Risk Management framework
The Company’s risk management framework emphasises effective management decision-making under uncertainties and related risks and capturing identified opportunities to achieve strategic goals.
Risk management is carried out in full compliance with international and national standards. The Company updates its risk management regulations as a part of business-as-usual.
Rostelecom’s key internal documents regulating risk management:
- Risk Management Policy
- Regulations on the Board of Directors and Regulations on the Audit Committee of the Board of Directors
- Regulations on the Integrated Risk Management System
- Regulations on the Risk Management Committee of the Management Board
- Risk Management Procedure
Risk management is based on a system of concise, clear, and measurable corporate goals set by Rostelecom shareholders and management. Rostelecom approves its Risk Management Programme every year and monitors its execution on a quarterly basis.
Risk Management Programme includes:
- a list of strategic risks, and strategic risk scenarios
- key strategic risk indicators and thresholds
- strategic risk management activities.
Operational risks are considered throughout our day-to-day operations and when developing new products and services. To ensure risk monitoring and rapid decision-making, Rostelecom develops and automates risk dashboards for business processes. In particular, Rostelecom developed an automated risk dashboard for procurement in 2018.
Quarterly progress reports on the Risk Management Programme and other relevant matters are reviewed at the meetings of the Management Board’s Risk Management Committee which approve follow-up risk management initiatives.
|Actor||Roles and responsibilities|
|Board of Directors||Defines the operating principles and improvement areas of the risk management framework; performs overall monitoring of risk management performance|
|Audit Committee||Oversees the operation of, and identifies gaps in, the risk management framework; makes recommendations to the Board of Directors|
|The Company’s management||Manages key risks and regularly monitors the risk management framework|
|Internal Audit and Internal Control units||Assess risk management performance and advise on improvements|
|Senior Risk Manager and Risk Management units||Build, monitor, and maintain the risk management framework|
|Business units and employees||Manage risks within their areas of responsibility|
Риски Группы «Ростелеком»
The risk map details the key risks Rostelecom is exposed toFor more details on risks see PJSC Rostelecom’s Annual Report 2018 (Table 8. Risks and mitigation).. Dots show the severity of potential impact and risk likelihood in 2018. Arrows show risk movement forecasts for 2019.
Critical risks may result in:
- failure to achieve KPI targets set in our Strategy and Long-Term Development Programme
- extended business interruptions
- significant downgrade of credit or corporate ratings
- negative publicity in national or international media.
Significant risks may result in:
- significant variance in key performance indicators
- short-term business interruptions
- downgrade of credit or corporate ratings
- negative publicity for the Company in regional or local media.
Moderate risks do not have a material impact on our financial and business performance; however, they need to be monitored to ensure timely detection of their potential growth in materiality.
Development of the risk management system in 2019 will prioritise:
- identifying risks and developing mitigating measures
- deploying advanced risk management solutions
- automating risk dashboards for business processes to enable prompt notification of management.
For more details on Rostelecom’s risk management framework, as well as the results of the analysis of the principal risks for 2018 see the Company’s Annual Report 2018 available at website.