AI Terminal
Citycon Oyj
Governance Information • Feb 15, 2024
3215_cgr_2024-02-15_21b08229-083a-4fed-8e97-5358b96564c9.pdf
Governance Information
Open in ViewerOpens in native device viewer
Contents
Introduction.................................................................................. 3
| Descriptions concerning corporate governance | 4 |
|---|---|
| 1. General Meeting of Shareholders5 |
|
| 2. Board of Directors5 |
|
| 3. Board Committees9 |
|
| 4. Chief Executive Officer (CEO)10 |
|
| 5. Corporate Management Committee 10 |
|
| 6. Remuneration11 |
Descriptions of internal control procedures and
| the main features of risk management systems 12 |
|
|---|---|
| 1. General description of risk management12 |
|
| 2. General description of internal control13 |
|
| 3. International COSO framework as the foundation |
|
| for internal control14 | |
| 4. Control activities14 |
|
| 5. Information and communication14 |
|
| 6. Monitoring activities 14 |
| Other information 15 |
|
|---|---|
| 1. Description of the organisation of the company's |
|
| internal audit and the main principles followed in | |
| the internal audit15 | |
| 2. Related party transactions 15 |
|
| 3. Main procedures relating to insider administration 16 |
Corporate Governance Statement
Sustainability Accounts
Financial Review
in 2023.
Explains Citycon's structure of governance and the Board of Directors' activities in 2023.
Describes Citycon's environmental and social performance, as well as sustainability highlights
Covers Citycon's financial performance in 2023, operational key figures, the report by the Board of Directors and the risk management review.
Remuneration Report
Provides information on the remuneration of the Board of Directors and the CEO, and it also describes how the Remuneration Policy for Governing Bodies has been implemented.
How to read Citycon's 2023 reports
Our reporting in 2023 consists of the Financial Review, the Sustainability Accounts, the Corporate Governance Statement and the Remuneration Report. More information on Citycon, our strategy and value creation can be found on company website.
To make the report more reader-friendly, this report, as well as supplementary information and additional case examples, can be found on our webpage. You can recognise the links to this material through this symbol: Read more
Citycon Group's Corporate Governance Statement for the Financial Year 2023
Introduction
Citycon Oyj (Citycon or company) is a Finnish public limited liability company listed on the Nasdaq Helsinki Ltd (the Helsinki Stock Exchange). Citycon and its subsidiaries constitute the Citycon group.
Citycon's corporate governance principles are based on legislation in force in Finland, the rules and regulations issued for listed companies by the Helsinki Stock Exchange and the Finnish Financial Supervisory Authority (FIN-FSA) as well as Citycon's Articles of Association. Corporate governance in Citycon's subsidiaries is also governed by the laws of the country of their domicile, and by each subsidiary's Articles of Association. In addition, Citycon applies the Finnish Corporate Governance Code 2020 published by the Finnish Securities Market Association as well as Citycon's Code of Conduct and Corporate Governance Guidelines.
This corporate governance statement (CG Statement) has been prepared in accordance with the recommendations of the Corporate Governance Code 2020 (Corporate Governance Code).
In 2023, Citycon complied with the recommendations of the Corporate Governance Code with one exception. As provided by the comply or explain principle of the Corporate Governance Code, Citycon departs from the Corporate Governance Code's recommendation concerning the restriction concerning the CEO (recommendation 21) whereby the CEO shall not be elected chair of the Board of Directors. Citycon's CEO, F. Scott Ball, was elected as the Deputy Chairman of the Board of Directors in the Board of Directors' organising meeting on 21 March 2023. The Board of Directors considered that the election of F. Scott Ball as deputy chairman of the Board of Directors further improve the dialog between operational management and the Board of Directors in the current challenging macroeconomic environment and it does not compromise the duty of the Board of Directors to supervise the CEO. Citycon's Board of Directors has two deputy chairmen to minimise the risk for any conflict of interest.
This CG Statement has been prepared as a separate report, distinct from the Report by the Board of Directors. The Audit and Governance Committee of the
Board of Directors has reviewed the CG Statement on 14 February 2024. Ernst & Young Oy, the company's auditor, has verified that the CG Statement has been issued and that the descriptions of the internal control procedures and the main features of risk management systems related to the financial reporting process are consistent with the company's Financial Statements.
This CG Statement was published on 15 February 2024 simultaneously with Citycon's Financial Statements and the Report by the Board of Directors for 2023.
Read more
The Corporate Governance Code is available on the Securities Market Association's website at cgfinland.fi. This CG Statement and the same statements for previous years since 2010 are available on the company's website at citycon.com/corporate-governance.
