Atlanticomnium’s risk strategy includes having:
- A strong risk governance structure
- A strong risk aware culture
- Clear accountability for risk management
- Clarity about the levels of risk Atlanticomnium can assume (Risk Tolerance)
- A commitment to compliance with all relevant legislation and regulations
- A consistent framework applied from-wide including documented policies and procedures for material processes
- Effective segregation of duties
- Clear delegations and limits of authority
- An independent Risk function, with the CRO reporting to the Board of Directors
A strong risk culture is promoted within the organisation, to ensure staff acts with integrity, honesty, and with an acute awareness of the risks taken and the steps to mitigate them. The main principles are:
- The recruiting process ensures new employees adhere to the highest ethical standards
- Risk-awareness training is organised several times a year to all colleagues
- The Risk and Compliance function organise round-tables with relevant teams about key risks (regulatory risk, credit risk, market risk, etc.)
- Independent controls ensure an unethical behaviour or fraud would be identified
- Staff are trained to be transparent in identifying and reporting failings and take proactive steps to address weaknesses when they are discovered (include in the personal objectives)
- The management provides the necessary tools to all employees to manage risk effectively
Risk Appetite Tolerance
It is both necessary and desirable for Atlanticomnium to tolerate a level of risk in pursuit of achieving its corporate strategy. However, it is also necessary to ensure that the amount of risk taken is within acceptable boundaries that are commensurate with the financial strength of the company. Good risk management does not imply avoiding all risk at any cost; rather it implies making informed and coherent choices regarding the risk the company wants to take in pursuit of its strategy and objectives, having regard to the methods used to manage and mitigate those risks.
Atlanticomnium’s policy is to maintain the risk within the boundaries approved by the Board of Directors and which are inextricably linked with the company strategy, business plan and shareholders and client expectations. It is a fundamental component of the overall company risk management framework.
Accountability for Risk Management
Atlanticomnium operates a “Three lines of defence” approach with regard to risk management.
The first line of defence is responsible for managing risks on a day-to-day basis. Amongst others, it is responsible for monitoring risk through its daily controls, identifying and reporting any breach, incident or risk falling beyond the risk tolerance of the company.
The second line of defence is responsible for understanding the full range of risks and for ensuring those risks are appropriately and effectively managed by the first line of defence. They are also responsible for performing second level controls and monitoring the system of risk management.
The third line of defence evaluates the organisation and internal control system of the organisation. It verifies the first and second lines of defence are performing their controlling, reporting, and risk management activities as per the Board’s directives, and report to the Board of Director any identified breach or incident.
Atlanticomnium is regulated by the Swiss Financial Regulator (FINMA) which supervises the activities of Financial Intermediaries in Switzerland.