Risk management framework
The Group has a Risk Management and Internal Control Framework (RMICF) that encompasses its major assets, business processes, lines of business, and management levels.
Inter RAO’s RMICF was established based on the principles of and approaches to the construction and operation of an effective risk management system described in the following documents:
- Model of the Committee of Sponsoring Organizations of the Treadway Commission (COSO) ‘Internal Control. Integrated Framework’
- Model of the Committee of Sponsoring Organizations of the Treadway Commission (COSO) ‘Enterprise Risk Management – Integrating with Strategy and Performance’
- ISO/GOST R 31000
- Corporate Governance Code recommended for use by Letter No.06-52/2463 of the Bank of Russia dated April 10, 2014
- Guidelines for the Preparation of Regulations on the Risk Management System approved by an order of the Government of the Russian Federation dated June 24, 2015
- Federal Law No.208-FZ dated December 26, 1995 “On Joint-Stock Companies”
Goals and objectives of the RMICF
The goals, basic principles, and common approaches to the organization of the RMICF are enshrined in the PJSC Inter RAO Risk Management and Internal Control Policy.
The RMICF ensures:
- An objective, fair, and clear view of the Group’s current state and prospects
- Reasonable confidence in achieving the goals set for the Group
- A high level of trust among shareholders and investors in the Company’s management bodies
- The protection of investments and assets and keeping risks within acceptable limits
Priorities of risk management and internal control in achieving the Group’s long-term and medium-term goals
Risk management and internal control activities are systematic, comprehensive, and integrated into strategic and operational management at all levels, covering all departments and employees as they perform their functions within any of the Group’s business processes or activities.
The effectiveness of risk management and internal control is attained by prioritizing risk management efforts and implementing control procedures taking into account the criticality of risks and factors. Priority is given to risks that can have the greatest impact on deviations from targets and create the risk of failure to achieve the Group’s goals. The Group strives for an optimal balance in the range of response measures and control procedures and the magnitude of risk, i.e. it avoids ‘excessive’ control and management.
Decisions are adopted based on the scale of the RMICF being introduced at controlled entities taking into account the contribution of subsidiaries to the achievement of the Group’s overall indicators. Risk management and internal control procedures are introduced while taking into consideration their economic efficiency (correlation of the result of their introduction and the cost of resources (financial, managerial, or labor)). Currently, the scope of the RMICF covers 26 of the Group’s companies, which account for 96% of the Group’s IFRS revenue.
Role of the Board of Directors
The Board of Directors determines the principles and approaches used to organize the RMICF and approve risk management and internal control policies, approves the amount of risk appetite for a planned period, critical risk maps, and critical risk management action plans, and also reviews reports on the functioning of the RMICF and reports evaluating the effectiveness of the RMICF on an annual basis.
Incentive system for identifying and monitoring risks [GRI 102–30]
The PJSC Inter RAO Board of Directors approved strategic development goals and priorities on the relationship between risk management and internal control and the Group’s Development Strategy (see the ‘Strategic Priorities’ section). Goals are set at the operational level to assess the achievement of strategic priorities and are included in the KPIs and PBs of the Company’s CEO and members of the Management Board (see the ‘Key Performance Indicators System’ section of this Report). A list of typical risks inherent in the Group’s activities is specified as part of the targets for the RMICF, and targets are set for which the impact of risks is assessed. A detailed breakdown of the Group’s strategic priorities on operational indicators and an assessment of the impact of risks on these indicators ensures the RMICF is integrated with the management incentive system and helps to effectively manage the Group’s companies taking into account their inherent risks.