Descriptions concerning Corporate Governance
Citycon's statutory bodies are the General Meeting of Shareholders, the Board of Directors and the CEO. The General Meeting of Shareholders elects members to the Board of Directors, and the Board of Directors appoints the CEO. The Board of Directors' work is enhanced by four Board committees whose members are elected by the Board of Directors among its members. In managing the company's business operations, the CEO is assisted by the Corporate Management Committee whose members are appointed, upon the CEO's proposal, by the Board of Directors. Additionally, the CEO is assisted by the Extended Management Committee, which aims to serve as a channel of communication without decision-making power.
The work of the Board of Directors and its committees, the CEO and the Corporate Management Committee is governed by the Corporate Governance Guidelines approved by the Board of Directors. These guidelines contain charters for the Board and its committees, guidelines for the division of duties between the decision-making bodies, and guidelines for the arrangement of internal control and risk management.
Citycon's corporate governance structure 2023
1. General Meeting of Shareholders
Citycon's shareholders exercise their decision-making power at the General Meeting. According to the company's Articles of Association, Citycon's Annual General Meeting is held annually within six months of the expiration of the financial period. Extraordinary General Meetings are convened whenever deemed necessary for decision-making purposes or when required by law.
The company publishes the notice of a General Meeting including a proposal for the meeting's agenda, the documents to be presented to the General Meeting and the Board of Directors' resolution proposals on the company's website, no later than three weeks prior to the General Meeting. The notice of the General Meeting is also published as a stock exchange release. If new persons are proposed to the Board of Directors, information about the candidates is presented on the company's website.
A shareholder is entitled to demand a matter for discussion at a General Meeting if such a matter belongs to the General Meeting according to the Finnish Limited Liability Companies Act and a demand is made by giving notice to the company well in advance so that the matter can be included in the notice of a General Meeting.
Citycon strives to facilitate the participation of its shareholders in General Meetings by arranging the meetings in a manner that enables both Finnish and international shareholders to participate in the meeting and to exercise their right to vote and ask questions. Citycon organized its general meetings for the year 2023 virtually, without a meeting venue using remote connection in real time. Hosting virtual meeting allows individuals to connect from anywhere and gives every shareholder chance to attend and have their say in real time. Additionally, presentation recordings have been made available on the company's website for later access. In 2023, Citycon held two General Meetings. The Annual General Meeting (AGM) 2023 was held on 21 March 2023 and the Extraordinary General Meeting (EGM) on 1 June 2023. The EGM decided to increase the number of members of the board to nine (9) until the close of the next Annual General Meeting. Further, Mr Adi Jemini was elected as new member of the Board of Directors. Citycon published the decisions made by the General Meetings in stock exchange releases and on its website.
2. Board of Directors 2.1 The composition of the Board of Directors
According to Citycon's Articles of Association, the Board of Directors consists of a minimum of five and a maximum of ten members. The Articles of Association do not contain any regulations on a specific procedure according to which the Board members are to be appointed.
The General Meeting of shareholders decides on the number of members of the Board of Directors and elects them at the AGM and, when necessary, at the EGM.
According to the Corporate Governance Code, the majority of the members of the Board of Directors must be independent of the company. In addition, a minimum of two of these independent members must also be independent of the company's significant shareholders. The Board of Directors evaluates its members' independence annually.
The Board's Nomination and Remuneration Committee prepares the Board's proposal to the General Meeting on the Board composition. The company's strategy and the requirements set by its operations, the company's development stage and the diversity principles specified by the company for the Board (described in 2.4 Diversity of the Board of Directors) shall be taken
into account when planning the composition of the Board of Directors.
The Board of Directors elects the Chairman and one or more Deputy Chairmen from among its members.
Citycon's AGM 2023 set the number of Board members at eight. The following Board members were re-elected: Chaim Katzman, Yehuda (Judah) L. Angster, F. Scott Ball, Zvi Gordon, Alexandre (Sandy) Koifman, David Lukes, Per-Anders Ovin and Ljudmila Popova.
Citycon's EGM 2023 set the number of Board members at nine. Mr Adi Jemini was elected as new member of the Board of Directors.
The members of the Board of Directors were elected for a term that ends at the close of the first AGM following their election.
The Board of Directors evaluated its members' independence in its meetings on 21 March 2023 and 4 May 2023. The Board of Directors concluded that all Board members, with exception of F. Scott Ball as the CEO of the company, are independent of the company.
Yehuda (Judah) L. Angster, F. Scott Ball, Alexandre (Sandy) Koifman, David Lukes, Per-Anders Ovin and Ljudmila Popova were evaluated independent of the company's significant shareholders. Chaim Katzman, Zvi Gordon and Adi Jemini are, or have recently been, in the service of or Board members of Citycon's main shareholder, G City Ltd (former Gazit-Globe Ltd.), or its affiliated companies and therefore they are not evaluated independent of the company's significant shareholders.
