We work thoroughly and efficiently

toimimme tehokkaasti ja huolellisesti.jpg

 

We work openly and build trust in Keva. This requires a thorough way of working.

We are committed to the principles of good governance.

We work cost-consciously. Thorough preparation and procurement sustainability form the basis for high-quality operations.

We take our own Responsibility principles into account in our choice of partners.

We pay particular attention to data protection and security.

The Code of Conduct adopted by the Board of Directors guides all our operations.

Code of Conduct

Keva’s Board of Directors adopted Keva’s Code of Conduct in August 2022. Our employees as well as members of Keva’s Council and the Board of Directors undertake to comply with the Code.

Our Code of Conduct defines where we want to exceed the level set by legislation. 

  • Keva’s mission is to ensure pension cover.
  • Keva’s operations are guided by legislation.
  • Keva secures pension benefits and a stable contribution level.
  • Keva’s operations are guided by customer needs.
  • Think before you click. Information security and data protection are at the heart of Keva’s operations.
  • Prevent conflicts of interest, corruption and bribery.
  • Wellbeing of employees is number one.
  • Your work is genuinely responsible.
  • Be active, open and transparent in your communication.
  • Act correctly. Keva strives to ensure an ethical corporate culture in which Keva employees act correctly and in accordance with the shared values.

Keva Code of Conduct

Aiming for cost efficiency

Keva manages the processing of local government pension applications and payment of pensions and, together with its member organisations, is responsible for funding pensions. Funding is based on pension contributions and investment returns. In addition, Keva manages the pension applications and pension payments of those in the service of the State, Evangelical Lutheran Church, Social Insurance Institution of Finland Kela, the Bank of Finland and the Financial Supervisory Authority. The wellbeing services counties became Keva customers at the beginning of 2023.

Our cost efficiency cannot be directly compared with the efficiency of private sector earnings-related pension companies. We come out well in comparisons of total business costs (excluding investment costs) in the financial statements with the number of insured.

Keva’s business costs are lower because our customers are defined by law. Unlike private sector TyEL pension insurance companies, we have no costs from marketing or distribution channels for canvassing new customers or insurance transfers. Our customers are on average larger than those of TyEL companies and pension insurance is more cost efficient in terms of personnel numbers in large organisations.

 

23_EN_kustannustehokkuus.jpg

Guidelines prevent abuses

We invest pension liability fund assets securely and profitably. In addition, we ensure compliance with legislation governing the operation of the securities market. Besides legislation and regulatory provisions prohibiting the abuse of insider information, we comply with Keva’s Insider Guidelines.

Keva’s Board of Directors adopted the guidelines governing related party transactions and conflicts of interest situations in 2015.

Keva´s administration

Responsible procurements

We strive to reduce the use of energy and materials as well as harmful environmental impacts during the entire lifecycle of products, services and buildings.

Keva’s units make purchases independently and are responsible for their purchases and their responsibility. Where necessary, our Legal Affairs unit assists in legal issues related to the competitive tendering for products and services.

Since 2023 Keva has employed a procurement specialist.

Keva completed 20 procurements in 2023. The estimated value of these exceeded EUR 60,000 over the calculated four-year period. In quantitative terms, 70% of the procurements are professional services. 

We use Hansel, a central purchasing body for central and local governments in Finland, in purchases and Hansel takes into account the responsibility aspects.

Risk management and contingency planning

We want to safeguard the rights of the ensured and pension recipients in all situations. This is why we work on risk management aimed at developing operations and processes as well as at supporting the achievement of Keva’s goals. 

An independent risk management function oversees and supports the implementation and maintenance of Keva’s risk management principles and process.

Keva has a Compliance officer and an Investment compliance officer. The Compliance officer reports to the Administrative Director, the CEO, the Risk Management Committee and to the Board of Directors. The Investment compliance officer reports to the Administrative Director, the CEO the risk management team, the Audit and Risk Management Committee and the Board of Directors.

Aiming to continue services

We are making contingency plans at both the Keva level and in different functions. Planning primarily aims to ensure pensions payment and our other key services also in the event of any disruptions and emergency conditions.

You can read about risk management and contingency planning in our Annual report 2023 (pdf).

 

We ensure privacy and data security

We ensure data confidentiality, integrity and availability. We ensure privacy and strengthen the awareness and competence relating to the data security of all Keva employees.

These key data security policies are part of Keva’s Code on Conduct.

Lawful basis for the processing of personal data

We process personal data that must be stored for a very long time or in perpetuity. Seeing or using the data must be justified for work purposes. Browsing or using personal data leaves a log record and if necessary we can establish on this basis who has processed the data.

Employee customers also have a right to request information about who has seen their data.

Inspection of Personal Data (pdf)

Strong identification and signing based on banking codes are used in online services, like the MyPension service, for employee customers.

Log data under control

All our information systems have been classified to implement the EU’s General Data Protection Regulation (GDPR). The information systems have designated owners who are responsible for the processing of data contained in the system. This is how we ensure that the systems also produce adequate log data from the privacy aspect.

Read more about the processing of personal data: Data protection

Users have strong identification

Keva employees can connect to Keva’s intranet, information systems and files by using so-called identified devices. If a Keva employee wishes to use devices other than Keva’s, special identification, authentication, is required.

Strong identification ensures that outsiders are unable to access Keva’s emails or O365 services.

During 2023, there were 14 data protection triggers and 13 data protection incidents.