Financial Supervisory Authority of Norway identifies governance and risk appetite gaps in on-site inspection of SpareBank 1 Østlandet

The Financial Supervisory Authority of Norway (Finanstilsynet) published an on-site inspection report on SpareBank 1 Østlandet assessing the group’s internal governance and risk management system. Finanstilsynet’s overall conclusion is that the bank has a governance framework that is largely tailored to its business, but with several areas that should be strengthened. Key improvement areas include earlier and clearer board involvement in strategy and risk appetite work, stronger governance of ownership interests and aggregated “ownership risk” linked to the SpareBank 1 alliance and other jointly controlled entities, and further development of the risk appetite framework. Finanstilsynet also calls for sharper, more forward-looking risk and compliance reporting that is more directly tied to the board-approved risk appetite and better supports discussion of overall risk levels, including material single-name and credit exposures. Control functions for risk management and compliance are expected to be more engaged in discussions on significant risk exposures, and the authority highlights the need for sufficient internal audit resourcing. The bank indicated it will review the risk appetite framework and consider changes, and Finanstilsynet notes that from August 2025 the CRO has become a permanent participant in the credit committee with the right to require board treatment of individual cases, with mandates to be updated accordingly. The bank also stated that the authority’s comments are being taken into account in work on a new group strategy intended to apply from 2026, and Finanstilsynet asked the bank to provide a copy of the final inspection report to its external auditor.