Good corporate governance helps to foster open and honest relations between the Board of Directors, shareholders, customers and other stakeholders, such as the Bank’s employees and the general public. Corporate governance also provides the foundations for responsible management and decision-making, with the objective of generating lasting value. The Board of Directors places great importance on good corporate governance and re-evaluates its governance practices regularly on the basis of recognized guidelines on corporate governance.

Corporate Governance Statement of Arion Bank

The Corporate Governance Statement of Arion Bank hf. is based on the legislation, regulations and recognized guidelines which are in force at the time the Bank’s financial statement is adopted by the Board of Directors.

Corporate Governance Statement of Arion Bank

Excellence in corporate governance

Arion Bank was recognized as a company which has achieved excellence in corporate governance following a formal assessment based on the Icelandic Guidelines on Corporate Governance issued by the Icelandic Chamber of Commerce, SA – Business Iceland and Nasdaq Iceland, initially in December 2015 and again in April 2019. This recognition was granted following an in-depth assessment by an independent party of corporate governance at the Bank, including governance by the Board of Directors, sub-committees and management, performed by KPMG ehf. in the autumn of 2015. The recognition applies for three years at a time.

Compliance with guidelines on good corporate governance

According to the Financial Undertakings Act No. 161/2002 Arion Bank is obliged to comply with recognized guidelines on good corporate governance. The Bank complies with the fifth edition of the Icelandic Guidelines on Corporate Governance issued by Iceland Chamber of Commerce, SA – Business Iceland and Nasdaq Iceland, published in May 2015 and viewable on the website According to the guidelines a company shall state whether it has deviated from the guidelines, if so, which parts and also explain why it has done so. The Bank complies with the guidelines with one deviation.

Article 5.1.2. states that the rules of procedure of sub-committees of the Board shall be posted on the Bank’s website. The rules of the Board Credit Committee have not been published on the Bank’s website with respect to their nature.

The role of the Nomination Committee at Arion Bank is to promote good corporate governance and to facilitate informed decision-making by shareholders when selecting Board members to ensure that Board members have wide and versatile qualifications and experience. The Committee has an advisory role regarding the election of Board members and makes a proposal on their remuneration. At the Bank’s annual general meeting on 20 March 2019 two members of the Nomination Committee were elected, Christopher Felix Johannes Guth and Sam Taylor. At a shareholders’ meeting on 9 August 2019 Júlíus Þorfinnsson was elected to replace Christopher Felix Johannes Guth on the Nomination Committee. The third Nomination Committee member is appointed by the Board in accordance with the rules of procedure of the Nomination Committee. The third member is Herdís Dröfn Fjeldsted, Vice Chairman of the Board of Directors.

Legal framework for the Bank’s operation

Arion Bank is a financial institution which operates in accordance with the Financial Undertakings Act No. 161/2002. Acts of law which also apply to the Bank’s operations include e.g. the Securities Transactions Act No. 108/2007, Act on Undertakings for Collective Investment in Transferable Securities (UCITS), Investment Funds and Professional Investment Funds No. 128/2011, Act on Payment Services No. 120/2011, Act on Measures Against Money Laundering and Terrorist Financing No. 140/2018, Act on Consumer Mortgages No. 118/2016, Consumer Loans Act No. 33/2013, Competition Act No. 44/2005 and Public Limited Companies Act No. 2/1995.

The Bank is a universal bank which provides a comprehensive range of financial services relating to savings, loans, asset management, corporate finance and capital markets. The Bank was listed on Nasdaq Iceland and Nasdaq Sweden on 15 June 2018. The Bank has also issued financial instruments which have been admitted for trading on regulated securities markets in Iceland, Norway and Luxembourg. The Bank is therefore subject to the disclosure requirements of issuers pursuant to the Securities Transactions Act and the rules of the relevant stock exchanges.

