Operational risks occur in all businesses. It is not possible or cost effective to try to eliminate all of them. Swedbank’s goal is to minimise operational risks given the nature of its operations and market as well as the bank’s strategy and risk appetite. Minor loss events are a normal part of the bank’s operations. Larger losses and incidents that affect many of the bank’s customers are rare, and Swedbank is diligent in working to prevent such incidents from occurring.
Swedbank has internal regulations on operational risk management and works in a structured fashion with risk analysis and risk-reducing measures in connection with significant changes and with continuity planning and preparedness measures to minimise the effects of incidents as quickly as possible if they do occur.
Normally, the purpose of outsourcing is to achieve higher efficiency and quality within our business by enabling the concerned business unit to focus on its core activities. Outsourcing is seen as a high-risk activity and can result in reduced control of the outsourced operations, information, supervision and confidentiality or a loss of know-how, to name a few. Therefore, the group has to identify the risks associated with outsourcing when an outsourcing project is initiated and take suitable, adequate and necessary measures to decrease risks. Furthermore, it is important to acknowledge that outsourcing does not discharge the group from the liability towards customers and authorities.
Outsourcing of a business is associated with various risks. Hence, the local supervisory authorities have established rules governing how financial activities may be outsourced. Swedbank has an internal regulatory framework that regulates the conditions for outsourcing of activities. The framework has been adopted to provide practical guidance when an outsourcing project is initiated, thus, regulatory compliance is ensured.