Risk management and oversight | About Kela | KelaSkip to content

Risk management and oversight

The purpose of risk management and oversight is to ensure that we run our operations efficiently and securely and comply with the current statutes and operating principles.

Risk management

We actively assess and monitor our risks and risk management efforts and continuously develop our operations. At Kela, the Director General is responsible for risk assessment and prevention. The Internal Audit is responsible for evaluating the effectiveness and quality of the risk management process.

Examples of present-day risks include financial and data protection risks as well as cyber and data security threats. Identifying and assessing them is an integral part of our strategic planning and daily operations. By doing so, we ensure that we respond to the needs of our customers, partners and broader society according to our objectives.

Oversight and control over Kela’s operations

Supervised by the Finnish Parliament, Kela is an independent social security institution with its own administration and budget. With internal control, we ensure that we implement our strategy successfully. The Internal Audit can perform audits targeting any part of Kela's operations. It is a continuous and daily process, particularly in our operations related to benefit provision.

Supervisory bodies

  • Parliamentary Trustees
  • Auditors appointed by the Trustees
  • External auditors
  • Kela's Board
  • Audit Committee
  • Internal Audit
  • External Audit Firm

The most important task of the Trustees is to supervise Kela’s administration and operations in a way that ensures the quality and availability of Kela's services. They supervise all aspects of Kela’s operations. However, the Trustees do not carry out advance guidance with respect to Kela’s other decision-making bodies, such as its Board.

They can, for example, request reports, put forward proposals or express opinions on administrative matters. The supervision is usually exercised after the fact and mainly concerns issues of compliance. Parliament exercises supervision through the annual report submitted by the Trustees.

Minutes for general meetings are communicated to the auditors and to Kela’s Board. They are also made available on the Asiakirjat ja pöytäkirjat

Additional information

The external auditor and the chairperson of the auditor team are professional auditors. The rest of the auditor team typically consists of Members of Parliament.

The auditors confirm that

  • Kela's Board has complied with the prevailing statutes and regulations
  • Kela’s financial statement has been compiled in accordance with the Accounting Act and Kela’s governing act
  • the financial statement portrays Kela’s finances and operational outcomes accurately and adequately
  • Kela has followed good accounting practices

The audit community carries out auditing on a continual basis. The external audit usually focuses on such topics as investments, benefit income and expenditure, payroll and salaries, purchases and procurements, and central accounting.

Additional information

The Board’s responsibilities include:

  • confirming Kela's operational and financial plan
  • drawing up Kela’s annual report and financial statement
  • Confirming Kela’s rules of procedure, which outline the administrative and operational practices
  • deciding on Kela’s investment principles>
  • deciding on the sale and purchase of fixed assets
  • deciding on a division of responsibilities between the Director General and the other Directors
  • placing high-level employees under a contract of employment
  • confirming the compensation and other benefits of the Director General and the other Directors
  • confirming the principles governing employees’ compensation, hours, annual holidays and travel allowances
  • deciding other important matters and questions of principle.

The minutes of the Board’s meetings are communicated to the Trustees and the auditors. They are also made available on the Asiakirjat ja pöytäkirjat (Documents and minutes) page.

Additional information

Board of Directors - kela.fi

The Audit Committee consist of at least five members. The committee is chaired by the chairperson of the Board, and its deputy chair is the deputy chairperson of the Board. The members include at least one Board member, the Director General and an external auditor. The head of the Internal Audit presents matters to the committee and serves as its secretary.

The Audit Committee helps the Board verify that Kela has a suitably extensive and adequate risk management function and internal audit system. It makes sure that Kela’s operations, risk management and internal audit are arranged in a way that complies with law, regulations and good management and administrative practices. Further, the Audit Committee supervises and provides guidance to the Internal Audit.

Read more

Internal Audit is an independent and objective function designed to carry out evaluations, perform analysis and offer consultation. It reports to Kela’s management on whether its internal oversight and risk management activities have been appropriate. Additionally, Internal Audit may carry out other designated responsibilities. It can perform audits targeting any part of Kela’s operations.

Reports under the Whistleblower Act

The Whistleblower Act provides protection for a person who reports a breach of certain laws. You can submit a report as specified in the Act if, in the course of your work, you detect or suspect a breach of law in Kela’s operations. The application of acts governing benefits does not fall within the scope of the Whistleblower Act.

You may be eligible for protection under the Whistleblower Act if the information you report was obtained in a work-related context and you also have a legitimate reason for believing that your information is correct and that the suspected breach falls within the scope of the act. Before submitting a report, familiarise yourself with the general requirements for making a report, the scope of the application of the Act, and the protection provided under the Act.

If you suspect a breach of law, please submit your report primarily to Kela at compliance@kela.fi.

In some cases, you can submit a report to the centralised external reporting channel of the Office of the Chancellor of Justice. Intentionally reporting false information is a punishable act and may result in liability for damages.

The Say No to Corruption - campaign

Corruption is the abuse of influence to achieve an unjustified advantage.

This may involve criminal acts or otherwise inappropriate activities. Private individuals, officials, politicians and employees in the business sector can act corruptly.

Vulnerable to corruption are, for example, decision-making, public procurement, critical functions and information.

Kela participates in the Say No to Corruption campaign coordinated by the Ministry of Justice. In the campaign, Kela's management commits to resisting corruption and promoting open and fair operations. Kela does not accept any form of corruption from its employees or partners.

Read more about the campaign on the Ministry of Justice's web site.

Last modified 31/1/2024

What do you think of this page?