Corporate governance statement

TM's corporate governance is in accordance with Act No. 2/1995 on Limited Liability Companies and Act No. 100/2016 on Insurance Activities.

The corporate governance of the company is based on a range of internal rules that the company has established for itself, such as:

The company, moreover, has, in accordance with legislation, established the following rules: rules on internal controls, rules on internal audits, rules on transactions with associated parties, rules on securities transactions by the company, the Board of Directors and employees and rules on the competence of key employees. In addition, the Board has established for the company a remuneration policy, dividend payment policy, information policy and risk management policy.

TM adheres to the “Guidelines on Corporate Governance” issued by the Icelandic Chamber of Commerce, NASDAQ OMX Iceland and the Confederation of Icelandic Employers, most recently in May 2015. The company, however, departs from the instructions of the Guidelines that shareholders are to be allowed to participate fully or partially in shareholders' meetings electronically, including casting votes without being physically present. Based on the size and composition of the company's shareholders, no reason has been seen to depart from the current arrangements, which would lead to expenses for technological equipment. Shareholders are instead given the option of casting their vote by letter as provided for in the Act on Public Limited Companies.

Board of Directors

The company's Board of Directors is elected during the Annual General Meeting and is to consist of five members and two alternates. The Members of the Board of Directors and the Managing Director shall fulfil the competency requirements laid down in the Act on Public Limited Companies and the Act on Insurance Activities. In addition, the composition of the Board of Directors must fulfil the requirements of the Act on Public Limited Companies to the effect that the proportion of either gender on the Board may not be lower than 40%. The present Board of Directors fulfils the competency requirements required by laws. The requirement of equal gender proportions is also fulfilled because the Board consists of three women and two men and the alternates are male and female.

According to the company's Articles of Association, the then-current Board of Directors shall assess whether candidates for the Board at the next shareholders' meeting, when an election is held, can be considered independent with respect to the company or shareholders owning a 10% shareholding in the company or more. Once a Board has been elected during a shareholders' meeting, the individual Board members must, at their own initiative, ensure their independence, or as appropriate independence of the Board itself, according to the rules of procedure of the Board of TM. All current Board members and alternates are considered independent in the above sense.

The Board of Directors of the company has overall supervision of its operation and is responsible for the general monitoring of the operation. The work of the Board generally takes place during Board meetings. Such meetings must be held at least every two months. When individual Board members are unable to attend a meeting, they may participate in the meeting by telephone or through other telecommunications equipment. In addition, the Board may address specific issues electronically outside normal Board meetings. The Board held a total of 15 Board meetings in 2016, in all cases with the participation of all principal members.

According to the rules of procedure of the Board, the Board must, on an annual basis, evaluate its own work and that of its sub-committees. Attention must be paid, for instance, to evaluations of strengths and weaknesses in the operation and procedures, to size and composition, to compliance with rules of operation, to the manner in which preparations and discussions of important aspects are conducted and to attendance and contribution of individual Board members.

The Board is under obligation to ensure that the shareholders can easily, outside shareholders' meetings in the company, submit their views and questions to the Board, such as by means of the company's website. According to the present arrangement, on TM's Board of Directors section on the website of the company, shareholders are invited to contact the Board through the e-mail address stjorn@tm.is.

Board sub-committees

The Board operates two sub-committees, the Audit Committee and the Remuneration Committee. No nomination committee is operated.

The Audit Committee is one of two sub-committees operated by the Board of TM, and the Board must, no later than one month after the Annual General Meeting, elect three persons to serve on the Committee. It is assumed that the Committee commonly be composed of three Directors in the company and that at least one Committee member must have expertise and experience in the field of accounting or auditing. In addition, the Committee members must be independent of the company's auditors and day-to-day management, the majority on the Committee must, moreover, be independent of the company, and at least one member of the Committee must be independent of significant shareholders. The company's Board may elect persons other than Board members to serve on the Audit Committee if the above conditions and requirements on the independence of Committee members cannot be met. The present Audit Committee is composed of the Board members Andri Þór Guðmundsson and Linda Björk Bentsdóttir. In addition, Anna Skúladóttir, certified auditor, is a member of the Committee and acts as Chairman.