The Board Chairman in 2023 was Chaim Katzman with Sandy Koifman and F. Scott Ball serving as Deputy Chairmen. "Citycon strives to facilitate the participation of its shareholders in General Meetings in a manner that enables both Finnish and international shareholders to participate in the meeting and to exercise their right to vote and ask questions."
Read more
Minutes of the General Meetings, General Meeting documents and summaries of the resolutions of each General Meeting since 2010 are available in Citycon's GM archive at citycon.com/agm-archive.
Further information on General Meetings and shareholder rights can be found at citycon.com/general-meeting.
2.2 Information on Board members per 31 December 2023
Board Chairman Chaim Katzman Member and Chairman of the Board of Directors since 2010 LL.B., Israeli and US citizen, born 1949
Main occupation: Norstar Holdings Inc., Founder, Controlling Shareholder and Board Chairman since 1991 and CEO since 2017; G City Ltd., Executive Chairman of the Board of Directors since 1998 and CEO since 2018; Regency Centers Corporation, Vice Chairman of the Board since 2017; Atrium European Real Estate Ltd, Board Chairman since 2008
The Board's assessment of independence: Independent of the company
Citycon shares1 : 35,771
Membership in Citycon's Board committees: Nomination and Remuneration Committee, Chairman
Yehuda (Judah) L. Angster Member of the Board of Directors since 2020 Juris Doctor (Pace University), Bachelor of Talmudic Law, US citizen, born 1982
Main occupation: Dwight City Group LLC, CEO, Principal and Founder since 2018; NYU Schack Institute of Real Estate, Adjunct Professor of Real Estate Law since 2017
The Board's assessment of independence: Independent of the company and significant shareholders
Citycon shares1 : -
Membership in Citycon's Board committees: Audit and Governance Committee (until 18 July 2023), Cyber Committee, Nomination and Remuneration Committee, Strategy and Investment Committee
F. Scott Ball Member of the Board of Directors since 2021, Deputy Chairman since 2022 B.Sc. (Business Management), US citizen, born 1961
Main occupation: Citycon, CEO since 2019
The Board's assessment of independence: Independent of significant shareholders
Citycon shares1 : 180,442
Membership in Citycon's Board committees: -
Zvi Gordon Member of the Board of Directors since 2020 MBA (MIT Sloan), B.A., Israeli and US citizen, born 1985
Main occupation: G City Ltd., Vice President of Investments 2017; Norstar Holdings Inc., Chief Investment Officer since 2016
The Board's assessment of independence: Independent of the company
Citycon shares1 : -
Membership in Citycon's Board committees: Cyber Committee, Chairman, Strategy and Investment Committee
Adi Jemini Member of the Board of Directors since 2023 B.Sc. (Accounting and Information System), US citizen, born 1978
Main occupation: Gazit Group USA, Chief Executive Officer since 2023
The Board's assessment of independence: Independent of the company
Citycon shares1 : -
Membership in Citycon's Board committees: Audit and Governance Committee, Chairman since 1 November 2023
1 Includes the shares and share-based rights in the company and companies belonging to the same group held by the director and corporations over which he or she exercises control.
Alexandre (Sandy) Koifman Member of the Board of Directors since 2019, Deputy Chairman since 2021 M.Sc. (Mathematics & Economics), French and Swiss citizen, born 1953
Main occupation: Efficient Frontiers Investing SA, Managing Director
The Board's assessment of independence: Independent of the company and significant shareholders
Citycon shares1 : -
Membership in Citycon's Board committees: Audit and Governance Committee, Chairman until 1 November 2023, Nomination and Remuneration Committee
David Lukes Member of the Board of Directors since 2017 M.Sc. (Real estate development), Architect, US citizen, born 1970
Main occupation: Site Centers Corp. CEO and President since 2017
The Board's assessment of independence: Independent of the company and significant shareholders
Citycon shares1 : 1,760
Membership in Citycon's Board committees: Strategy and Investment Committee, Chairman
Per-Anders Ovin Member of the Board of Directors since 2013 M.Sc. (Economics), Swedish citizen, born 1956
Main occupation: Mengus Stockholm AB, Board Chairman, Partner and Owner since 2005; Marrakech Design/Ovin Consulting AB, Owner since 2003
The Board's assessment of independence: Independent of the company and significant shareholders
Citycon shares1 : 5,900
Membership in Citycon's Board committees: Audit and Governance Committee, Nomination and Remuneration Committee
Ljudmila Popova Member of the Board of Directors since 2021 M.Sc. (Econometric Sciences), Executive MBA, Dutch and Kyrgyz citizen, born 1980
Main occupation: Director Digital Infrastructure at NIBC since 2021, Wealth Management Partners, Supervisory Board Member (Property Pool) since 2020
The Board's assessment of independence: Independent of the company and significant shareholders
Citycon shares1 : -
Membership in Citycon's Board committees: Audit and Governance Committee, Cyber Committee
Read more
Board members' personal details can also be found on the company's website at citycon.com/board-directors and information on their personal shareholdings in Citycon at citycon.com/managers-holdings-shares.