The Financial Supervisory Authority (FME), which from 1 January 2020 is part of the Central Bank of Iceland, supervises the operations of Arion Bank in accordance with the provisions of Act No. 87/1998 on the Official Supervision of Financial Operations. Further information on the FME and an overview of the legal and regulatory framework applicable to the Bank, and the FME’s guidelines, can be seen on the FME’s website, Numerous other pieces of legislation apply to the operations of financial undertakings.

Internal controls, auditing and accounting

Internal control

Internal control at Arion Bank is organized into three lines of defence with the aim of ensuring effectiveness, defining responsibility and coordinating risk management. This structure is also designed to foster a sense of risk awareness and responsibility among all employees of the Bank.

The set-up distinguishes between the following roles:

  • People who bear responsibility for risk and manage risk
  • People who monitor and check internal controls
  • People who perform independent surveys of the effectiveness of internal controls

The first line of defence is made up of people who have day-to-day supervision of operations and its organization. They are responsible for establishing and maintaining effective internal controls and managing risk in day-to-day operations. This involves identifying and evaluating risk and putting in place appropriate countermeasures to reduce risk. The first line of defence is responsible for supervising the implementation of internal rules and processes in compliance with the law, regulations and the Bank’s strategy and it must ensure that all actions are in compliance with established procedures and that corrective action is taken if any deficiencies are detected.

The second line of defence is set up to ensure that the first line of defence has established adequate internal controls which work as intended. Risk Management and Compliance are the main participants in the second line of defence, although other units may also be assigned specific monitoring roles.

The third line of defence is Internal Audit, which keeps the Board and management informed of the quality of corporate governance, risk management and internal controls, including by performing independent and objective audits.


Compliance is an independent control function which reports directly to the CEO and works in accordance with a special charter from the Board.

The main role of Compliance is to ensure that the Bank has in place proactive measures to reduce the risk of rules being breached in the course of its activities. Compliance is also responsible for coordinating the Bank’s measures against money laundering and terrorist financing to reduce the risk of the Bank's services being used for illegal purposes. In September 2019 the Compliance Officer also took over the role of Data Protection Officer. Arion Bank cares about data protection and our customers' personal data. We aim to ensure that personal data is processed legally, fairly and transparently. The Bank has adopted a data protection policy which can be seen on the Bank's website.

The duties of Compliance are carried out under a risk-based compliance plan approved by the Board of Directors, including a monitoring and training schedule for employees which addresses the laws and rules under which the Bank operates. Compliance provides the Board of Directors with a quarterly report on its activities.

Risk Management

A central feature of the activities of all financial companies is carefully calculated risk-taking according to a predetermined strategy. Arion Bank thus takes risk compatible with its risk appetite, which is regularly reviewed and approved by the Board of Directors. The Bank’s risk appetite, set by the Board, is translated into exposure limits and targets that are monitored by Risk Management. The Board is responsible for Arion Bank’s internal capital adequacy assessment process, the main objective of which is to ensure that Arion Bank understands its risk profile and has systems in place to assess, quantify and monitor its total risk exposure.

The Bank’s Risk Management division is headed by the Chief Risk Officer. It is independent and centralized and reports directly to the CEO. Risk Management comprises three departments whose role is to analyze, monitor and regularly report to the CEO and Board of Directors on the risks faced by the Bank

Pillar 3 Risk Disclosures

Further on Risk Management

Internal Audit

The Internal Auditor is appointed by the Board of Directors and reports directly to the Board. The Board sets the Internal Auditor a charter which sets out the responsibilities associated with the position and the scope of the work. The role of the Internal Auditor is to provide independent and objective assurance and advice designed to add value and improve the Bank's operations. The scope of the audit is the Bank, its subsidiaries and pension funds serviced by Arion Bank.

Internal Audit is governed by the audit charter, the FME’s guidelines on the internal audit function in financial institutions and international standards on internal auditing.

