The foundation for well-functioning risk management is a well-implemented, sound and consistent risk culture. The Board of Directors sets the framework for the bank’s risk work and risk culture through the ERM Policy. The Group’s risk management is based on three lines of defence. Within the first line of defence lies operational risk management, the second line of defence consists of Group Risk and Group Compliance. Group Internal Audit constitutes the third line of defence.

Internal audit

Swedbank has an independent Internal Audit function, Group Internal Audit. The Chief Audit Executive is appointed by and reports to the Board and thus is independent of the executive management.

The purpose of Group Internal Audit’s reviews is to create improvements in the business operations by independently evaluating the bank’s governance, risk management and internal control processes. All of the bank’s activities and Group companies under the supervision of a financial supervisory authority as well as other Group companies that the Board of Directors considers material from time to time are the purview of Group Internal Audit. The assignment is based on a policy established by the Board and is performed using a risk-based methodology in accordance with internationally accepted standards issued by the Institute of Internal Auditors (“IIA”). Group Internal Audit prepares an annual risk analysis and an audit plan that are approved by the Board, and which can be revised and updated as needed. Audit reports are submitted to management and the conclusions, together with the measures that will be taken and their status, are compiled in quarterly reports and presented to the Group Executive Committee, the Audit Committee and the Board.

External audits

The external auditor is elected by the AGM and independently reviews the bank’s financial statements to determine whether they are materially accurate and complete and provide a fair view of the bank and its financial position and results. The auditor also ensures that the accounts are prepared according to current laws and recommendations. Moreover, the auditor reviews the Board and CEO’s management.

PricewaterhouseCoopers AB was elected at the AGM 2024 as Swedbank's auditor for the period until the end of the 2025 Annual General Meeting. Chief Auditor is Anneli Granqvist, authorised public accountant and FAR-licensed public accountant in financial undertakings.