1 Includes the shares and share-based rights in the company and companies belonging to the same group held by the director and corporations over which he or she exercises control.
Board of Directors' year clock
Introduction Corporate governance Internal control and risk management Other information Corporate Governance Statement 2023 8
2.3 Description of the charter and operations of the Board of Directors
The duties of the Board, as set out in the charter of the Board of Directors included in company's Corporate Governance Guidelines, are described on the company's website at citycon.com/board-of-directors.
The Board of Directors' meeting schedule is based on the company's year clock shown on the right. Additional meetings are held when deemed necessary.
The Board of Directors constitutes a quorum if more than half of its members are present. Considering the Board of Directors' international composition, the meetings may be held as telephone or video meetings as well as per capsulam.
The Board of Directors evaluates its operations and working methods annually. Typically, the evaluation is conducted as self-evaluation.
In 2023, Citycon's Board of Directors convened a total of 15 times during the year. The average attendance rate at Board meetings was 97%.
Board meeting attendance in 2023
%
11%
%
Introduction Corporate governance Internal control and risk management Other information Corporate Governance Statement 2023 9
2.4 Diversity of the Board of Directors
Citycon's Corporate Governance Guidelines states the principles of diversity for the Board of Directors. According to the principles, when planning the composition of the Board, the Nomination and Remuneration Committee shall take into account the candidates' background, independence, age, gender, skills and experience, the suitable number of candidates and their opportunity to devote a sufficient amount of time to their work. In addition, the company's strategy, the requirements set by the company's operations and the company's stage of development shall be taken into account. The Nomination and Remuneration Committee shall take account of proposing both genders as members of the Board of Directors.
In 2023, the composition of Citycon's Board of Directors was balanced with regard to the diversity principles. The members of the Board had extensive and diverse expertise and an international background. The members' competence, education, experience and seniority complemented each other. The directors represented seven nationalities. Both genders were represented on Citycon's Board of Directors in accordance with the objectives specified by the company.
Gender1
11%
Independence of significant shareholders1
Duration of board membership1
3. Board Committees
3.1 Composition and operations of the committees Citycon's Board of Directors is assisted by four committees set up by the Board of Directors: the Audit and Governance Committee, the Cyber Committee, the Nomination and Remuneration Committee, and the Strategy and Investment Committee. Each committee's main duties and working principles are established in writing by the committee charters included in Citycon's
Situation on 31 December 2023
1
Corporate Governance Guidelines. The Board may also resolve on a separate sub-committee to prepare or decide certain matter, as necessary.
The Board of Directors elects the Board committee members and chairmen from among its members. The committee members shall have the expertise and experience required for the duties of the committee. A committee always has at least three members. The CEO does not belong to any of the committees.
The committees' chairmen report on issues discussed by the committees to the Board of Directors.
The members of the Board committees in 2023 are listed under 2.2 Information about Board members.
3.2 Descriptions of committee charters and operations
Audit and Governance Committee The Audit and Governance Committee has a central role in the company's financial reporting process and the development of corporate governance practices. The duties of the Audit and Governance Committee are described in detail in the committee charter described on the company's website.
Members of the Audit and Governance Committee must be independent of the company and at least one committee member must be independent of the company's significant shareholders. At least one committee member must be a financial expert with sufficient knowledge and experience in the fields of accounting or auditing and in the accounting principles applicable to the company.
Citycon's responsible auditor attends the Audit and Governance Committee meeting in which the company's annual financial statements are reviewed, and reports on audit findings. The responsible auditor also attends other Audit and Governance Committee meetings upon the committee's request.
"Good collaboration with the auditor and internal audit."
The Audit and Governance Committee meets at least four times a year in accordance with the company's financial reporting schedule to review the interim and half-yearly reports and annual financial statements of the company. The Audit and Governance Committee convened four times in 2023. The average attendance rate at the meetings stood at 100%. The graph below indicates attendance rates by member. The Audit and Governance Committee elected Mr Adi Jemini as a new Chairman of the Committee as of 1 November 2023.
| Adi Jemini (since 18 July 2023), Chairman since 1 November 2023 |
100% |
|---|---|
| Sandy Koifman, Chairman until 1 November 2023 |
100% |
| Per-Anders Ovin | 100% |
| Ljudmila Popova | 100% |
| Judah Angster (until 18 July 2023) |
100% |
Cyber Committee
In May 2023, Board of Directors decided to establish a new Cyber Committee. The Cyber Committee supports the Board of Directors in overseeing the company's cyber security activities and risks as well as the practices in safeguarding the company's assets, sensitive information, maintaining the trust of stakeholders and business continuity. The duties of the Cyber Committee are described in the committee charter described on the company's website.
