Internal control and auditing

Internal control

The Board of Directors has ultimate responsibility for operations and processes involving risk management and control at Swedbank. Under the direction of the President, managers with operational responsibility are charged with ensuring that risk management and control processes work as specified in the Board’s guidelines.

Every manager with operational responsibility in the organization is responsible for risk management and control within their operating area. This includes periodic evaluation of control methods, which must be identified, appropriate, effective and stable. Good risk management and control requires clearly defined delegation of responsibilities and duties, as well as observance of the duality principle, which means that no one person alone should handle a routine or oversee a case without control or supervision. Responsibility for risk management and control is part of operational responsibility. Thus, risk management and control are integral to operations.

External audits

Swedbank’s auditors are chosen by the Annual General Meeting of the shareholders of the company. The Swedish Financial Supervisory Authority has the right to appoint an auditor. Since the 2003 AGM, the accounting firm, Deloitte AB was chosen as Swedbank’s auditor and lead auditor is Svante Forsberg, Deloitte AB.

CV of Svante Forsberg (pdf)

The Swedish Financial Supervisory Authority has not appointed any auditor for 2009.

Internal audits

The role of internal audits is to review and evaluate the management and the risk management and control practices within the Group. The internal audits also assist the external auditors in the course of their duties. The internal audits function is an audit function that is independent of the operational activities. This independence is made clear from, amongst other things, the fact that it reports directly to the Board of Directors.

Fees paid to the Group’s auditors for their audit and consultation work in 2009: