Risk management system

The Regulation on the Risk Management System was approved by a decision of the Russian Railways Board of Directors on 7 December 2015. The regulation takes into account the recommendations of the Federal State Property Management Agency for the structure and content of internal documents that specify the risk management approaches of companies with state participation, including the formalisation of procedures used to determine preferred risk at the Company.

Goals of the risk management system:
  • To ensure the continuous and stable production operations of Russian Railways by limiting the degree of exposure to negative external and internal factors;
  • To provide a reasonable level of assurance in achieving the targeted benchmarks envisaged by the regulatory documents of Russian Railways given the impact of external and internal factors.

The Regulation on the Risk Management System identifies:

  1. the goals and objectives of the risk management system;
  2. the principles for the operation of the risk management system;
  3. the participants in the risk management process and their functions;
  4. interaction within the risk management system;
  5. the stages of the risk management process.
Primary objectives of the risk management system:
  • to identify potential risk areas and assess the feasibility of preventing or minimising risks;
  • balanced distribution and consolidation of regulatory powers and responsibility among participants in the Russian Railways risk management system;
  • to identify the resources required to eliminate and minimise risks as well as their optimal distribution in accordance with the established regulations;
  • to determine the cost impact of all significant risks on the financial and economic indicators of Russian Railways and build a response system during the Russian Railways Group’s financial planning stage;
  • to develop and assess the set of measures to prevent risk situations and minimise damage if they occur;
  • to prevent risks based on their systematic forecasting and assessment.

Principles for the establishment and operation of the risk management system

Russian Railways adheres to the following principles and approaches for the establishment and operation of the risk management system set forth in the conceptual risk management models of the Committee of Sponsoring Organisations of the Treadway Commission (COSO ERM Enterprise Risk Management. Integrated Framework), the international standard ISO 31000 “Risk Management. Principles and Guidelines” and the requirements of the relevant provisions of the Corporate Governance Code.


  • Introduction of risk management procedures in all functional areas of the Company’s activities, including as part of the procedural approach to management.


  • An objective balance of criteria when adopting decisions on risk response methods: choosing between possible losses and opportunities as well as between risk management costs and possible damages revealed as part of risk management.


  • Risk management based on a common methodology and unified principles taking into account the systematic interconnection of risks, the nature of their mutual influence and possible consequences.


  • Risk management coordinated by risk owners and handled by employees in the process of implementing their job duties.


  • Conducting regular monitoring and updates of information used in the Russian Railways risk management system.

Risk management methods employed

  • avoidance of risk – avoiding steps and activities that may lead to a significant degree of adverse consequences;
  • risk reduction – measures that aim to reduce the probability of risk and/or mitigate possible consequences of risk;
  • risk distribution – reducing risk by transferring it to a third party (insurance, etc.);
  • risk acceptance – covering possible losses from risk occurrence at its own expense.

Measures to improve the risk management system

In August 2016, the Company established a separate structural division that is responsible for the development of the risk management system at Russian Railways and its subsidiaries – the Risk Management Development and Outsourcing Centre – which is tasked with identifying and achieving the development goals of the risk management system of Russian Railways and its subsidiaries, providing methodological support and coordinating the work of the Company’s divisions in this area.

Work was continued in 2016 to improve the risk management regulatory framework at Russian Railways. In particular, the Company adopted guidelines to assess corruption risks at Russian Railways as well as guidelines to build a risk matrix for the operation of railway transportation.