Risk management and oversight
The purpose of risk management and oversight is to ensure that we run our operations efficiently and securely and comply with the current statutes and operating principles.
Risk management
We actively assess and monitor our risks and risk management efforts and continuously develop our operations. At Kela, the Director General is responsible for risk assessment and prevention. The Internal Audit is responsible for evaluating the effectiveness and quality of the risk management process.
Examples of present-day risks include financial and data protection risks as well as cyber and data security threats. Identifying and assessing them is an integral part of our strategic planning and daily operations. By doing so, we ensure that we respond to the needs of our customers, partners and broader society according to our objectives.
Oversight and control over Kela’s operations
Supervised by the Finnish Parliament, Kela is an independent social security institution with its own administration and budget. With internal control, we ensure that we implement our strategy successfully. The Internal Audit can perform audits targeting any part of Kela's operations. It is a continuous and daily process, particularly in our operations related to benefit provision.
Strategic security guidelines
The operating environment of security is constantly changing. Systematic safety development enables Kela's strategic success.
Read more (PDF)Supervisory bodies
- Parliamentary Trustees
- Auditors appointed by the Trustees
- External auditors
- Kela's Board
- Audit Committee
- Internal Audit
- External Audit Firm
The most important task of the Trustees is to supervise Kela’s administration and operations in a way that ensures the quality and availability of Kela's services. They supervise all aspects of Kela’s operations. However, the Trustees do not carry out advance guidance with respect to Kela’s other decision-making bodies, such as its Board.
They can, for example, request reports, put forward proposals or express opinions on administrative matters. The supervision is usually exercised after the fact and mainly concerns issues of compliance. Parliament exercises supervision through the annual report submitted by the Trustees.
Minutes for general meetings are communicated to the auditors and to Kela’s Board. They are also made available on the Asiakirjat ja pöytäkirjat
Additional information
The external auditor and the chairperson of the auditor team are professional auditors. The rest of the auditor team typically consists of Members of Parliament.
The auditors confirm that
- Kela's Board has complied with the prevailing statutes and regulations
- Kela’s financial statement has been compiled in accordance with the Accounting Act and Kela’s governing act
- the financial statement portrays Kela’s finances and operational outcomes accurately and adequately
- Kela has followed good accounting practices
The audit community carries out auditing on a continual basis. The external audit usually focuses on such topics as investments, benefit income and expenditure, payroll and salaries, purchases and procurements, and central accounting.
Additional information
The Board’s responsibilities include:
- confirming Kela's operational and financial plan
- drawing up Kela’s annual report and financial statement
- Confirming Kela’s rules of procedure, which outline the administrative and operational practices
- deciding on Kela’s investment principles>
- deciding on the sale and purchase of fixed assets
- deciding on a division of responsibilities between the Director General and the other Directors
- placing high-level employees under a contract of employment
- confirming the compensation and other benefits of the Director General and the other Directors
- confirming the principles governing employees’ compensation, hours, annual holidays and travel allowances
- deciding other important matters and questions of principle.
The minutes of the Board’s meetings are communicated to the Trustees and the auditors. They are also made available on the Asiakirjat ja pöytäkirjat (Documents and minutes) page.
Additional information
The Audit Committee consist of at least five members. The committee is chaired by the chairperson of the Board, and its deputy chair is the deputy chairperson of the Board. The members include at least one Board member, the Director General and an external auditor. The head of the Internal Audit presents matters to the committee and serves as its secretary.
The Audit Committee helps the Board verify that Kela has a suitably extensive and adequate risk management function and internal audit system. It makes sure that Kela’s operations, risk management and internal audit are arranged in a way that complies with law, regulations and good management and administrative practices. Further, the Audit Committee supervises and provides guidance to the Internal Audit.
Read more
Internal Audit is an independent and objective function designed to carry out evaluations, perform analysis and offer consultation. It reports to Kela’s management on whether its internal oversight and risk management activities have been appropriate. Additionally, Internal Audit may carry out other designated responsibilities. It can perform audits targeting any part of Kela’s operations.