The risk and security organization of SIX helps employees to identify internal and external threats, evaluate them correctly and react to them appropriately. The aim is to ensure the long-term stability and security of the company and of the Swiss financial center, and to continue to provide the usual efficient, high-quality services.
Our risk and security organization applies to the entire company. The teams Risk, Security, and Compliance, led by the Chief Risk Officer (CRO), define responsibilities, methods, processes and reporting for risks at SIX. At the same time the teams act as the second line of defense in a “three lines of defense” model, which has become standard practice in the financial sector.
The risk and security organization at SIX is optimized on an ongoing basis. SIX actively ensures that its risk management is fully in keeping with its own business model and also complies entirely with external requirements, particularly regulatory measures. In 2018, SIX embedded its risk management organization even deeper within the company to manage SIX-relevant risks efficiently.
Legal supports the first line of defense in the observance and monitoring of legal, regulatory and internal provisions, advises on all legal issues, regulates legal disputes and is the central coordinator for authority contacts. Public & Regulatory Affairs identifies and classifies relevant legislative and regulatory developments at an early stage in order to ensure the company is informed about external changes. It also represents the interests of SIX in the political arena. Both areas form part of the first line of defense.
- First Line of Defense
The first line of defense is to be found in the business units and corporate functions. It is at this level that employees need to recognize risks and weigh them up appropriately in their day-to-day work.
- Second Line of Defense
The uniform corporate-wide risk and security organization forms the second line of defense. It assists and supports the first line with the monitoring and controlling of critical topics. The team handles the reporting of financial and non-financial risks, risk analyses and the central insurance portfolio.
- Third Line of Defense
The Board of Directors and the internal and external auditors constitute the third line of defense. They are responsible for independently monitoring and controlling the risks faced by SIX. At the same time they monitor the internal organization of risk management.