Corporate Governance Statement

General issues


This Statement has been issued separately from the company's operating and financial review.

Digia's corporate governance system is based on the Companies Act, the Securities Markets Act, general corporate governance recommendations, and the company's Articles of Association and in-company rules and regulations on corporate governance.

Digia's corporate governance principles are integrity, accountability, fairness and transparency. This means, inter alia, that:

  • The company complies with the applicable laws, rules and regulations.
  • The company organises, plans and manages its operations, and does business abiding by the applicable professional requirements approved by Board members, who demonstrate due care and responsibility in performing their duties.
  • The company demonstrates special prudence with respect to the management of its capital and assets.
  • The company's policy is to keep all market participants actively, openly and equitably informed of its business operations.
  • The company's management, administration and personnel are subject to the appropriate internal and external audits and supervision.


Adherence to the Governance Code


Digia adheres to the Governance Code for Listed Finnish Companies, issued on 15 June 2010 by the Finnish Securities Market Association.

The Governance Code can be read on the website of Finnish Securities Market Association at

Shareholders' Meeting


Digia's highest decision-making body is the Shareholders' Meeting at which shareholders exercise their voting rights regarding company matters. Each company share entitles the holder to one vote at the Shareholders' Meeting.

AGM will be held annually within three months of the end of the financial year. An Extraordinary General Meeting will be held if the Board of Directors deems it necessary or if requested in writing by a company auditor or shareholders holding a minimum of 10 per cent of the company's shares, for the purpose of discussing a specific issue.

The Finnish Limited Liability Companies Act and Digia's Articles of Association define the responsibilities and duties of the Shareholders' Meeting. Extraordinary General Meetings decide on the matters for which they have been specifically convened.

Board of Directors


Operations and duties


Elected by the Shareholders' Meeting, the Board of Directors is in charge of company administration and the appropriate organisation of company operations. Under the Articles of Association, the Board of Directors must consist of a minimum of five and a maximum of eight members. The Nomination Committee prepares a proposal for the Shareholders' Meeting regarding the composition of the new Board of Directors to be appointed.

The majority of Board members must be independent of the company and a minimum of two of those members must also be independent of the company's major shareholders. The Managing Director or other company employees under the Managing Director's direction may not be elected members of the Board.

The term of all Board members expires at the end of the Annual General Meeting following their election. A Board member can be re-elected without limitations on the number of successive terms. The Board of Directors elects its Chairman and Vice Chairman from amongst its members. If the Board so decides, the position of Chairman of the Board may be a full-time job. Upon the full-time Chairman of the Board of Directors since 2005, Pekka Sivonen announcing in the AGM 2010 that he is no longer available for the chairman's position in the new Board to be elected by the AGM, the company announced that it will give up the practice to have a full-time chairman of the Board.

The Board has prepared and approved a written agenda for its work. In addition to Board duties prescribed by the Companies Act and other rules and regulations, Digia's Board of Directors is responsible for issues on its agenda, observing the following guidelines:

  • Good board practices require that the Board of Directors, instead of needlessly interfering in the details involved in day-to-day operations, concentrate on elaborating the company's short- and long-term strategies.
  • The Board's general duty is to steer the company's business with a view to maximizing shareholder value in the long term, while taking account of expectations set by various stakeholder groups; and 
  • Board members are required to perform on the basis of sufficient, relevant and updated information, in order to serve the company's interests.


In addition, the Board's agenda:

  • defines the Board's annual action plan and provides a preliminary meeting schedule and framework agenda for each meeting;
  • provides guidelines for the Board's annual self-assessment; 
  • provides guidelines for distributing notices of meetings and advance information to the Board and procedures for keeping and adopting minutes; 
  • defines job descriptions for the Chairman, members and secretary of the Board of Directors (the secretary is the Company's General Counsel or, if absent, the CEO); and 
  • defines the framework within which the Board may set up special committees or working groups.


During the 2010 financial year, the Board convened 18 times. The meeting attendance rate averaged 98 per cent.

The Board evaluates its activities and working methods annually, employing an external consultant for this evaluation, if necessary.

Board Members

In 2010, the Digia Plc Board of Directors comprised:

Pertti Kyttälä, b. 1950, M.Sc. (Econ.)
Board member since 2005 and Chairman of the Board since 2010. Chairman of the Board's Audit Committee. Previously Vice Chairman of the Board. Currently Managing Director of Peranit Ltd. His previous posts include CEO of Radiolinja Ltd (1999–2003), IT Director of Helsinki Telephone Company (1997–1999), Managing Director of Samlink Ltd (1994–1997), and Managing Director and Deputy Managing Director of Sp-palvelu Ltd (1991–1994). Previously, he has held various positions at SKOP Bank (1985–1990) and OKO Bank (1973–1985). Moreover, he is Chairman of the Board of Directors at ASAN Security Technologies Ltd.

