Risk management system
The Regulation on the Risk Management System was approved by a decision of the Russian Railways Board of Directors on 7 December 2015. The regulation takes into account the recommendations of the Federal State Property Management Agency for the structure and content of internal documents that specify the risk management approaches of companies with state participation, including the formalisation of procedures used to determine preferred risk at the Company.
The Regulation on the Risk Management System identifies:
- the goals and objectives of the risk management system;
- the principles for the operation of the risk management system;
- the participants in the risk management process and their functions;
- interaction within the risk management system;
- the stages of the risk management process.
Principles for the establishment and operation of the risk management system
Russian Railways adheres to the following principles and approaches for the establishment and operation of the risk management system set forth in the conceptual risk management models of the Committee of Sponsoring Organisations of the Treadway Commission (COSO ERM Enterprise Risk Management. Integrated Framework), the international standard ISO 31000 “Risk Management. Principles and Guidelines” and the requirements of the relevant provisions of the Corporate Governance Code.
COVERAGE OF ALL TYPES OF ACTIVITIES
- Introduction of risk management procedures in all functional areas of the Company’s activities, including as part of the procedural approach to management.
- An objective balance of criteria when adopting decisions on risk response methods: choosing between possible losses and opportunities as well as between risk management costs and possible damages revealed as part of risk management.
- Risk management based on a common methodology and unified principles taking into account the systematic interconnection of risks, the nature of their mutual influence and possible consequences.
- Risk management coordinated by risk owners and handled by employees in the process of implementing their job duties.
- Conducting regular monitoring and updates of information used in the Russian Railways risk management system.
Risk management methods employed
- avoidance of risk – avoiding steps and activities that may lead to a significant degree of adverse consequences;
- risk reduction – measures that aim to reduce the probability of risk and/or mitigate possible consequences of risk;
- risk distribution – reducing risk by transferring it to a third party (insurance, etc.);
- risk acceptance – covering possible losses from risk occurrence at its own expense.
Measures to improve the risk management system
In August 2016, the Company established a separate structural division that is responsible for the development of the risk management system at Russian Railways and its subsidiaries – the Risk Management Development and Outsourcing Centre – which is tasked with identifying and achieving the development goals of the risk management system of Russian Railways and its subsidiaries, providing methodological support and coordinating the work of the Company’s divisions in this area.
Work was continued in 2016 to improve the risk management regulatory framework at Russian Railways. In particular, the Company adopted guidelines to assess corruption risks at Russian Railways as well as guidelines to build a risk matrix for the operation of railway transportation.