Development of internal control and risk management

The Ministry of Finance continued to develop internal control and risk management in central government in 2023–2025. The Ministry launched a project that examined how to make internal control and risk management into a strategic part of central government processes. The Ministry partnered with the OECD in the project, which was funded by the EU.

The Ministry worked with stakeholders to determine whether the regulation or organisation of internal control and risk management needed to be amended. The project also aimed to improve central government’s ability to design, develop and maintain effective internal control and risk management processes.

Results

The project produced:

  • an analysis of the current state of internal control and risk management
  • a recommendation on strategic guidance of internal control and risk management and the implementation of that guidance;
  • a recommendation on the legislative foundation for internal control and the development of that foundation;
  • a procedure for identifying and evaluating systemic risks;
  • a proposal for measures to raise awareness of internal control and risk management;
  • a frame of reference for monitoring and assessment.

Implementation

This central government development project ran for one and a half years. The project was completed in November 2025. 

The Government Financial Controller’s Function in the Ministry of Finance was responsible for the project. The Advisory Council on Internal Control and Risk Management and the risk management and internal audit divisions operating under it also participated in the project. 

Other central government parties were consulted over the course of the project, for example, in interviews, workshops, hearings and stakeholder meetings.

The European Union financed the project through the Technical Support Instrument (TSI). The TSI provides EU Member States support in designing and implementing reforms.

Background

The need to develop risk management at the level of central government has come up in several connections. For example, Parliament has required that central government risk management be improved by creating compatible procedures and defining the responsibilities for risk management at the level of central government.

In 2021, a Ministry of Finance working group set a target that risk management should support the central government's decision-making as part of its system of corporate governance. The working group made proposals for the organisation, guidance and division of responsibilities of risk management on the central government level and for coordinating risk management at the branch of government and agency levels.

Among other things, the working group proposed an assessment of the statutes, instructions and recommendations governing risk management. Relevant statutes can be found in budget legislation and other legislation. The working group was of the opinion that the assessment should identify needs for review.

Finland develops internal control and risk management based on OECD recommendations (news item 31 October 2025)

OECD publication: Strengthening Internal Control and Risk Management in Finland – From Diagnosis to Action (OECD website)

EU Technical Support Instrument (European Commission)

Contact information

Jaana Kuusisto
Government Controller-General
jaana.kuusisto(at)gov.fi
Tel. +358 295 530 051