Operating responsibly

Ensuring that we operate lawfully and with integrity and transparency is critical to the success of our business. Whilst we work towards our ambition of being the best and biggest digital insurance provider in the UK, we are committed to making a positive impact, in a sustainable way. We believe this is vital to ensuring we meet the needs of our colleagues and customers and for running a successful business that respects and nurtures the environment and the societies within which we operate.

Read more about how we operate responsibly

Responsible Underwriting

We have well established and disciplined underwriting principles, with an operating structure that ensures our decisions are grounded in data, and we are able to react quickly to changes in the market.

We have an active focus on changing customer demands and attitudes, and are exploring propositions that support changes in vehicle fuel types as well as changes to usage. We also use key data sources that identify the flood risk of each property, providing the ability to consider the implications of temperature rise in our underwriting rules longer-term.

Our market leading and continually evolving anti-fraud practices include working closely with law enforcement authorities. This means that we can help keep society safer as a whole and we can pass on savings through lower fraud-related claims to our customers.

Responsible investment

We believe that responsible investment promotes change for good as well as being a long-term driver of investment return. While we use traditional financial metrics to manage and measure the performance of our portfolio, we have a responsible investment framework that incorporates sustainability considerations into our investment decisions. We have put in place guidelines to which our investment managers must adhere, ensuring we maintain a high ESG rating and exclude exposure to certain sectors, such as tobacco and coal.

Using specialist data sets and reporting, we can review the overall ESG performance of our investment portfolio and ensure that investments continue to meet our ESG criteria.

All of the financial institutions with which we work are signatories to the UN Principles for Responsible Investment (‘UNPRI’), demonstrating their ongoing commitment to responsible investing. We consider their responsible investment policies and their approach to responsible investment as part of our appraisal process.

Commitment to responsible investing

We believe that ESG considerations can be long-term drivers of investment return and a focus on ESG through the investment portfolio aligns to our 4Cs approach to corporate responsibility and sustainability.

During 2022 we became a signatory to the United Nations Principles for Responsible Investing (UN PRI) alongside committing to set out science-based targets to the SBTi for validation no later than summer 2024. Our current target for investments is to reduce carbon intensity in the core investment portfolio by 50% by 2030 and to net-zero by 2050 or sooner.

Our insurance subsidiary’s investment portfolio comprises a core portfolio of high quality Sterling-denominated bonds, with additional strategic allocations that provide a diversified return from equity and currency markets. The key aims for the investment strategy are strength and predictability. We believe we can achieve these aims while also driving change for good through our investment decisions.

We provide ESG guidelines that investment managers incorporate into their investment rules, thereby ensuring that target ESG scores are maintained, and that we do not invest in excluded or sensitive sectors. We are committed to maintaining an average ESG score of “A” or above, based on MSCI scoring.

Quarterly reporting to the insurance subsidiary’s Investment Committee includes ESG scoring and confirmation of exposure to excluded or sensitive sectors, facilitating review of the guidelines and allowing challenge to controversial positions. The Investment Committee reports to the insurance subsidiary’s board of directors when breaches arise or when recommending changes to the framework.

ESG integration

ESG criteria are incorporated into the investment portfolio without negatively impacting returns, diversification, or the overall quality of the portfolio. Investment managers integrate ESG criteria into their fundamental, bottom-up investment process, where they seek to identify factors which they believe are key to determining whether a company would outperform or underperform the market. The investment managers deploy capital in a manner that integrates ESG criteria, while preserving and growing financial assets.

Negative screening and norms-based screening

Our negative screening focuses on three sectors: tobacco, controversial weapons and coal. These sectors have been excluded following internal discussions, stakeholder demands, industry review, considering climate change, and consultation with the company’s investment managers. We also conduct norms-based screening reporting quarterly on companies that do not meet UN Global Compact Compliance standards. These are reported quarterly to the insurance subsidiary’s Investment Committee for review.

Active ownership

As we do not have any direct equity investments we do not partake in voting activities. We believe that by excluding certain sectors and by only purchasing fixed income investments from companies highly rated based on ESG criteria we can influence corporate behavior and drive positive change.

We have strategic equity and currency exposure through a number of external funds that are managed by external investment managers, and we require all investment managers to be signatories to the UNPRI.

Responsible supply chain

We work with our suppliers and partners to drive high standards across our supply chain. Strong and productive supplier relationships are key to our continued success. We work closely with our local and national suppliers to communicate our standards, values, principles and sustainability goals to them and ensure they are aligned in helping us offer the best price, product and service solutions to benefit our customers and colleagues.

Suppliers of key services are subject to a robust due diligence process under a Supplier Relationship Management Framework in order to enhance the relationship and risk management. Critical suppliers are subject to ongoing reviews throughout the year at which service levels and adherence to processes and procedures are discussed and any required improvements made as appropriate.

Sustainability considerations are part of all of our procurement activities, including supplier selection, contracts and our ongoing dialogue with suppliers to ensure we make procurement choices with clear environmental and social benefits.

