Systems of internal control, Audit and Risk management
The audit commission performs the control of RVC’s financial and business activity. An external independent auditor verifies the financial statements (bookkeeping report) of the company, as approved by the General Meeting of Shareholders selected in an open process. The system of internal control, audit and risk management is represented by the relative structure divisions of the company.
RVC carries out complex work to develop a system of internal control, audit and risk management that corresponds to the best practices of corporate governance.
The Audit Commission is elected by the RVC’s General Meeting of Shareholders. The activities of the Audit Commission are to control the company’s financial and business activities in order to increase efficiency and to protect shareholder interests.
The activities of the Audit Commission are set out in RVC’s Regulations on the Audit Commission.
The Audit Commission is composed of not less than three and not more than five members elected by the RVC’s General Meeting of Shareholders. Members of the Audit Commission must not be members of the Board of Directors simultaneously, nor hold other positions of responsibility within the management bodies of RVC.
Members of the Audit commission:
(Elected by the decision of the annual general meeting of shareholders on June 30, 2016)
- Alexei Demchishin — Advisor to the Deputy Board Chairman of Saint-Petersburg Bank OJSC;
- Ivan Chigirin — Head of the Department for Internal Control at Rus-Hydro OJSC;
- Nikolai Starchenko — Deputy Chairman of the National Association of Corporate Directors;
- Eugene Chutkin — Associate Professor of the International Law Institute.
To verify and confirm the accuracy of its annual financial statements, RVC hires a professional auditor, who is approved by RVC’s General Meeting of Shareholders.
RVC’s financial statements in 2018 were audited by Intercom-Audit Ltd. (Moscow).
Internal Control and Audit
The system of internal control and auditing that operates in RVC is represented by the Internal Audit Service and the Department of Risk Analysis. The system for internal control and auditing ensures the compliance of activities with RVC and its subsidiaries, as established by Russian legislation and company documents. The task of the Internal Audit Service is the effective internal control of the activities of RVC and its subsidiaries. The Department for Risk Analysis ensures the coordination of work for the structural departments of the company and its subsidiaries to minimize risks in the process of implementing programs and projects.
RVC takes measures to improve the organizational and legal basis for the functioning of the system of internal control and audit, bringing it into compliance with the recommendations of the Corporate Governance Commission of RVC, the Corporate Governance Code and best practices.
Risk Management System
RVC has developed and implemented a Risk Management System (hereinafter RMS).
RMS is a continuous process that affects all of the company’s activities. It is aimed at identifying potential events that may influence the activities of RVC, and also at managing risks to an acceptable level and ensuring the achievement of strategic and programmatic goals of the company.
RMS is focused on providing improved effectiveness of the company over short-term, medium-term and long-term periods, in accordance with the priority lines of work.
Among RMS tasks are the formation of a unified approach to risk identification and assessment, reaction to risks, the development of control procedures, the exchange of information regarding risks, setting of goals and aims for risk management by RVC management bodies, monitoring risks and educating workers.
The aims of RMS:
- Increasing the efficiency of strategic and program activities, and
achieving the planned indicators;
- Creating the conditions for rational use of resources;
- Establishing activity priorities and taking optimal management
- Improvement of internal and external communications at RVC;
- On-going reaction to changes in risks, including newly identified challenges.
The outlined goals are achievable by:
- The development of a policy of risk management and organizational legal regulation of RMS;
- The creation of a culture of risk management in the company, understanding by the management and employees of the company based on principles and approaches to risk management;
- The embedding of risk management in the general management process of RVC;
- Consistent implementation of RMS as a continuous working process in the structural departments of RVC;
- The centralization of risk management activities; the exchange of information within the company about risks and negative consequences of ignoring them;
- The implementation of plans to reduce the current level of risk;
- Monitoring and auditing of risks;
- The development of measures to manage risks;
- Informing RVC’s management bodies about changing risks.
The strategy of RVC in the field of risk management is aimed at supporting a corporate culture in which risk identification and reaction to risks is an integral component of the management process in general, and in particular of planning, the management of current activities, and corporate management. Risk management is implemented systematically using a preventative approach.