Contents:

Since 2015, the Company has implemented a multilevel corporate risk management and internal control system, covering the Board of Directors, the Management Board, and the managers of production facilities and business units. The Internal Control and Risk Management Department provides methodological support and coordination of the risk management process.

In the three years of its development, the risk management system has become an integral part of the Company’s day-to-day management, strategic and three-year planning, and year-round performance assessments. The key results from the development of Metalloinvest’s risk management system:

  • Ensuring sustainable development through the enhancing of corporate governance efficiency
  • Strategic decision-making based on the Company’s risk appetite
  • Increased management involvement and personal accountability
  • Providing comprehensive information to the management to enable risk-adjusted decision-making
  • Improvements in the operational efficiency of business processes driven by information on all types of risks;
  • Ensuring a direct connection between risk appetite and the Company’s strategic priorities
  • Providing reasonable assurance for compliance with legal and other external requirements
  • Ensuring business continuity
  • Ensuring the reliability of financial statements

The Company operates a zero tolerance policy in regard to HSE violations, corruption, and employee misconduct.

In autumn 2017, the Board of Directors initiated an independent audit of the Company’s risk management system to assess its performance, identify areas for further development, develop relevant recommendations, and benchmark the system against international best practices in risk management

The audit was carried out by PricewaterhouseCoopers Russia. It included an analysis of 44 elements in the following six components:

  • Strategy and acceptable risk level
  • Roles, legal and resource support for risk management
  • Risk communications and risk-based decision making
  • Risk identification and assessment
  • Risk response
  • Risk management system monitoring and performance assessment

Each of the six risk management system components were graded for maturity. Following the analysis, the overall risk management system development level was graded at level 3 (Developing) and partially at level 4 (Measurable and Manageable) on a five-level scale.


Risk management system maturity assessment results


Metalloinvest’s risk management strategy provides for development in three key directions:

  • Active cooperation between the management and business units responsible for both the risk management and internal control system and internal audit
  • Integration of risk management and internal control processes into the Company’s business processes
  • Assignment of risk management roles and responsibilities within the Company

The Company’s corporate risk portfolio includes approximately 100 items which have their assessment and status updated regularly to facilitate the prompt response to changes in both external and internal factors. The Company identifies 20 corporate risks as key risks, which are analysed and monitored by the Board of Directors on a regular basis.

Similarly to the previous year, the Company’s key risks in 2017 remained potential changes in product and feedstock prices and fluctuations in exchange rates. Overall, price changes for Metalloinvest’s key products remained moderately positive in 2017, while price and FX risks are managed through the Company’s natural hedging strategy of continuously monitoring open positions across key market risks and correlation between price indices.

For key corporate risks, a desired level of risk appetite is identified, with the aim of ensuring the continuity of business activities through relevant risk management activities.