Martti Mehtälä, b. 1957, M.Sc. (Tech.)
Board member since 2007 and Vice Chairman of the Board since 2010. Chairman of the Board's Compensation Committee. Until June 2007, served as Managing Director of Microsoft Oy for 12 years. Previously held managerial sales and marketing positions at Nokia Data and ICL Data Oy, as well as serving as Dava Oy's Managing Director and Country Director of Computervision Inc. Over 25 years' experience of IT implementation and of sales and marketing in various industries, and broad experience of working in cooperation with Finland's most extensive IT partner network and various international partners. Positions of trust have included membership of the National Information Security Advisory Board established by the Ministry of Transport and Communications and of the National Board of Economic Defense.

Robert Ingman, b. 1961, M.Sc. (Eng.), M.Sc. (Econ.)
Member of the Board since 2010. Member of the Board's Nomination Committee. Currently Managing Director of Arla Ingman Oy Ab. Previously he has served as the Managing Director of Ingman Group Oy Ab and Ingman Foods Ab (1997–2006). In addition, Robert Ingman is the Chairman of the Board of Ingman Group Oy Ab and a member of Etteplan Oyj's and Evli Pankki Oyj's Boards.

Kari Karvinen, b. 1959, MA
Member of the Board since 1990. Member of the Board's Audit Committee and the Nomination Committee. Co-founder of SysOpen Plc. Chairman of the Board (2002–2005) and Vice Chairman (1999–2002) of Sysopen. Vice Chairman of the Board at Digia Plc (2005–2007). Board professional and independent investor. At SysOpen Plc, held the posts of deputy Managing Director (1990–1999), Director of Planning (1999–2000) and full-time Chairman of the Board (2002–2004). His previous posts include Managing Director and Product Manager at Helsingin PC-Konsultit Ltd (1988–1990), and various IT industry posts at Sycon Ltd (1982–1988). Member of the Finnish Association of Professional Board Members since 2003.

Pekka Sivonen, b. 1961, Secondary school graduate in Political Science
Member of the Board since 1997. Chairman of the Board's Nomination Committee and member of the Compensation Committee. Previously full-time Chairman of the Board of Directors of Digia Oyj (2005–2010). Founding shareholder of Digia Inc., Board member (1997–2005) and Chairman (2000–2005). CEO of Digia Inc (1997–2000). Chair of the National Emergency Supply Agency's Technology Pool since 2007. Currently also Chairman of the Board at BlueWhite Resorts Ltd and Comma Group Ltd. Member of the Finnish Association of Professional Board Members since 2005.

Tommi Uhari, b. 1971, M.Sc. (Eng.)
Member of the Board since 2010. Member of the Board's Compensation Committee. Previously Uhari has served as a management team member of ST Microelectronics (2006-2010). In addition, he has held various managerial positions at ST's joint ventures in the wireless business ST-NXP Wireless and ST-Ericsson (2008-2010), and he has also acted as head of ST's Wireless Business Unit (2006-2008). Prior to that, Uhari was in charge of Wireless and SW platforms units at Nokia (1999-2006).

Marjatta Virtanen, b. 1950, M.Sc. (Econ.)
Member of the Board since 2010. Member of the Board's Audit Committee. Currently CEO and IR consultant at IRMA Advisors Oy. Previously Virtanen held the post of Market Supervisor at Financial Supervisory Authority, formerly Financial Supervision, (2006–2009). During her long career in communications and investor relations Marjatta Virtanen has served as Head of Communications at Hartwall (1988–1993) and at Tamro (2001–2004). She has also worked as an IR consultant and CEO at Viherjuuri Communications (1994–2001) and at IRMA Advisors Oy (2004–2006). Member of the Finnish Association of Professional Board Members since 2010.

Heikki Mäkijärvi, b. 1959, M.Sc. (Eng.)
Board member since 2009 until 2010.

Jari Pasanen, b. 1960, Licentiate of Technology
Board member since 2009 until 2010.

Of the aforementioned members of the Board, Pertti Kyttälä, Martti Mehtälä, Kari Karvinen, Tommi Uhari and Marjatta Virtanen are independent of the company and its major shareholders. Robert Ingman is independent of the company.

Committees of the Board of Directors


The Digia Board of Directors had three committees in 2010: the Compensation Committee, the Audit Committee, and the Nomination Committee.

These committees do not hold powers of decision or execution. They assist the Board in decision-making concerning their own areas of expertise. The committees report regularly on their work to the Board, which governs and assumes collegiate responsibility for the committees' work.

Purpose of Digia's Compensation Committee is to prepare and follow up compensation and remuneration schemes in order to ensure that the company's targets are met, to guarantee the objectivity of decision-making, and to see to it that the schemes are transparent and systematic. In 2010, the members of the Compensation Committee were Martti Mehtälä (Chairman), Pekka Sivonen and Tommi Uhari. In 2010, the committee convened three times, with full attendance by all members.

Purpose of the Audit Committee is to assist the Board of Directors in ensuring that the company's financial reporting, accounting methods, financial statements and other reported financial information are legitimate, balanced, transparent and clear, as further specified in the agenda. In 2010 the Audit Committee was composed of Pertti Kyttälä (Chairman), Kari Karvinen and Marjatta Virtanen. The committee convened four times in 2010, with full attendance by all members.

