The model of internal control and risk management system

Internal control and risk management system is an element of our corporate governance system. It includes a range of procedures, methods and mechanisms of control, created and used by the Board of Directors, Audit Commission, executive bodies and employees of the Company to ensure reasonable guarantees regarding the achievement of the following goals:

  • Efficiency of process administration;
  • Observation of legislative requirements, that may apply to the Company’s operations, as well as requirements of the Company’s internal documents;
  • Prevention of malpractices of the Company’s employees and third parties with the Company’s assets;
  • Authenticity, completeness and timeliness of all types of reporting.

The system is polished up on all management levels of the Company. Preventive (monitoring) control includes build-up and optimization of processes with baseline control procedures (taking account of implementation expenses and effect) as well as regulation of activities, including description of processes, participants (their authorities and responsibilities) and identification of milestones and control activities. Besides, this type of control includes risk management measures (monitoring, identification and risk evaluation, development and implementation of risk management measures). In-process control includes control procedures by process owners (heads of structural units) and employees during the execution of their functions and control over the achievement of qualitative and quantitative performance indicators and separate lines of activities (monitoring of process efficiency, corrective measures). Follow-up control includes internal audit (inspections of structural units, processes, projects and lines of activities, evaluation of reliability and efficiency of internal control system, participation in internal investigations of abuses, frauds, damages to the Company and its SACs, inappropriate expenditures), external audit (audit of annual financial statements under Russian Accounting Standards and evaluation of status of the Company’s internal control system), inspections (control over financial and operating activities of the Company to check whether it complies with the Russian legislation, charter and internal documents of the Company) as well as auto- evaluation (heads of structural units or senior management evaluate reliability and efficiency of the internal control system).

The participants of the internal control system are:

  • Board of Directors and its Committees;
  • Audit Commission;
  • Management Board;
  • General Director;
  • Collegiate consultative bodies formed by the sole executive bodies to execute specific functions;
  • Heads of structural units;
  • Employees of structural units fulfilling control procedures as their working functions;
  • Internal Audit and Risk Management Department.

Principles of functioning, processes and procedures of risk management and internal control system are regulated by the Risk Management Policy and Internal Control Policy. Under the documents we approved the Regulations on the control environment and risks of “Metering and Transmission” business process, Regulations on the control environment and risks of “Exploitation” business process, Regulations of the control environment and risks of “Procurement” business process and Regulations on the control environment and risks of “Connection” business process.

Resolutions on risk management adopted by the senior management of the Company comply with the Russian legislation and ensure reasonable correlation of beneficial effect and expenses. Executing risk management solutions the Company regularly analyzes its practical efficiency. The Company emphasizes the following risk management operating procedures:

  1. Insurance of property, production facilities and transport, civil responsibilities, medical insurance and other types of insurance;
  2. Diversification of market channels to distribute consumer shares in overall consumption structure;
  3. Refusal to interact with unreliable contractors;
  4. Diversification of procurement of materials, inventories, equipment and services to lower dependence of the Company from stand-alone contractors;
  5. Refusal to implement high-risk investment projects.