- Compliance function
- Risk management
- The Board of Director’s responsibolities
- The CEO's responsibilities
- The CFO's responsibilities
- The directors' responsibilities
- Internal Auditing
Internal monitoring ensures that Yle's strategic and operative objectives are met, information concerning the operations is reliable, the company is managed efficiently, resources are used in an efficient and economical manner, and laws, principles and guidelines are complied with.
Yle’s Board of Directors sets the objectives for internal monitoring and is responsible for organising sufficient internal monitoring. The responsibility to execute and follow up internal monitoring rests with the CEO and the rest of the organisation. Internal monitoring is part of Yle’s daily operations and involves all employees. Internal monitoring is developed on an ongoing basis as part of the company’s planning, management and operating processes.
The duty of the compliance function is to assist the company’s management and organisation in matters related to compliance with norms.
Yle has an action model in place to support the compliance function and help secure that there is a shared understanding throughout the company of the binding norms and the operating methods to ensure compliance with such norms, the company’s values and ethical guidelines. Yle’s Board of Directors approves the company’s ethical guidelines.
Yle's Board of Directors has approved the compliance principles that ensure that the company operates in accordance with laws and regulatory requirements as well as internal guidelines. The audit committee of the Board of Directors annually reviews the compliance report and the annual plan for the following year. The compliance function is also assisted by the ethics team, which assesses the promotion of compliance and, when needed, prepares company-level policies and recommendations. The team includes the head of responsible operations, HR director, manager responsible for risk management and security, the units’ representative and a personnel representative.
The Board of Directors monitors that the compliance of Yle’s operations is ensured in an appropriate manner and reviews the key compliance risks related to the company’s operations. Compliance risks are associated with nearly all operations, and the responsibility for managing these risks rests with the units involved.
The CEO ensures that the measures necessary for securing the compliance of the operations are taken. The Management Group assists the CEO in this. The compliance function reports its key observations and recommendations to the CEO and Management Group as needed and at least once per year.
The Board of Directors appoints the responsible editors who manage and monitor the programming operations. The responsible editors manage and monitor the editorial work and make decisions concerning the contents of programmes or online publications in accordance with the Act on the Exercise of Freedom of Expression in Mass Media. The responsible editors ensure the compliance of Yle’s publishing operations. When needed, the compliance function reports to the responsible editors on compliance risks and cases related to the management and monitoring of editorial work and the publishing operations.
Each Yle employee is, for their part, responsible for ensuring that the laws and internal guidelines related to their work and duties are complied with.
Responsible operations are reported as part of the company’s annual responsibility reporting.
Yle has a reporting system named the ethics channel in place for personnel to report suspected or observed violations and to do so anonymously, if needed.
Risk management is part of internal monitoring and good governance at Yle. Risk management refers to the continuous identification, assessment and management of the risks Yle encounters in its operations and related to its operations. Risk management covers all levels and risk types of Yle’s operations.
The purpose of risk management is to identify the key risk factors with regard to Yle’s operations and to manage them optimally so that the company’s strategic, operational and financial objectives are met and the events that damage the company’s reputation are minimised. Systematic risk management helps reduce the probability of the realisation of negative risks and decrease their adverse impact on the operations.
Yle’s Board of Directors has confirmed the risk management principles that govern the management of risks. The principles define the responsibilities and roles related to risk management and the ways to identify, assess and monitor risks.
Yle’s Board of Directors is responsible for ensuring that the company has an extensive risk management process and control system in place.
The Board of Director’s tasks include:
- confirming the risk management principles and ensuring that the principles are up to date;
- regularly assessing the sufficiency and appropriateness of risk management;
- approving the risks related to the selection of strategy in connection with confirming the strategy;
- discussing and making decisions on the significant risks submitted to it for discussion.
The matters related to risk management that are the responsibility of the Board of Directors are first discussed in the audit committee, which submits its proposal and reports on its work to the Board of Directors.
The CEO is responsible for ensuring that the company’s risk management is in accordance with the principles approved by the Board of Directors.
