Regulatory Alerts2009-01-13
Guidance on the Regulation on Risk Management and Internal Control
The Norwegian Financial Supervisory Authority (Finanstilsynet) issues this guidance to clarify the requirements of the 2008 Regulation on Risk Management and Internal Control, which expands its scope to include collection agencies and accounting firms. The document mandates that boards and management establish systematic risk management and internal control processes tailored to the size and complexity of their operations, with specific provisions for proportionality and outsourcing. It further details the responsibilities for internal audit or independent confirmation, documentation standards, and the principle that compliance must be integrated into daily operations rather than treated as a separate function.
Share