Nomination Committee's duty is to prepare a proposal for the Annual General Meeting concerning the number of members of the Board of Directors, the members of the Board of Directors, the remuneration of the Chairman, Vice Chairman and members of the Board and the remuneration of the chairmen and members of the committees of the Board of Directors. In 2010, the members of the Nomination Committee were Pekka Sivonen (Chairman), Kari Karvinen and Robert Ingman. The committee convened once, with full attendance by all members.



The company's Chief Executive Officer is appointed by the Board of Directors. The CEO is in charge of Digia's business operations and administration in accordance with the instructions and regulations issued by the Board of Directors, and as defined by the Finnish Limited Liability Companies Act. The CEO may take exceptional and far-reaching measures, in view of the nature and scope of the company's activities, only if so authorised by the Board of Directors. The CEO chairs the Group Management Team's meetings. Moreover, the CEO is not a member of the Board of Directors, but attends Board meetings.

The CEO's service contract, approved by the Board of Directors, defines the key terms and conditions which govern his/her position, in writing.

M.B.A. Juha Varelius (b. 1963) has been the company's CEO since the beginning of 2008.

Internal control and risk management related to financial reporting


Control functions and control environment


The company has a controller function tasked with verifying monthly reports. This controller function reports to the management, the Board of Directors and the Board's Audit Committee regarding the financial performance of the company and its divisions.

The company uses a reporting system which compiles separate subsidiaries' reports into the consolidated financial statements. There are written directives for completing the financial reports of subsidiaries. Compliance with these directives is monitored by the controller function. The company also has the necessary, separate reporting facilities for monitoring business operations and asset management.

The Group finance unit provides instructions for drawing up financial statements and interim financial statements, and compiles the consolidated financial statements. The finance unit has centralised control over the group's funding and asset management, and is in charge of managing interest rate risk.

Internal risk control


As a general principle, authorisation is distributed in Digia in such a way that no individual may independently perform measures unbeknown to at least one other individual. For example, the company's bookkeeping and asset management are managed by separate persons, and two authorised persons are needed to sign on behalf of the company.

The Group's business is divided into divisions whose Senior Vice Presidents (SVPs) report to the CEO. Reporting and supervision are based on annual budgets that are reviewed monthly, on monthly income reporting and on updates of the latest forecasts.

The SVPs in charge of the divisions report to the Group Management Team on development matters, strategic and annual planning, business and income monitoring, investments, potential acquisition targets and internal organisation matters related to their areas of responsibility. Each division has its own management team.

Digia's operational management and supervision take place according to the corporate governance system described above.

The Group's administration unit is in charge of HR management and policy, as well as properties and the viability of working conditions in each facility. The legal affairs unit provides instructions for and monitors contracts made by the company and ensures the legality of the Group's operations.



The Group's General Counsel is in charge of the company's external communications and their correctness. External communications include financial reports and other stock exchange communications. The General Counsel is responsible for the publication of interim reports and financial statements, as well as for actions related to convening and holding Shareholders' Meetings. Most communications take place through the company's website and using stock exchange releases.

Risk management


The purpose of the company's risk management process is to identify and manage risks in such a way that the company is able to meet its strategic and financial targets. Risk management is a continuous process, by which the major risks are identified, listed and assessed, the key persons in charge of risk management are appointed and risks are prioritised according to an assessment scale in order to compare the effects and mutual significance of risks.

The main operational risks handled by Digia's risk management function are customer risk, personnel risk, project risk, data security risk and goodwill risk.

The company manages customer risk by actively developing its customer portfolio structure and avoiding any potential risk positions. Personnel risks are assessed and managed using a quarterly goal and development discussion process for key personnel. To improve personnel commitment, the company strives to improve the efficiency of internal communications systematically, using personnel events and increasing the visibility of management. Key project audits are carried out with a view to enhancing project risk management and securing the success of project deliveries to customers. In addition, the Group's certified quality systems are regularly evaluated and the Group has increased the efficiency of its project delivery reporting practices in relation to corporate governance and finance. Data security risk is managed through data security audits and continuous development of working models, security practices and processes. Risks associated with the integration of businesses, shared operating models and best practices, as well as their integrated development, are managed according to plan under the supervision of the Group Management Team. With respect to IFRS-compliant accounting policies, the Group actively monitors goodwill and the related impairment tests, as part of prudent and proactive risk management practices within financial management.

In addition to operational risks, the company is subject to financial risks. Digia Plc's internal and external financing and the management of financial risks are coordinated by the finance function of the Group's parent company. This function is responsible for the Group's liquidity, sufficiency of financing, and the management of interest rate and currency risk. The Group is exposed to several financial risks during the normal course of its business. The objective of the Group's risk management is to minimise the adverse effects of changes in the financial markets on the Group's earnings. The primary types of financial risks are interest rate risk, credit risk and funding risk. The general principles of risk management are approved by the Board of Directors, and the Group's finance function is responsible for their practical implementation together with the business divisions.