention and identification of undesired risks. Risks are identified through the process described above, with a focus on those that are considered significant from a Fund perspective. This dynamic handling of prioritized risks leads to continuous development of the Fund’s internal risk management.
The risk management function is responsible for monitoring financial risks in the Fund issues guidelines for internal control routines as well as monitoring compliance and the outcome of these. The Fund’s Compliance Officer monitors the operating risks, oversees compliance with the Fund’s policies and normative documents and coordinates the yearly review of operating risks.
The process description and approved control and monitoring routines serve as normative documents for the Fund’s Risk Management function and Compliance Officer.
Information and communication
The Board is regularly informed about the Fund’s financial position and investment results. The Board is provided with an income and return report every month and a complete income statement and balance sheet on a quarterly basis. Reports on the Fund’s financial position and risk-taking are also presented at each regular Board meeting.
The financial information provided by the Managing Director to the Board follows the Fund’s account closing process, a procedure deemed to ensure the quality of the Fund’s external financial reporting. External reports are published in connection with the annual and semi-annual accounts.
All policies and instructions with relevance for internal control are communicated clearly and made accessible to all employees on the Fund’s intranet. This transparency also extends to continuous internal risk and return reports, which are also made available on the Fund’s intranet.
Monitoring
Risk management and internal control are standing items on the agenda of all of the Fund’s regular board meetings, at which the Managing Director reports on the prioritized risk areas. The Board approves all financial reports prior to publication.
The Fund’s Board of Directors is ultimately responsible for internal control. From among its members, the Board appoints an audit committee whose duties include matters related to internal control.
In response to unrest in the global financial markets during 2008, the Fund’s Board of Directors and Audit Committee have specifically addressed the Fund’s risk exposure to banks and other financial institutions. Aside from reviewing its limits on banks, a considerable emphasis has been placed on the Fund’s positions in derivative instruments and securities liquidity.
The Board has decided not to establish an internal audit function to monitor the quality of internal control, but has instead engaged independent engaged independent consultants for this work as needed. The Risk Management function and Compliance Officer report to the audit committee at its meetings. The independent auditors report regularly to the audit committee and to the Board in connection with the annual accounts.
Operations and results 2008
