The Governance, Risk and Compliance Function

The Governance, Risk and Compliance (“GRC”) function, forming the second line of defence, advises and monitors the first line, oversees and, if necessary, challenges first line risk management.

The Internal Audit function, being the third line of defence, performs regular reviews of both the first and the second line risk management activities. Both the GRC function and the Internal Audit function reports to the various decision-making bodies of the Group on an ongoing basis.

 

How does the GRC function assist the business?

The GRC function has a global remit and is independent from the business organization. Its main responsibility is to drive the GRC issues on behalf of the Board of Directors and senior management. In essence, the function shall:

  • Promote and secure sound governance
  • Develop and implement a robust risk management framework and
  • Ensure proper compliance with internal and external regulatory requirements.

     

The GRC Plan

Several activities are undertaken yearly by the GRC function, in line with a set GRC plan which is presented to the Board and Group Management. Some of the key activities for the function include:

  • Coordinating, contributing, and providing support to the first line’s identification and assessment of current and emerging risks
  • Delivering quarterly updates to the Board of Directors in Betsson AB on material risks faced by the Group
  • Supporting the strategy and business planning process
  • Supporting risk owners with developing and planning Business Continuity and IT Disaster Recovery projects
  • Assisting the Audit Committee in coordinating activities across the three lines of defence, including acting as liaison for the strategic external partner for internal audit services
  • Contributing to various initiatives aiming to develop and strengthen sound corporate governance
  • Coordinating a working group focused on strengthening the management and development of key policies and instructions for the Group
  • Supporting the establishment of a minimum standard focusing on anti-money laundering for the whole group
  • Maintain the anti-corruption framework, supported by a risk assessment covering the main activities of the Group, and 
  • Training and other activities to raise the employees’ awareness around GRC.