Internal audit

Group Internal Audit (GIA) is an independent function commissioned by the Board of Directors. The Board Audit Committee is responsible for guidance on and evaluation of GIA within the Nordea Group. The Group Chief Audit Executive (CAE) has the overall responsibility for GIA. The CAE reports functionally to the Board of Directors and the Board Audit Committee and reports administratively to the CEO. The Board of Directors approves the appointment and dismissal of the CAE.

GIA does not engage in consulting activity unless the Board Audit Committee gives it special assignments. The purpose of GIA’s assurance activity is to add value to the organisation by assuring the quality of the governance, risk management and control processes as well as promoting continuous improvement.

All activities, including outsourced activities and entities of the Group fall within the scope of GIA.

GIA operates free from interference in determining the scope of internal auditing, in performing its audit work, and in communicating its results. GIA is authorised to carry out all investigations and obtain all information required to discharge its duties. The work of GIA shall comply with the Standards for the International Professional Practice of Internal Auditing issued by the Institute of Internal Auditors and the Standards for Information Systems Auditing issued by ISACA. The annual audit plans are based on a comprehensive risk assessment.