Cyber security and the use and protection of customer data

We take the protection and integrity of personal data very seriously by linking security and data activities to our goals and strategy and promoting effective management of cyber security risks, data risks and threats that our business faces on a daily basis.

Data is at the heart of our organisation. It plays a huge role in everyone’s daily lives. We take the protection and integrity of personal data very seriously, and we recognise that our customers want clarity and transparency about how their data is used and protected.

We have a continuous improvement based approach towards our information security framework which is aligned to the ISO27002:2002 recognised standard. We maintain a focus that ensures customer statutory privacy rights are upheld, including a commitment to process personal data securely by means of appropriate technical and organisational measures. Our policies and procedures seek to ensure the information we collect is stored and used correctly, to protect personal data and to make sure we don’t keep that data for longer than we should.

We have dedicated Information Security, Cyber Security, Data Protection and Compliance teams which are in place to protect and support our business; manage policies and controls; assess risks and prevent inappropriate access to information. We are active across our industry in the areas of cyber and security threat intelligence and we sit as members of cyber co-ordination groups sponsored by the industry regulators.

We support our colleagues to take the steps required to protect our organisation. We have mandatory training for all colleagues and supplementary training is available as required. We regularly engage with colleagues so they are aware of threats and what to do if something goes wrong

Our cyber, data and privacy governance:

  • Links security and data activities to our goals and strategy
  • Engages and empowers colleagues who are responsible for making security and data decisions
  • Promotes effective management of cyber and data risks including building an adequate response to cyber security threats

This framework seeks to address process and human vulnerabilities, reduce the complexity of our technology and data estate, and embed security considerations by design in all of our business decision making. Operational measures are also in place to monitor and respond to data breaches and cyber-attacks. These measures are routinely and independently validated and tested, through vulnerability assessments and penetration testing. This includes carrying out phishing campaigns and exercises to check our levels of resilience and that our incident management procedures are robust.

We have a formal Data Protection Policy in place that applies to all of our operations, whether that data relates to existing or potential customers or colleagues. We ensure that our approach to the collection, use, sharing and retention of user data is clearly stated and available to all data subjects and should privacy notices and other data policies that apply to data subjects be amended, we are committed to notifying those data subjects affected in a timely and appropriate manner.

Effective governance

We believe that observing high standards of corporate governance, acting with integrity and professionalism, with the governing bodies of individual regulated entities championing a healthy, responsible corporate culture, promotes long-term sustainable success.

Our governance framework is kept under constant review and is supported by a prudent system of internal controls and processes for identifying, managing and mitigating key risks. Board and management decisions take into account the views and interest of our wider stakeholders. Ethical conduct and strong governance is integral to meeting the needs of colleagues, customers, and local communities and the running of a successful business, with a broader focus on the environmental and social impacts of our activities underpinning that philosophy.

Our trading subsidiaries, in the UK and Gibraltar, are each separately regulated, by the Financial Conduct Authority (“FCA”) and Gibraltar Financial Services Commission (“GFSC”) respectively. The respective board of directors, each having a non-executive Chair and including an appropriate balance of non-executive and executive directors, is the governing body of each entity, is tasked with ensuring each entity satisfies its regulatory, and broader statutory obligations.

The FCA’s Senior Managers and Certification Regime, and the GFSC’s Regulated Individuals Regime, is embedded within each of the businesses and has, respectively, become part of each entity’s system of governance

Governance structure

The Group board of directors, comprising representatives of our shareholders, Sampo Group plc, and two non-executive directors, oversees the consolidated business and acts as the conduit to ensure that we appropriately adopt the policy and governance framework of the Sampo Group. Each of the main operating subsidiaries has its own board of directors, with a non-executive chair and non-executive directors. The activities of the subsidiaries are coordinated by an Executive Committee, led by the Group CEO and comprising senior functional leaders in each of the subsidiaries and leaders of Group functions.

Each board provides constructive challenge and support to, and oversight of, executive management. Each board has its own sub-committee structure, to consider matters not otherwise considered directly by the board, such as: assessing the integrity of financial reporting and internal controls (Audit Committee); setting overarching principles and parameters of remuneration (Remuneration Committee); reviewing risk strategy, exposures and appetite; and the effectiveness of risk management and regulatory compliance (Risk, Risk and Compliance Committee); and reviewing and recommend appropriate levels of claims reserves (Reserving Committee).

Culture and governance

Compliance
Our Risk and Compliance functions oversee and monitor risk and regulatory matters, supported by an independent internal audit function.

Conduct
We strive to maintain the highest standards of governance, personal and corporate ethics, compliance with laws and regulations, and fair treatment of customers. We value integrity and honesty in all dealings with stakeholders.

Anti-fraud, bribery and corruption
Our policies and practices help to combat money laundering, terrorist funding, fraud, bribery, corruption and tax evasion.

Safe and secure environment for colleagues
We promote a safe, diverse and inclusive working environment, free from bullying, harassment and discrimination, within which all colleagues should be treated fairly and with respect.

Tax strategy
We seek to comply with all legal requirements by making all appropriate returns and payments in respect of our own tax liabilities and by collecting taxes on behalf of tax authorities in accordance with prescribed rules and deadlines.