The majority of the members of the Cyber Committee must be independent of the company.
The Cyber Committee meets as necessary but at least twice a year. In 2023, the Cyber Committee convened two times with an attendance rate of 100%. The graph below indicates attendance rates by member.
Nomination and Remuneration Committee
The Nomination and Remuneration Committee prepares proposals for the election of the Board of Directors and their remuneration, as well as prepares the remuneration policy and the remuneration report. Furthermore, the duties of the Nomination and Remuneration Committee
include matters regarding the appointment and remuneration of the CEO and other senior executives. The duties of the Nomination and Remuneration Committee are described in the committee charter described on the company's website.
The members of the Nomination and Remuneration Committee must be independent of the company.
When seeking potential Board members, the Nomination and Remuneration Committee shall take into account the requirements of the company's strategy and operations, the diversity principles of the Board and the company's stage of development. The Nomination and Remuneration Committee may consult significant shareholders of the company in this matter.
The Nomination and Remuneration Committee meets at least twice a year. In 2023, the Nomination and Remuneration Committee convened three times with an attendance rate of 84%. The graph below indicates attendance rates by member.
| Chaim Katzman, Chairman |
100% |
|---|---|
| Judah Angster | 100% |
| Sandy Koifman | 67% |
| Per-Anders Ovin | 67% |
Strategy and Investment Committee The Strategy and Investment Committee supports the Board of Directors in defining and monitoring the company's strategic direction and monitors the company's property development projects and optimisation of the property portfolio. The duties of the Strategy and Investment Committee are set out in the committee charter described on the company's website.
The majority of the members of the Strategy and Investment Committee must be independent of the company.
The Strategy and Investment Committee meets as necessary but at least twice a year. In 2023, the Strategy and Investment Committee convened four times with an attendance rate of 100%. The graph below indicates attendance rates by member.
| David Lukes, Chairman | 100% |
|---|---|
| Zvi Gordon | 100% |
| Judah Angster | 100% |
More information of the duties of the Committees and of committee charter at citycon.com/investors/corporategovernance/board-of-directors/board-committees.
Read more
4. Chief Executive Officer (CEO)
Citycon's Board of Directors appoints the company's CEO and decides on the terms and conditions of his/ her service agreement. The service terms of the CEO are stipulated in a written service agreement approved by the Board of Directors.
The CEO manages the company's day-to-day operations in accordance with the guidelines by the Board of Directors. The CEO is responsible for ensuring that the company's accounts are in compliance with the law and that its financial affairs have been arranged in a reliable manner.
F. Scott Ball has been the CEO of the company since 1 January 2019. Mr. Ball is also a member of Citycon's Board of Directors.
5. Corporate Management Committee
The CEO is assisted by the Corporate Management Committee, an expert body comprising at least three members.
The Corporate Management Committee's main duties include assisting the CEO in the management of the company's operative business and preparing matters to the Board. Among other duties, the Corporate Management Committee prepares company's strategy, annual planning and budget, and monitors and supervises their implementation.
During 2023, the Corporate Management Committee convened generally once a week.
Read more
More information of CEO's service terms can be found from company's website at citycon.com/remuneration.
Information about the CEO and other members of the Corporate Management Committee per 31 December 2023
F. Scott Ball Chief Executive Officer (CEO)
Chairman of the Corporate Management Committee
Member of the Corporate Management Committee since 2019
B.Sc. (Business management), US citizen, born 1961
Citycon shares1 : 180,442
1 Includes the shares and share-based rights in the company and companies belonging to the same group held by the CEO or CMC member and corporations over which he or she exercises control.
2 On 1 December 2023, Citycon announced an orderly transition of its Chief Financial Officer position to take place in early 2024. Bret D. McLeod, current Chief Financial Officer of Citycon, announced his intention to resign from his position effective January 31, 2024. At the same time, the Board of Directors of Citycon appointed Sakari Järvelä, current VP, Corporate Finance and Investor Relations, to the position of CFO and a member of Citycon's Corporate Management Committee on February 1, 2024 onwards.
Bret D. McLeod Chief Financial Officer2
Member of the Corporate Management Committee since 2021
MBA, US and Canadian citizen, born 1982
Area of responsibility: finance, treasury, investor relations, communications and corporate governance
Citycon shares1 : -
Henrica Ginström Chief Operating Officer
Member of the Corporate Management Committee since 2019
M.Sc. (Technology), M.Sc. (Economics) Finnish citizen, born 1983
Area of responsibility: operational business, marketing and legal
Citycon shares1 : 31,100
Erik Lennhammar Chief Development Officer
Member of the Corporate Management Committee since 2019
B.Sc. In Engineering (Constructional Engineering), Swedish citizen, born 1974
Area of responsibility: property investments and development
Citycon shares1 : 16,118
Kirsi Simola-Laaksonen Chief Information Officer
Member of the Corporate Management Committee since 2020
BBA (International Business Administration) Finnish citizen, born 1975
Area of responsibility: IT&BPI, operations development, sustainability
Citycon shares1 : 9,093
6. Remuneration
Citycon's Remuneration Report sets out how Citycon has implemented its Remuneration Policy in 2023. The Remuneration Report provides information on the remuneration and other financial benefits paid to the Board of Directors and the CEO during the previous financial period. The Remuneration Report is issued as a separate report, distinct from this CG Statement.
