Move
Up
Sustainable Development Report 2018
Menu
RUS
Quick Analyzer
Video version
Contrast version
Feedback form
X
Sustainability Report
2018 RUS
Quick Analyzer
Video version
Contrast version
Feedback form

Sustainability Risk Management

102-11
Risk management is one of the key processes that ensures the stability of business. Metalloinvest strives to proactively manage risks before they materialise and thus introduces risk management components into each business process.

As part of the Corporate Risk Management and Internal Control System, each functional unit performs risk management. The Management Company’s Internal Control and Risk Management Department serves as the main methodologist and is responsible for developing and improving procedures used to identify, assess, and monitor risks. Risks identified at the level of structural units are evaluated, ranked, and documented in the unified risk register. The Board of Directors monitors the response measures and ongoing status of key risks.

102-29, 102-30,102-31
The Risk Committee of the Management Board handles the operational management of the Corporate Risk Management and Internal Control System. The Risk Committee, which includes the heads of functions at production facilities, meets at least once a month to discuss day-to-day risk management matters. The committee may meet more frequently if there are issues requiring urgent resolution. The Risk Committee met 15 times in 2018. Feedback from business units directs the meeting agenda. The Risk Committee develops its main conclusions and recommendations on the issues in question and refers the most significant matters to the Audit Committee for consideration. The Audit Committee also monitors quarterly reporting on the status of the risk management and internal control system, reports on risks that have materialised, and compliance with the Group's risk appetite. It approves the Corporate Risk Management and Internal Control System Strategy and key initiatives to develop this function. The Board of Directors is the final authority that reviews and approves reports and the Corporate Risk Management and Internal Control System Strategy. The current status of the CRMICS is reported by the Chairman of the Audit Committee of the Board of Directors.

In 2018, Metalloinvest approved the Strategy for the Corporate Risk Management and Internal Control System, which has become a top-level document within the risk management system that is complemented by the existing Corporate Risk Management and Internal Control System standard and the regulation on the management of business processes (risk management and internal control). The approval of the Strategy has become part of the implementation of the recommendations obtained during an independent audit of the maturity of the Risk Management System that was carried out in 2017.

According to the Strategy, one of the priority areas for developing the risk management and internal control system is the development and introduction of targeted risk management programmes for occupational health and safety and environmental safety, the development of the compliance function and an integral compliance programme, and conducting an assessment of compliance with the ISO 37001:2016 Anti-bribery management systems. As part of its strategy, the Company establishes zero tolerance for any manifestations of the risk of corruption, fraud, harm, or damage to the health of workers and the environment.

For more about the risk management system and regulatory documents, see the 2018 Annual Report.

Key measures carried out in 2018

  • One of the key roles of the risk management and internal control function in the transformation and automation of the Group’s business processes.
  • Active participation in the work of the Transformation Office, a structural unit headed by the Director for Strategy, Development and Transformation, which manages over 20 related automation and transformation projects with methodological support from the Internal Control and Risk Management Department.
  • The introduction of the automated SAP GRC Access Control module as part of the first deployment phase of the mining segment’s integrated management system for financial and economic activities (IMS FEA). The module separate access rights and reduce the risk of errors and personnel misconduct.
  • The creation of a process model of the Company and the coordinated development of regulations for automated business processes, including risk and control matrices.

