Operations in accordance with the appropriate laws and regulations

Íslandsbanki is a financial company and operates in accordance with relevant regulations in the field of financial markets, which frame its governance. The main laws that apply to the bank's operations are the Act on Financial Undertakings no. 161/2002, the Act on Recovery and Resolution of Credit Institutions and Investment Firms no. 70/2020, the Act on Markets for Financial Instruments no. 115/2021, the Act on Payment Services no. 120/2011, the Act on Measures against Money Laundering and the Financing of Terrorist Activities no. 140/2018, the Act on Mortgage Credit to Consumers no. 118/2016, the Act on Consumer Credit no. 33/2013, the Act on Competition no. 44/2005 and the Act on Public Limited Companies no. 2/1995, which along with the Íslandsbanki's Articles of Association lay the foundation for the Bank's existence and activities.

Compliance

The Bank's Compliance Officer is hired by the CEO, subject to Board confirmation. The Compliance Officer operates under the terms of a mandate letter approved by the Board. The Compliance Officer maintains an independent position within the Bank's organisation and is responsible for monitoring and assessing regularly whether the Bank's operations, regarding securities transactions, are in compliance with applicable law. Furthermore, the Compliance Officer is responsible for assessing and monitoring the Bank's compliance with Act on Measures against Money Laundering and Terrorist Financing no. 140/2018 and the Bank's responsible officer under the US Foreign Account Tax Compliance Act (FATCA) and the OECD Common Reporting Standard (CRS).

Internal audit

The Chief Audit Executive is appointed by the Board, reports directly to the Board and directs Group Internal Audit with a mandate from the Board. Group Internal Audit operates independently from other departments in accordance with article 16 of the Act on Financial Undertakings no. 161/2002. The department provides the Board with independent and objective assurance over the effectiveness of risk management, control and governance processes. The responsibilities and authorisations of the Chief Audit Executive and Group Internal Audit are further outlined in the Group Internal Audit Charter.

Ernst & Young ehf. was re-elected as the Bank's external audit firm at the Bank's Annual General Meeting 2023.