Read more
Citycon's Remuneration Statement is available on the company's website at citycon.com/remuneration.
Read more
Information on Corporate Management Committee members' career histories and positions of trust is also available on the company's website at citycon.com/corporate-management-committee.
Descriptions of internal control procedures and the main features of risk management systems
Main features of the risk management process and its regulation to internal control
The purpose of Citycon's risk management and internal control is to ensure that the group's operations are both efficient and effective, that reporting is consistent and reliable and that the applicable laws and regulations as well as the Citycon group's operating principles are observed. Internal control of financial reporting aims to ensure that any interim and half-yearly reports and financial statements to be published are reliable and are prepared in compliance with the accounting policies and reporting principles applied by Citycon and give materially correct information about the company's financial position.
On 31 December 2023 Citycon had a total of 64 subsidiaries and 11 joint ventures and associated companies.
"The objective of Citycon's risk management is to ensure that the business targets are achieved by identifying, assessing and monitoring key risks as well as to extent possible, avoid, transfer or mitigate these risks."
1. General description of risk management
Citycon is exposed to various risks through the normal course of its business operations. No business can be conducted without accepting a certain risk level, and expected gains are to be assessed against the involved risks.
Citycon's risks are managed in the various functions as a part of operational management. Risk management constitutes part of the company's internal control.
The risk management and reporting process involves:
- identifying new and existing risks
- assessing the risk management measures
- making new risk limitation plans if the current measures are not deemed sufficient for the management of the identified risks.
The risk reporting process gathers data on risk analysis, risk management plans and risk owners into one groupwide risk register, for annual reporting to Citycon's Board of Directors. This is done in conjunction with the budgeting process so that the risks are linked to the annual targets. To evaluate the importance of each risk, an estimate of the potential future loss associated with the realisation of the risk is determined together with the probability of the realisation of the risk, whenever possible. This also improves the comparability of risks between business units and functions. In addition, the realised risks during the previous year are assessed and reported.
CEO and other
members of the CMC
Introduction Corporate governance Internal control and risk management Other information Corporate Governance Statement 2023 13
Each function in the company has a designated person who is the owner of risk management in that area and is also responsible for the reporting of risks, limitation plans and monitoring the implementation of the plans. Key risks are reported to the Risk Steering Committee, that evaluates the risks and prepares a report of the Group's key risks for the Board of Directors. The CEO and the Corporate Management Committee are responsible for developing and maintaining the processes in accordance with the risk management principles approved by the Board of Directors. The Board of Directors monitors the company's business risks and uncertainties on a regular basis and reports them as required by law and the regulations and guidelines issued by the FIN-FSA.
Each year, Citycon assesses risks related to processes deemed significant to financial reporting, to serve as a basis for internal control over external financial reporting. In addition to the group's finance function, the business units' financial management participates in the risk assessment process.
Main features of the risk management process and its relation to internal control.
The company's key risks and uncertainties and the most important risk management measures and principles are covered more extensively in Citycon's Financial Statements.
2. General description of internal controls
Citycon's internal control system is based on the international COSO 20131 framework. It includes the key principles related to the control environment, risk assessment, control activities, information, communication and monitoring activities. The cornerstones of Citycon's control environment include group-level operating policies and guidelines, harmonised controls in the operating processes and assessment of controls and deviations during the reporting period.
"Each year, Citycon assesses risks related to processes deemed significant to financial reporting, to serve as a basis for internal control over external financial reporting."
First defence line Business processes and support functions
Second defence line Risk management, internal control environment, group guidance
Third defence line Internal audit
Independent reporting line
Audit and Governance Committee
Overall responsibility Board of Directors
3. International COSO framework as the foundation for internal control
Control environment
At Citycon, the Board of Directors is responsible for arranging and maintaining adequate and effective internal control. The division of duties included in Citycon's Corporate Governance Guidelines and the group's organisational structure ensure that the areas of responsibility and division of authority are clear for all functions and the management and employees.
In accordance with the Board of Directors' and its committees' written charters, the Board's Audit and Governance Committee assesses the company's financial reporting process and the appropriateness of the internal control system and reviews the internal control reports. The duties of the Board of Directors and the Audit and Governance Committee are presented in more detail in the section regarding the Board of Directors and its committees.