Accounting and auditing

The Bank’s Finance division is responsible for preparing the accounts and this is done in accordance with the International Financial Reporting Standards (IFRS). The Bank publishes its financial statement on a quarterly basis and management statements are generally submitted to the Board ten times a year. The Board Audit Committee examines the annual financial statement and interim financial statements, while the external auditors review and audit the accounts twice a year. The Board Audit Committee gives its opinion on the accounts to the Board of Directors, which then approves and endorses the accounts.

Cornerstones and code of ethics

Arion Bank’s cornerstones is the name used to describe the Bank’s core values. The cornerstones are designed to provide guidance when making decisions and in everything else employees say and do. They refer to the Bank’s role, attitude and conduct. Arion Bank’s cornerstones are we make a difference, we get things done and we say what we mean.

The management and employees of Arion Bank are conscious of the fact that the Bank’s activities affect different stakeholders and society at large. The Bank’s code of ethics is designed to serve as a key to responsible decision-making at Arion Bank. The code of ethics is approved by the Board of Directors.


Arion Bank’s sustainability policy bears the title Together we make good things happen and signifies that the Bank wants to act as a role model in responsible and profitable business practices, taking into account the environment, the economy and the society in which we live and work.

Arion Bank shows its commitment to sustainable banking by making a difference to our customers and performing our role as a financial institution conscientiously and responsibly. Arion Bank takes an active role in our society and its development. Financial institutions are one of the pillars of society and our role is to help our customers, both individuals and companies, reach their goals. We place great importance on doing things fairly with the interests of our customers, employees, investors and the community at heart.

Arion Bank has been a partner of Festa, the Icelandic Center for Corporate Social Responsibility, for several years and since 2014 has been a signatory to the CEO Statement of Support for the Women’s Empowerment Principles (UN Women and UN Global Compact). In 2015 the Bank signed the City of Reykjavík and Festa’s Declaration on Climate Change and has published its environmental accounts since 2016. Arion Bank has been a signatory to the UN Global Compact, the UN's initiative to encourage businesses to adopt sustainable and socially responsible practices, since the end of 2016. The Bank has also complied with the UN’s Principles for Responsible Investment (UN PRI) since the end of 2017. In September 2019 the Bank became a signatory to the UN Principles for Responsible Banking (UN PRB), the goal of which is to align banking with international goals and commitments such as the UN Sustainable Development Goals and the Paris Climate Agreement.

Arion Bank’s activities are governed by the provisions of the Annual Accounts Act on non-financial reporting, which, among other things, apply to the status and influence of the company in respect of environmental, social and human resources issues. Non-financial reporting in the annual report is based on the Global Reporting Initiative, GRI Core and the ESG reporting guide for the Nasdaq Nordic and Baltic exchanges.

In December 2019 the Board of Directors adopted a new environment and climate policy. Under the new policy the Bank will focus its attention on financing projects on sustainable development and green infrastructure, require that suppliers take into account the environmental and climate impact of their activities and reduce its own greenhouse gas emissions by 40% by 2030.

Further on sustainability

Board of Directors and committees

The main duty of the Board of Directors of Arion Bank is to manage the Bank between shareholders’ meetings according to applicable laws, regulations and articles of association. The Board tends to those operations of the Bank which are not considered part of the day-to-day business, i.e. it makes decisions on issues which are unusual or of a significant nature. One of the Board’s main duties is to supervise the Bank’s activities. The Board’s work, duties and role are defined in detail in the rules of procedure of the Board of Directors, which have been established on the basis of Article 54 of the Financial Undertakings Act, Article 70 of the Public Limited Companies Act No. 2/1995, FME Guidelines No. 1/2010, and the articles of association of the Bank. The rules of procedure of the Board of Directors can be found on the Bank’s website.

The Board of Directors appoints a Chief Executive Officer who is responsible for the day-to-day operations in accordance with a strategy set out by the Board. The Board of Directors and the Chief Executive Officer shall carry out their duties with integrity and ensure that the Bank is run in a sound and reasonable manner in the interests of the customers, the community, the shareholders and the Bank itself, cf. Article 1 (1) of the Financial Undertakings Act. The Chief Executive Officer shall ensure that the Board receives sufficient support to carry out its duties.

