Risk management

The development of risk factors in Landsbankinn’s operations was positive in 2025 and the Bank’s position was strong at year-end. Risk appetite metrics were generally within approved limits, reflecting sound risk management and the Bank’s strong resilience. Implementation of the European regulatory framework CRR III proceeded according to plan and work continued on implementing the Digital Operational Resilience Act (DORA) for the financial sector. 

The economic environment in Iceland was challenging. Inflation was above the Central Bank’s target, interest rates remained high and there are indications of slower economic growth and rising unemployment. Activity in the housing market declined and real housing prices decreased slightly over the year. Volcanic and seismic activity on the Reykjanes Peninsula decreased compared with the previous year, which reduced the negative effect on customers in and around Grindavík, although uncertainty related to geological developments remains. 

Landsbankinn’s risk policy 

Landsbankinn has adopted a risk policy for the purpose of providing a framework for the Bank’s risk management and risk appetite and forms the basis for long-term profitability and stability. The Bank’s risk policy also sets out the parameters for implementing risk culture, risk rules and governance that sets out decision and risk-taking authorisations, follow-up and control of risk management. The aim of the policy is to support the efficient management of risk in the Bank’s operation and limit it to acceptable levels. 

All main risks in the Bank’s operation are identified, assessed and measured, both financial and non-financial risks. The main risks in the Bank’s operation are credit risk, market risk, liquidity risk, concentration risk, operational risk, business risk, legal risk, reputational risk, conduct risk, compliance risk, IT risk, data risk, model risk and sustainability risk. 

Landsbankinn’s governance structure sets out the main decision-taking process on key risks, the decision-making and risk-taking authority of individuals, follow-up and control by the Board of Directors, CEO and individual Bank committees. 

The Board approves a risk appetite which reflects the Bank’s risk strategy and functions as a management tool that controls risk-taking, in addition to setting aims for individual and aggregate risk in the Bank’s operation. Risk appetite is reviewed at least annually. The Bank’s main risk metrics are listed below. In addition, the Bank assesses and measure various other risk factors to support risk management and decision taking. 

Risk measurement and risk factors 

In general, the Bank’s risk measurements and assessment of material risk factors are positive and all key risk factors were aligned with risk appetite targets at year-end 2025. Defaults in the Bank’s loan portfolio remain minimal, the Bank is securely funded and its liquidity and equity positions are strong. 

Credit risk remains the most significant risk in the Bank’s operation, or 91.3% of risk-weighted exposure. Lending to customers grew by ISK 77 billion in 2025, or by 4%. Lending growth was driven primarily by lending to real estate companies and the construction sector, while lending to individuals remained flat. Despite persistent inflation, high interest rate levels and other challenging economic conditions, arrears have not increased to any real degree. Modest indebtedness among both corporates and individuals alongside an increase in disposable income no doubt explains these developments.  

The second most significant risk in the Bank’s operation is operational risk, which includes numerous sub-risks. The Bank has been focused on protecting customers against cyberattacks, which remain a growing threat. The Bank has been certified under the ISO 27001 information security standard for over 15 years. The certification, along with staff and customer education on information security, is one of the main pillars of the Bank’s cybersecurity.  

A strong risk culture is a cornerstone of the Bank’s operations, with significant emphasis placed on training, communication and effective dissemination of risk-related information, which supports sound risk culture across the organisation.  

Landsbankinn's financial standing at year-end is good. At year end, the Bank’s total capital ratio was 24.8%, well above current the regulatory requirement of 20.4%. The Bank’s capital and liquidity ratios are strong and it is well placed to meet both expected and unexpected risk in the future. 

Risk factors in the Bank’s operations are assessed by various measurements, in line with their scope and nature, and these measurements provide the foundation for risk limits, analysis of risk factors, disclosure of information and risk management. A common measurement for all risk factors is the Bank’s internal assessment of economic capital (EC). In 2025, internal assessment of the Bank’s EC was lower than capital requirements. 

Sustainability risk assessment 

The Bank has integrated the assessment and management of sustainability risk into its risk framework. Sustainability risk includes risks related to environmental, social and governance (ESG) factors. The implementation includes, among other things, a dedicated assessment of sustainability risk in lending to larger companies.  

Active internal control 

Active internal control forms one of the cornerstones of robust risk management and is conducive to the Bank operating in accordance with its risk policy and risk appetite. 

Internal control is a process shaped by the Bank’s executives and employees and comprises all actions taken with the aim to support, manage, mitigate or monitor certain activities and in so doing increase the likelihood of the Bank attaining set goals. 

Landsbankinn endeavours to maintain good and constructive relations and collaboration with regulators and to ensure accurate and timely information disclosure. 

Risk metrics in Landsbankinn’s risk appetite 

The Bank’s main risk metrics are listed below. In addition, the Bank assesses and measure various other risk factors to support risk management and decision taking.