102-15

Key risk groups relevant to the Company’s sustainable development
Non-financial risks groups Brief description of risks External factors Internal factors Possible implications Risk mitigation measures
Risks related to changes in legislation
  • Government decisions that have a direct significant impact on the Company’s operations
  • Changes to external economic and political factors and lobbying
-
  • Additional costs for business; civil and administrative liability for management of the Company
  • Monitoring of changes in legislation and quarterly compilation of a report on the impact these changes have on the Company’s operations
  • Decision-making on the Company’s response to changes and the notification of the responsible units
Risks associated with personnel management For more details on engagement with employees, see the section Responsibility to Employees.
  • Lack of qualified personnel
  • Outflow of key employees
  • Workplace tensions and employee dissatisfaction
-
  • Lack of employee motivation
  • Ineffective personnel training system
  • Worsening of discipline and manageability
  • Financial damage
  • Slowdown and decline in the efficiency of production processes
  • Modernisation of the corporate employee training system
  • Development of a system to hire young employees and the creation of a talent pool
  • Development of a system of financial and non-financial incentives for employees as well as a system of social support
Risks related to corporate governance For more details on the corporate governance system, see the section Corporate Governance.
  • Shortcomings in corporate governance
  • Lack of human resources on the market
  • Redundancy of job functions
  • Lack of expertise
  • Gaps in regulation
  • High transaction costs
  • Shortcomings in training programmes
  • Slow pace of decision-making and implementation
  • Poor decision-making by management
  • Negative impact on ratings
  • Periodic evaluation of activities, including in terms of managing economic, environmental, and social issues
Cyber risks
  • Cyber attacks by intruders
  • Breach of information security as a result of employee’s actions/inaction
  • Paid-for and criminal nature of information security threats
    • Lack of qualified personnel
    • Insufficient effectiveness of existing information security tools
    • Breach of information systems, workstations, and automated process control systems
    • Financial damage
    • Disclosure and theft of confidential information
    • Unauthorised modification and deletion of information
    • Fines and claims by regulators, claims by individuals, criminal liability, and the disqualification of managers
    • Hiring highly qualified personnel
    • Regular checks and timely security system updates
    Corruption risks For more details on anti-corruption measures, see the section Business Ethics and Anti-Corruption.
    • Economic damage due to abuse by employees, corporate fraud, or corruption
    • Third parties offering bribes to Company employees
    • Criminal intentions of employees
    • Inadequate performance of official duties by employees
    • Ineffective leadership
    • Lack of control procedures
    • Conflict of interest
    • Likelihood of losing of assets
    • Damage to business reputation
    • Economic damage
    • Deterioration of employees’ production discipline
    • Possible lawsuits
    • Claims by the state authorities
    • Promoting awareness about ethics and anti-corruption issues
    • Use of a hotline on anti-corruption policy issues
    • Investigation of complaints and disciplinary action in cases when violations are confirmed
    • Employee training at the International Compliance Association
    Risks related to cooperation with third parties (suppliers) For more details on engagement with suppliers, see the section Supply Chain.
    • Economic damage from counterparty wrongdoing
    • Improper performance of contractual obligations
    • Unreliable counterparties
    • Accumulation of receivables
    • Unfair competition
    • Signing of contracts on knowingly unfavourable conditions
    • Insufficient verification of counterparties
    • Probability of loss of assets
    • Court proceedings / costs
    • Damage to business reputation
    • Economic damage
    • Dissemination of inaccurate negative information about the Company’s enterprises, shareholders, and employees
    • Introduction of an effective procurement operating model to streamline processes
    • Automation of procurement activities
    • Strict supplier selection based on ESG criteria
    Environmental risks For more details on environmental protection measures and compliance with environmental legislation, see the section Environmental Responsibility.
    • Negative environmental impact as regards emissions, discharges, and waste as well as water and energy consumption
    • Failure to comply with the requirements of environmental legislation
    • Changes in environmental legislation <
    /td>
    • Commissioning of new production facilities that do not meet environmental criteria • Cumulative effect of negative environmental impact
    • Loss of goodwill
    • Financial damage
    • Claims by the state authorities
    • Possible lawsuits
    • Timely monitoring of changes in environmental legislation
    • External audit of the compliance of the Company’s environmental management systems and integrated management systems with the requirements of ISO 14001:2015
    • Integration of the best available technologies (BAT) during the construction and modernisation of production facilities
    Risks related to occupational health and safety For more details, see the section Occupational Health and Safety.
    • Workplace accidents
    • Occupational diseases among employees
    • Accidents and incidents
    • Equipment defects
    • Incidents resulting from traffic accidents
    • Employees’ susceptibility to diseases due to weakened immunity
    • Violation of safety instructions by employees
    • Insufficient monitoring of hazards and emerging risks
    • Commissioning of equipment that has not been tested and insufficient monitoring of the condition of existing equipment
    • Equipment depreciation
    • Damage to business reputation
    • Financial damage
    • Claims by the state authorities
    • Possible lawsuits
    • Slowdown and decline in the efficiency of production processes
    • Weakened employer brand
    • Audit of the workplace safety system
    • Ensuring compliance with the recommendations of OHSAS 18001:2007
    • Increased occupational health and safety costs
    • Modernisation of personal protective equipment
    • Implementation of a programme to reduce the number of cases of occupational disease
    • Introduction of an innovative approach to the occupational health and safety management system: behavioural audits, integration of the internal corporate training system, and the introduction of an automated inspection system

    For more details on the Company’s key risks, including commercial, financial, industrial, investment, legal, GR, and HR risks, see the section Key Risks of the 2018 Annual Report (pp. 100-104).

    My Report (0)
    Add to favorites
    Share
    Download Center
    Print
    © 2019 JSC Holding Company METALLOINVEST
    Contact Information:
    Rublyevskoye
    Highway 28 , Moscow, 121609;
    Tel. + 7 (495) 981-55-55
    Fax: + 7 (495) 981-99-92
    E-mail: ir@metalloinvest.com
    Corporate website:
    www.metalloinvest.com
    Content:
    About the Company
    Strategy
    Results Overview
    Sustainable Development
    Corporate Governance
    Useful links:
    Interactive analysis
    Feedback Form
    Site Map
    Disclaimer