The Board of Directors is generally elected for a term of one year at the Bank’s annual general meeting. At Arion Bank’s annual general meeting on 20 March 2019, six Directors and three Alternates were elected to the Board of Directors. At a shareholders’ meeting on 9 August 2019, two Directors were elected to the Board, Paul Horner and Gunnar Sturluson. Benedikt Gíslason, who had been a Director since 2018, resigned from the Board when he was appointed CEO of Arion Bank.

The elected Board Directors have diverse backgrounds and extensive skills, experience and expertise. When electing the Board care is taken to ensure at least 40% representation of each gender among Directors and Alternates. Currently the Board consists of four men and three women.

Information on the independence of Directors is published on the Bank’s website before the annual general meeting or a shareholders’ meeting where a Board member is to be elected. The minutes of the annual general meeting and shareholders’ meetings are also published on the Bank’s website.

The Board of Directors meets at least ten times a year. In 2019 the Board met on 14 occasions. The Chairman of the Board is responsible for ensuring that the Board performs its role in an efficient and organized manner. The Chairman chairs Board meetings and ensures that there is enough time allocated to the discussion of important issues and that strategy issues are discussed thoroughly. The Chairman is not permitted to undertake any other work for the Bank unless part of the normal duties of the Chairman.

According to the Board’s Rules of Procedure the Board is permitted to establish committees to discuss particular areas of the Bank’s operations. No later than one month following the annual general meeting the Board appoints members to each of its sub-committees and assesses whether it is necessary to appoint external members to certain committees in order to bring in a greater level of expertise. One of the committee members in the Board Audit Committee, Heimir Þorsteinsson, is not a Board member and is independent of the Bank and its shareholders.

The Board sub-committees are as follows:

  • Board Audit Committee (BAC): Its main task is, inter alia, to guarantee the quality of the financial statement and other financial information from the Bank and the independence of its auditors. The Committee also assists the Board in meeting its responsibility to ensure an effective system of internal controls and compliance and for meeting its external financial reporting obligations under applicable laws and regulations. The Committee met six times in 2019.
  • Board Risk Committee (BRIC): The Committee’s main role is, inter alia, to evaluate the Bank’s risk policy and risk appetite and to have a thorough knowledge of the risk assessments and methods used to manage risk employed by the Bank. Committee members should have the qualifications and experience necessary to be able to discharge their duties including forming the Bank's risk policy and risk appetite. The Committee met eight times in 2019 and a joint meeting was held with the Board Remuneration Committee.
  • Board Credit Committee (BCC): Its main task is to attend to credit issues which exceed the credit limits of its sub-committees. The Committee met 16 times in 2019.
  • Board Remuneration Committee (BRC): The Committee’s main task is to advise the Board on the terms of remuneration to the Chief Executive Officer and other employees hired directly by the Board. Regular tasks at committee meetings are to review the remuneration policy, the human resources policy, salary distribution and the incentive system, if one is in place. The Bank’s remuneration policy shall be examined and approved by a shareholders’ meeting annually. The Committee met four times in 2019 and a joint meeting was held with the Board Risk Committee.

Sub-committees regularly inform the Board of their activities. Furthermore, the Board has access to all material used by the sub-committees and their minutes.