The CEO, who is assisted by the company’s Management Group, is responsible for
- together with the CFO, preparing policies related to the development of risk management for the Board of Directors to discuss;
- ensuring that the company’s Board of Directors receives sufficient information on the risks related to the operations and the management thereof;
- monitoring that the most important company-level risks encountered in the operations are reviewed and reported to the Board of Directors;
- taking strategic risks into consideration in the planning of the operations;
- ensuring that risk management has been organised appropriately.
The CFO is responsible for ensuring that the processes and policies comply with the principles confirmed by the Board of Directors and the objectives set by the CEO.
CFO is also responsible for
- ensuring that risk management is sufficient and appropriate;
- ensuring that the development of risk management is goal-oriented;
- ensuring that the monitoring of financial risks organised as part of internal monitoring;
- approving the principles concerning the measurement and valuation of financial risks and the methods to measure such risks.
The directors of the units and joint operations are responsible for the identification and management of risks in their respective areas of operation.
The directors are responsible for
- including risk management in the normal daily activities;
- ensuring that units and functions comply with the risk management principles and process;
- ensuring that employees recognise the risks related to their own operations and the procedures related to risk management;
- ensuring that sufficient and appropriate controls have been defined in the different stages of the processes;
- taking into consideration the most significant company-level risks or risks caused by their own actions to other units, in addition to the risks in their own responsibility areas;
- reporting to the Risk Management function on their most significant risks, changes taking place therein and the impacts of the risk management measures.
In addition, all Yle employees take risks into consideration in their own work and report observed risks to their supervisor.
With the help of Internal Auditing, the Board of Directors, its audit committee and the CEO ensure that risk management is carried out in accordance with the risk management principles and related decisions.
Internal Auditing supports Yle's Board of Directors in the monitoring of the adequacy, functioning and effectiveness of internal monitoring by providing objective assessment and consulting concerning the state of internal monitoring and risk management.
Internal Auditing supports the executive management in meeting its objectives by giving recommendations to develop operating methods, processes and controls. Internal Auditing systematically assesses the efficiency of internal monitoring and risk management as well as the administrative, management and monitoring processes.
Internal Auditing reports to the Board of Directors. Audits are conducted by both Yle’s own and external resources.
In 2018, the company’s auditors were APA Virpi Halonen and KPMG Oy Ab, authorised public accountants, with APA Petri Kettunen as the principal auditor, until the Annual General Meeting held on 8 May 2018. The Annual General Meeting elected APA Virpi Halonen and KPMG Oy Ab with APA Petri Sammalisto as the appointed principal auditor, as the auditors of Yleisradio Oy.
The auditors were paid EUR 43,818 for the statutory audit for the 2018 financial period.
Yle has used the consulting services provided by KPMG Oy Ab in various projects related to the development of the company’s operations and paid a total of EUR 112,567 for these services.
Finnish Transport and Communication Agency Traficom
The legality of Yleisradio’s operations is supervised by Finnish Transport and Communication Agency Traficom.
In accordance with section 12a of the Act on Yleisradio Oy (Finnish Broadcasting Company), Traficom monitors the differentiation of Yle’s commercial operations and the prohibition of price undercutting in the commercial operations as well as the prohibition of advertising and sponsoring. Traficom does not monitor the implementation of the public service mission referred to in section 7 of the Act of Yleisradio Oy (Finnish Broadcasting Company). Instead, this mission is monitored by the Administrative Council of Yleisradio and the Parliament through the report submitted to it by the Administrative Council.
In accordance with the Information Society Code, the Finnish Transport and Communication Agency Traficom monitors, among other things, the implementation of the requirement to include European programming in the service provided by Yle and the fulfilment of the independent producer quota (“indie quota”), accessibility of Yle’s programming to individuals with vision or hearing impairments, and the sponsorship prohibition concerning programmes produced by Yle. In addition, Traficom monitors Yle’s operations in the role of a general controller of legality with regard to the use of radio frequencies, for example.
Related party transactions
Yle has related party guidelines approved by the Board of Directors in place, which define the composition of the related party, the related party transactions and the reporting of any related party transactions. Yle maintains a related party register, which includes the persons and organisations included in the company’s related party, the nature of each related party relationship, and the related party transactions.