CEO's duty is to attend to the implementation of practical actions regarding internal control and to maintain an organisational structure in which responsibility, authority and reporting relationships are clearly and comprehensively defined in writing. At Citycon an authorisation matrix is in use where the division of authority for each organisational role is specified through approval limits.
Citycon's ethical principles and business norms are specified in Citycon's Code of Conduct. Compliance with the principles is promoted through internal communication and training. Citycon strives to ensure that its key business partners also comply with the same or similar principles.
4. Control activities
The company's accounting and reporting manuals define the standards, processes and responsibilities for financial reporting. These manuals facilitate the achievement of Citycon's objectives regarding the reliability of financial reporting. The Board of Directors approves group-level policies as determined in company's Corporate Governance Guidelines. Meetings are held on a regular basis in which the manuals are discussed with all personnel involved in the financial reporting process.
Descriptions of processes that are significant to Citycon's business and reporting have been documented. The process descriptions have been supplemented by defining control points in each process, based on the risk assessment of reporting. These control points include, for example, approvals, reconciling sub-ledgers and accounts, analytical reviews, limitations of access rights and segregation of duties. The defined control points are designed to prevent, detect and correct material errors and deviations in financial reporting.
Read more
The group's personnel and business partners can report suspected violations of Citycon's Code of Conduct on Citycon's website at citycon.com/investors/corporategovernance/code-of-conduct/report-a-violation.
5. Information and communication
All external communication is carried out in accordance with Citycon's Disclosure Policy. The Board of Directors approves all financial reports issued by the company, before they are published as stock exchange releases. The company's external communications are carried out in several events and in different channels.
The company's external communications are carried out in several events and in different channels:
6. Monitoring activities
Citycon's business unit executives are responsible for ensuring that the relevant laws and regulations are adhered to in their respective functions of responsibility. The Corporate Management Committee also monitors compliance with laws and regulations as part of regular supervisory activities. The financial performance of the group and business units is monitored monthly through the group's business review processes.
In Citycon group, monitoring of internal control includes both ongoing and separate evaluations and audits. The objective of the monthly analysis of reported figures at various levels (e.g. shopping centre, cluster, business unit, group) is to detect whether the reported figures deviate from budgeted or forecast figures. The purpose of monitoring and testing of internal controls is to detect control deviations in each significant process for financial reporting that might affect the accuracy of Citycon's financial reporting if the deviation in question would not be corrected.
In 2023, testing of internal controls continued with regard to the main processes of the group management and business units. Citycon's internal control framework was reviewed and updated to be in line with current roles, responsibilities and structures. Internal controls testing was conducted by assessors who are independent of the business unit's daily operations and were steered by the group management. The significance and impacts of deviations detected in these tests were evaluated by the group management, and the necessary corrective measures were initiated. On the basis of the resulting summary drawn up by the group management, there are no indications that these control deviations would lead to material errors in Citycon's financial statements.
Other information
1. Description of the internal audit organisation and the main principles followed in the internal audit
Citycon has a separate internal audit function. The duties of internal audit include independent and objective auditing activities, as well as value-adding consulting activities that improve operations. Internal audit contributes to the achievement of company's objectives through systematic assessment and development of the company's risk management, internal control and corporate governance processes. The internal audit function reports directly to the Board's Audit and Governance Committee and, administratively, to the CEO. The internal audit reporting relationships are also described in section Descriptions concerning corporate governance of this statement (see the figure under Citycon's corporate governance structure). A representative from Citycon's organisation coordinates the internal audit services, which were purchased from an external service provider in 2023.
The internal audit work is based on the Internal Audit Charter, as approved by the Audit and Governance Committee. According to the charter, the duties of internal audit include, among others, assisting the Board of Directors, its committees and the corporate management with the assessment of processes related to the identification and management of risks, supervision of financial reporting, efficiency of operations and compliance with law. Within the scope of the authorisation granted through the Internal Audit Charter, the internal audit function has unlimited access to Citycon's functions, processes, documents and information regarding personnel to perform audits.
The internal audit function assists the Board's Audit and Governance Committee in assessing and monitoring the adequacy and effectiveness of Citycon's internal controls and risk management, by performing audits in group legal entities and processes in accordance with the annual plan approved by the Board's Audit and Governance Committee. The internal audit plan is approved by the Audit and Governance Committee at its meeting each year. The progress of audits under the internal audit annual plan is reported to the Board's Audit and Governance Committee each quarter. In addition, the Board's Audit and Governance Committee deals with each internal audit report at its meeting, including observations, recommendations and action plans. The progress of implementing the action plans is reported to the Audit and Governance Committee.
Citycon's internal audit plan for the year 2023 focused on follow-up of previous years' audits and status of recommendations implementation, function/team leadership, group HR function and HR processes. Furthermore, the internal audit plan focused on operations, property- and center management, development projects audits, ESG: management system and management on environmental matters.
