2015 Annual Report

ru

Key risks

The risk management system is part of the Group’s overall management system and is focused on ensuring sustainable development under the Development Strategy approved by the Supervisory Board of the Bank. Our risk management system complies with Bank of Russia’s requirements and the regulations of the Russian Federation taking into account the recommendations of the Basel Committee on Banking Supervision.

The Group’s Risk Management System

Risk awareness. The decision to perform any transaction is made only after comprehensive analysis of risks arising in the course of such transaction.

Management of activities with regard to accepted risk. The Group assesses the adequacy of available capital by applying internal capital adequacy assessment procedures.

Top management involvement in risk and capital management. The Supervisory Board, President, Chairman of the Board, Executive Board, and other executive bodies of the bank as well as the supervisory councils and executive bodies of Group members receive information regularly on assumed risks and violations of any risk management procedures, limits, or restrictions.

Risk Limitations. The Group has an effective multilevel system of limits and restrictions ensuring maintenance of an acceptable risk level or Group risk appetite.

Division of functions, powers and responsibilities related to risk acceptance and management. The organisational structure of the bank and the Group members is formed with due regard for requirements prohibiting conflicts of interest and provides for the division of functions and powers of the collegiate bodies, business units, and authorised employees with regard to risk acceptance and management. The Group manages risks based on the principle of “three lines of defense”: risk acceptance (the first line of defense), risk management (the second line of defense), and auditing of the risk management system (the third line of defense).

Centralised and decentralised approaches. We combine centralised and decentralised approaches to the management of risks and capital adequacy to ensure maximum effectiveness.

Use of information technologies. Management of risks and capital adequacy is based on advanced information technologies that improve the quality and promptness of decision making.

Improvement of methods. Risk and capital adequacy management methods are continuously being improved, and procedures, technologies, and information systems are being refined in light of existing strategic objectives, environment changes, and innovations in international practice.

Risk culture. The Group is implementing a project to develop the risk culture to ensure the sustainable and effective operation of the risk management system. This project is aimed at shaping employee behaviour so that they could openly discuss and respond to any existing and potential risks and also at fostering an internal mental intolerance toward ignoring or hushing up risks and risky behaviour of other people. Risk culture supplements the formal existing mechanisms and makes up an essential part of the integrated risk management system. We pay special attention to employees’ behaviour as a practical manifestation of risk culture.

Labour remuneration system. The Group’s Labour remuneration system ensures that the amount of employees’ remuneration is in line with the nature and scope of their operations, performance, and the level and combination of accepted risks.

Information Disclosure. All information required in compliance with regulators’ requirements related to risk and capital adequacy management is subject to disclosure. The content and frequency of such information are determined in accordance with regulatory requirements.