The Audit Committee is to meet at least four times a year. Its role is to monitor financial statements, arrangements relating to internal controls and more. The Audit Committee held six meetings in 2016 and was fully staffed each time.

The Remuneration Committee is one of two sub-committees operated by the Board of TM, and the Board must, no later than one month after the Annual General Meeting, elect three persons to serve on the Committee. Account is to be taken of the experience and knowledge of standards and practices on the determination of the employment terms of management and their importance to the company. In addition, the majority of the Committee shall be independent of the company and its day-to-day managers. The company's Board may elect persons other than Board members to serve on the Remuneration Committee for the purpose of meeting the above conditions and independence of Committee members. At present, the Committee consists of the Board members Kristín Friðgeirsdóttir, who is also the Committee's Chairman, Ragnheiður Elfa Þorsteinsdóttir and Þórís Jóna Sigurðardóttir, Managing Director of Hjallastefnan.

The Remuneration Committee is to meet at least twice a year. The Committee has the role of preparing the decisions of the company's Board as regards the company's general remuneration policy and as regards the employment terms of the Managing Director and Board members as provided for, for instance, in the Act on Public Limited Companies. The Remuneration Committee held four meetings in 2016 and was fully staffed each time.

CEO

The CEO of the company is responsible for the day-to-day operations and holds decision-making powers in all its affairs which are not entrusted to others pursuant to law. Day-to-day operations do not include measures which are unusual or extraordinary. Further provisions on the authority of the CEO with respect to the Board of Directors are contained in his employment contract, risk acceptance and the investment policy which the Board has approved. The CEO is responsible for relaying information to the Board during and outside Board meetings about the operation and anything else the Board believes necessary in order to discharge its duties.

The President and CEO of Tryggingamiðstöðin is Sigurður Viðarsson.

Executive Management

The operation of TM is divided into five departments under the management of the company's CEO. The CEO and the Directors of the departments form the executive management of the company.

Information on policies relating to social responsibility and code of ethics 

TM's policy on social responsibility was formulated in 2014 and adopted in 2015. The policy is made up of three main pillars: Preventive measures, protection of personal data and information security and support for social growth areas. Work was carried out in accordance with the policy on a range of projects over the course of the year.

TM's code of ethics take account of the moral standards of the Icelandic Financial Services Association (“Samtok fjarmalafyrirtaekja”, or SFF) in the financial market. The rules were prepared by a group of TM employees and approved by the Board of Directors of the company in 2013.

Information on violations of laws and regulations that the appropriate supervisory or ruling body has determined.

The Financial Supervisory Authority was of the opinion that the company's 50% shareholding in Hotel Laxá ehf. and its subsidiaries was not compatible with Article 11 of Act No. 56/2010 on Insurance Activities, cf. the Authority's transparency notification from 21 March 2016. In addition, it was the conclusion of the Financial Supervisory Authority that the company had violated Article 8(1) of Rules No. 299/2012 on the salary bonus plans for insurance undertakings, cf. Article 55(1) of the Act on Insurance Activities, when it determined, in part, new performance criteria behind the 10% salary bonus in conjunction with the decision to grant them to two directors in the company, cf. the transparency notification of the Authority from 13 May 2016.

The Icelandic Data Protection Authority (IDPA) reached the decision, in case No. 2016/911, that the disclosure of information on compensation to customers due to vehicle damage to a third party was not permitted except with the permission of the party in question. In addition, the IDPA ruled, in case No. 2016/740, that the company's telephone call to the customer with offers for increased insurance protection had violated Article 28(1) of Act No. 77/2000 on the Protection of Personal Privacy and Processing of Personal Data.

Risk management and internal controls

The company's integrated risk management operated in accordance with a risk management policy and aims to maintain an overall view of all the company's risks and ensure that its position is in accordance with risk acceptance, financial policies and other policies of the company.