2. Related party transactions
The related parties of the company mean the related parties of a listed company in accordance with IAS 24. The company has determined that its related parties comprise Citycon and its subsidiaries, associated companies, and joint ventures; Board members; CEO and other Corporate Management Committee members; and the company's largest shareholder G City Ltd. that
held 50.91%1 of the company's shares and votes on 31 December 2023.
The Group Finance shall report all company's transactions with the related parties to the Chief Financial Officer and Legal Affairs on a quarterly basis. The Group Finance shall immediately inform the Legal Affairs of any contemplated transaction, which would be entered into with a related party and not be (i) entered into in the ordinary course of business; or (ii) concluded on normal market terms.
The Board of Directors shall handle related party transaction monitoring and evaluation in its meetings where the financial statements are approved, and in other meetings if needed. The company evaluates and monitors transactions concluded between the company and its related parties and reports them, as required by the Finnish Limited Liability Companies Act and regulations concerning the preparation of financial statements, in the Company's Report by the Board of Directors and in the notes to the financial statements and interim and half-yearly reports.
The Directors independent of the company's significant shareholder G City Ltd. have on 21 March 2023 resolved to approve the reoccurring related party transactions between Citycon and G City Ltd. The reoccurring related party transactions include the reporting cost expenses charged by Citycon from G City. In addition, the Company's Chief Financial Officer reports quarterly on the Company's other related party transactions, if any, to the Audit and Governance Committee and to the members of the
Board of Directors who are independent of significant shareholders.
The nature of a related party transaction and its terms are evaluated, in particular, with respect to the Company's ordinary course of business and armslength terms. Standard agreements that are offered to customers and personnel in general are typically part of the ordinary course of business, which means they do not require special monitoring or assessment measures.
Related party transactions which are part of the ordinary course of business and implemented under arms-length terms, do not require a decision of the Board of Directors independent of the Company.
In decision-making pertaining to related party transactions, the company ensures that potential conflicts of interests are appropriately taken into account and related parties or their representatives do not participate in the decision-making.
In 2023, the company did not engage in business transactions with related parties deviating from the company's normal business operations or under unordinary market terms.
1 In total, G City Ltd. and its wholly owned subsidiary Gazit Europe Netherlands BV own 50.91% of the total shares and votes in the company (87,559,0169 shares as of 31 December 2023). G City Ltd. owns 29.81% and its wholly owned subsidiary Gazit Europe Netherlands BV 21.10% of the company's shares and votes.
3. Main procedures relating to insider administration
In its insider administration, Citycon applies the EU's Market Abuse Regulation (MAR) and the Insider Guidelines issued by Helsinki Stock Exchange. The company's own Insider Guidelines approved by the company's Board of Directors supplement the applied insider regulation and specify the company's insider administration procedures. The company's Manager, Legal and Investor Relations is in charge of Citycon's insider matters.
3.1 Persons discharging managerial responsibilities and insider lists
The company has specified the members of the Board of Directors, the CEO and members of the Corporate Management Committee as its managers as referred to in the MAR. Citycon maintains a list of managers and their closely associated persons. The persons on the list are obligated to report their business transactions in Citycon's financial instruments to the company and the FIN-FSA. Citycon publishes such transactions in stock exchange releases.
At the beginning of insider projects, the company sets up project- or event-based insider lists. The lists include information of persons participating in projects, such as capital market events or significant company or property transactions. During an insider project, listed persons are not allowed to trade in financial instruments related to the company.
Read more
Managers' and their closely associated persons' transactions in Citycon financial instruments are published in the Managers' Transactions section in the Citycon Newsroom at citycon.com/newsroom.
3.2 Closed period and trading restrictions
Read more
Closed window periods are shown in the investor calendar which is available at
citycon.com/investor-calendar.
Citycon applies a closed period of 30 calendar days prior to announcing its financial statements, half-yearly reports and interim reports. The closed period concerns persons discharging managerial responsibilities in the company and other company employees who participate in the preparation of financial statements, half-yearly reports and interim reports. During that period, they are not allowed to trade in securities issued by Citycon, or other securities or financial instruments targeting Citycon shares or securities entitling to Citycon shares. In addition, persons discharging managerial responsibilities are at all times obligated to consult Citycon's insider administration prior to a planned transaction in Citycon's financial instruments.
4. Auditor and remuneration paid to the auditor
On 21 March 2023, Citycon's AGM re-elected audit firm Ernst & Young Oy as the company's auditor, with Antti Suominen (Authorised Public Accountant) acting as the responsible auditor appointed by the firm since 2021.
In 2023, Citycon paid EUR 1.0 million in remuneration to its auditor, related to its general audit. In addition, Citycon purchased advisory services from the auditor for EUR 0.2 million.
