Sound Governance
Protecting clients and meeting evolving regulatory expectations
The company's compliance and risk management programs are core to the decision-making process and serve to ensure compliance with applicable laws and regulations and to identify, measure, manage and monitor risk.
We have a strong tone at the top and a culture of compliance, with risk management processes embedded in our day-to-day operations.
We closely review and monitor legislative and regulatory changes for future impact to our clients, business, shareholders and governance.
Committed to maintaining the highest standards of ethical business conduct. We promote a work environment that fosters mutual respect, openness and integrity.
The Ameriprise Global Code of Conduct requires all advisors and employees to strictly adhere to our values and ethical principles, applicable laws and regulations, and our policies and procedures.
We provide confidential Ethics Hotline resources for leaders, employees, advisors, independent contractors and vendors to report any suspected ethics violations. The hotlines are run by independent third parties and allow callers to remain anonymous.
Ameriprise maintains anti-bribery and anticorruption policies. These policies guide employees regarding appropriate behavior and record keeping and help to identify red flags that employees should be aware of.
The General Counsel’s Organization conducts risk assessments and reviews the policies, making revisions when needed based on changes in regulation and external or internal business changes.
We view all employees as risk managers regardless of their role
All employees, registered contractors and financial advisors are required to complete compliance training annually and attest to their fulfillment of regulatory and company-wide requirements. Mandatory compliance education and training topics may include:
- Global Code of Conduct and Code of Ethics
- Anti-money laundering, anti-fraud and anti-bribery
- Privacy and information security
- Internal fraud awareness and reporting
- Workplace health and safety
- Life safety and business continuity management
Operating with effective Board oversight
The Board operates within a corporate governance framework of independent oversight and integrity
As part of its governance responsibilities, the Board actively monitors the performance of our leaders, the management of risk, effectiveness of policies and controls, and execution of our business strategies.
Data as of March 20, 2026
Data as of March 20, 2026
Board and management oversight of corporate social responsibility strategy and reporting
Each committee of the Board has oversight and responsibility of sustainability-related factors. This includes the Audit and Risk Committee’s role in overseeing enterprise risk management and cybersecurity matters, as well as the Compensation and Benefits Committee as it relates to the multiple elements of human capital management, such as engagement, retention of high performers and our enterprise and executive compensation programs. In addition, the full Board reviews and provides oversight of the overall business and strategy of the Company and the related sustainability matters.
With regard to Ameriprise corporate social responsibility (CSR) reporting, the Nominating and Governance Committee of the Board engages with senior management to oversee the Company’s CSR strategy, reporting and other related disclosures. Oversight by the Nominating and Governance Committee ensures appropriate accountability on these topics. The Committee also oversees all material matters relating to corporate political spending and the Company’s memberships in various trade associations.
Nominating and Governance Committee of the Ameriprise Board
- Review of CSR-related reporting
- Shareholder engagement and communication
- Political contributions and trade associations
Enterprise Risk Management Committee of the Ameriprise Board
-
Chaired by CEO
-
Core enterprise risk governance committee
- Ensures broad awareness and visibility of CSR-related reporting through established risk governance processes
Corporate Social Responsibility Governance and Strategy Group
- Provides overall governance of priority sustainability reporting
- Develops corporate social responsibility strategy with a focus on regulatory compliance and ensuring appropriate data and narrative controls
- Chair leads development of Ameriprise Responsible Business information on ameriprise.com and other related communications with regular updates to the Enterprise Risk Management Committee
Maintaining our clients’ privacy and data security
We devote significant management time and resources to protect our clients' privacy and data security. Our privacy protection activities are unified under a single, globally applicable policy and program, governed by our centralized Privacy group.
Online security guarantee
At Ameriprise Financial, we're committed to protecting clients' online security. Our efforts are backed by our online security guarantee, which covers 100% of the value of losses in clients’ Ameriprise® account(s) due to unauthorized online activity, if we conclude that losses were incurred through no fault of the client.
Strong focus and continued investment in cybersecurity
Cybersecurity is a key part of our business and client experience and is integrated into our enterprise risk management processes and policies. Our cybersecurity approach supports both business continuity and risk mitigation. While we have established extensive cybersecurity capabilities, we, like other financial services firms, are not immune to online threats. To date we have not experienced any known material breaches of or interference with our centrally controlled systems and networks.
Audit and review
We regularly audit and enhance our corporate security capabilities across the firm and assess our ability to identify, protect against, detect, respond to and recover from cyber threats.
Data protection
Ameriprise maintains policies, processes and procedures in response to applicable legal requirements concerning the use and protection of personal information by various regulators throughout the global regions in which we operate.
Awareness and response
Our cybersecurity response playbook is refreshed regularly to ensure our actions meet business and regulatory needs to safeguard information and support leaders charged with public company reporting and protecting against inappropriate trading by insiders, promptly making them aware in the event we have a credible belief that a cybersecurity event is occurring or has occurred.