Overview of the attendance of individual Directors and committee member

Board (14)
BAC (6) BRIC (9)
BCC (16)
BRC (5)
 Eva Cederbalk (1)  1 Jan - 20 Mar 4
- - 3
 Brynjólfur Bjarnason  1 Jan - 31 Dec 14
- 15
 Herdís D. Fjeldsted  1 Jan - 31 Dec 14
 - - 5
 Benedikt Gíslason (2)  1 Jan - 26 Jun 5 - 3 - 3
 Gunnar Sturluson  9 Aug - 31 Dec 4
 Liv Fiksdahl  20 Mar - 31 Dec 9
- -
- 2
 Måns Höglund (3)  1 Jan - 20 Mar 4
- 4
 Renier Lemmens  20 Mar - 31 Dec 9
2 3
- -
 Paul Horner  9 Aug - 31 Dec 4
- -
 Steinunn Kr. Þórðardóttir  1 Jan - 31 Dec 14
- 9
15 -
 Ólafur Ö. Svansson  1 Jan - 31 Dec 7
- 1
 Sigurbjörg Á. Jónsdóttir  1 Jan - 31 Dec 1 - - - -
 Þórarinn Þorgeirsson  1 Jan - 20 Mar - - - - -
 Þröstur Ríkharðsson  20 Mar - 31 Dec 1
 Heimir Þorsteinsson  26 Jul - 31 Dec - 6
- - -

The Board carries out an annual performance appraisal, at which it assesses its work, the necessary number of Board Directors, the Board composition with respect to experience and skills, working procedures and methods, the performance of the CEO, their achievements and the work of the subcommittees with respect to the aforementioned. This appraisal was last performed by the Board during the period October 2019 to January 2020.

(1) Eva Cederbalk stepped down from the Board of Directors on 20 March 2019.
(2) Benedikt Gíslason stepped down from the Board of Directors on 26 June 2019 and took over as CEO on 1 July 2019.
(3) Måns Höglund stepped down from the Board of Directors on 20 March 2019.

Arion Bank Governance overview


Communication between the shareholders and the Board of Directors

The main venue at which the Board and the Bank report information to the shareholders and propose decisions to be made is at legally convened shareholders’ meetings. The Bank provides an effective and accessible arrangement for communications between shareholders and the Board of Directors between those meetings. Any information sensitive to the market will be released through a MAR press release. As part of the investor relations programme, Arion Bank has also arranged quarterly meetings where the CEO, CFO and Investor Relations present the interim financial results.

Chief Executive Officer

Benedikt Gíslason

Benedikt was born in 1974. Benedikt was appointed CEO on 1 July 2019.

Benedikt joined FBA (later Íslandsbanki) in 1998, held a variety of managerial positions at Straumur-Burðarás, was managing director of capital markets at FL Group and was managing director of the investment banking division of MP Bank. Benedikt worked as a senior advisor for Iceland’s Ministry of Finance and Economic Affairs and was vice-chairman of a government task force on the liberalization of the capital controls between 2013 and 2016. He served on the board of directors of Kaupthing from 2016 to 2018 and was an advisor to Kaupthing on matters relating to Arion Bank. Benedikt was elected to the Board of Directors of Arion Bank in September 2018 and served on the Board until his appointment as CEO.

Benedikt gained a C.Sc. in mechanical and industrial engineering from the University of Iceland in 1998.

Executive Committee

The Bank’s Executive Committee consists of the following people and the CEO:

  • Ásgeir H. Reykfjörð Gylfason, Deputy CEO and Managing Director of Corporate & Investment Banking
  • Gísli S. Óttarsson, Chief Risk Officer
  • Iða Brá Benediktsdóttir, Managing Director of Retail Banking
  • Margrét Sveinsdóttir, Managing Director of Markets
  • Stefán Pétursson, Chief Financial Officer

Information on violations of laws and regulations and legal cases

Arion Bank has not been denied registration, authorization, membership or permission to conduct certain business, activity or operations. The Bank has not been subject to withdrawal, revocation or dismissal of registration, authorization, membership or permission. Information on the main legal cases relating to Arion Bank and a settlement with the Financial Supervisory Authority can be found in the notes to the annual financial statement.

The Board of Directors annually reviews and approves the Corporate Governance Statement.

This Corporate Governance Statement was examined and approved at a meeting of the Board of Directors on 12 February 2020.