Key Risks

Risk External factors Internal factors Possible consequences Risk weight, %
Commercial risks
Product pricing risk Fall in demand, excess supply Lower sales revenues, failure to deliver on the business plan, breach of covenants, cross default 55.2
Increase in feedstock and material procurement costs
  • Macroeconomic factors ààMonopoly supplier (single-source procurement) situation;
  • Product quality data misrepresented by the supplier
  • Supplier’s inability to deliver within the agreed time, delivery of inadequate quality materials
  • Errors in preparing terms of reference (qualifications, selection criteria)
  • Absence of terms of reference (bids referencing other suppliers’ certificates or names of materials and equipment)
  • Emergency procurement (supplier selection based on delivery time rather than price)
  • Inefficient claim settlement
  • Identification of a specific supplier in the offered project
  • Major procurement budget cuts
Increased production cost; production programme or maintenance schedule disruption 8.6
Increased transportation costs Growing cost of rolling stock supply, growing transit rates and freight costs, introduction of new railroad and seaport conventions Reduced sales margins, redistribution of products across markets, changes made to previous logistics routes 1.2
Loss of sales markets Foreign countries introducing restrictions or bans on transit or import of goods, aggressive competition A sales shift to lower-margin markets or products, decreasing sales costs, increasing transportation costs 0.3
Failure to achieve market-level prices for products
(new risk)
Unpredictable market fluctuations Impossibility of accurate forecasting in the current market environment, management’s misconduct, misuse of power Lower sales revenues 0.3
Loss of key clients Tough competition, loss of economic efficiency due to rising transportation costs, fall in demand Inadequate customer relations, low product quality, insufficient product range Lower sales revenues, failure to deliver on the business plan 0.3
Political risks
Sanctions risk Inclusion of the Company in sanctions lists, supply of products to sanctioned persons (including those added to the sanctions list after contracts were signed) Insufficient compliance control Restricted access to funding sources, loss of sales markets, railroad logistics complications, lack of required imported goods and materials, suspended production, inability to settle bills through Sberbank and VTB 3.1
Financial Risks
FX risk Threat of sanctions, contraction of the Russian economy, influence of the European economy, central banks’ policies, regulatory changes Unbalanced FX position Financial losses (lost income, increased costs) 16.6
Credit risk Deteriorating financial position of a counterparty, bankruptcy, sanctions against banks, loss of key clients Insufficient engagement with counterparties to secure deal funding Financial loss due to a counterparty not meeting its obligations, loss from write-offs, breach of covenants 5.9
Cross-default Falling market prices, sanctions Breach of obligations and terms and conditions of the Company’s loan agreements and documentation
  • Necessity to inform creditors early on for the obtaining of a waiver letter, additional one-off payments (Waiver Fee)
  • Review of, and increase in interest rates for the Company’s current and future obligations
  • Corporate rating downgrade
1.5
Misrepresentation of financial (accounting, tax, IFRS) statements
(new risk)
  • Human factor, personnel turnover;
  • Delays in submitting source documents by controlled entities, submitting misleading source documents;
  • Lack of formal control procedures;
  • Historical differences in business processes, lack of a unified information system;
  • Misinterpretation of tax law.
Violation of established accounting and tax statement preparation procedures – provision of misleading data to counterparties, financial institutions, investors, shareholders, government institutions. Financial loss from additional taxes and fines. Reputational damage 1.5
Operational risks
Operational risk
  • Lower quality of ore
  • Suspension or restriction of production and/ or stripping due to the instability of the slope or dump mass (mining and processing plants)
  • Absence of alternative options (suppliers) for purchasing basic feedstock and materials (metallurgical enterprises)
  • Limited funding of repairs or capital expenditures to replace worn-out equipment
  • Obsolescence and depreciation of equipment, non-compliance with industrial safety rules, low-quality or untimely repairs, non-compliance with the production process
Lower sales revenues, failure to deliver on the business plan, non-compliance with the production process or insufficiently advanced production technology, which leads to disproportionately high material consumption, production of by-products, low product quality, higher rejection rates. Loss of competitive advantage, high production cost 1.1
Corporate governance risks
Risks related to ERP launch A lack of human resources in the labour market
  • Project management deficiencies, errors in cost estimates and scope of work, funding cuts, project team turnover.
  • Insufficient resources
Failure to meet project deadlines and budgets 0.9
Corporate governance deficiencies Overlapping functions, insufficient employee competencies, regulatory issues, high transaction costs, gaps in training programmes Extended decision-making and implementation times, errors in management decision making, impact on ratings 0.9
Investment risks
Investment risk Breach of contract by counterparties, shortage of energy resources, feedstock shortage, change in the market environment during a project, macroeconomic changes, regulatory changes Erroneous decision to include an investment project in the capex programme, wrong core technology choice, incorrect primary planning or design, wrong contractor or supplier choice, insufficient employee competencies, failure to meet established procurement deadlines, non-compliance with safety regulations Direct financial losses, reputational risks, failure to deliver on the Company’s production programme and/or strategy 0.8
Security risks
Economic damage caused by counterparty misconduct
  • Improper performance of contractual obligations
  • Unreliable counterparties
  • Generating accounts receivable
  • Unfair competition
Entering into a contract on clearly unfavourable terms Insufficient counterparty verification quality
  • Probable loss of assets
  • Legal proceedings/costs
  • Loss of business reputation
  • Economic damage
  • Circulation of misleading negative information on the Company’s assets, shareholders, and personnel
0.3
Cyber attacks; violation of information security as a result of employees’ actions or omissions; non-compliance with legal requirements on information security
  • Targeted and criminal nature of threats to information security
  • Tougher regulatory requirements
  • Lack of qualified personnel
  • Inadequate existing information security tools
  • Employees’ lack of awareness or deliberate violation of the established information security requirements
  • Lack of qualified personnel
  • Inadequate existing information security tools
  • Employees’ lack of awareness or deliberate violation of the established information security requirements Malfunction and downtime of information systems, automated workstations, and automated process control systems
  • Financial damage
  • Confidential information (trade secrets, personal data, etc.) disclosure and theft
  • Unauthorised modification and deletion of data
  • Penalties and demands from regulators, legal claims by individuals, criminal liability and disqualification of executives
0.3
Economic damage resulting from abuse by employees; internal fraud; corruption Bribes offered to employees in the interests of third parties
  • Criminal intent of employees
  • Duties improperly performed by employees
  • Inefficient management
  • Lack of control procedures
  • Conflict of interest
  • Possible loss of assets
  • Loss of business reputation
  • Economic damage
  • Deteriorating operational discipline
  • Potential legal claims
  • Demands from governmental authorities
0.3
HR risks
Social tension among employees or resignation of key personnel Insufficient communication, absence of a relocation programme, inadequate relocation and redundancy compensations Growing costs of payroll, social benefits, or relocation programmes, reputational damage, financial consequences of lawsuits initiated by employees, lower productivity of relocated employees 0.3
Legal risks
Regulatory changes Changes in foreign economic and political factors, lobbying Extra costs for the business, civil or administrative liability of the Company’s management 0.3
GR risks
Tariff and trade measures to protect markets; resolutions of the Federal Antimonopoly Service and other governmental authorities, including resolutions based on audits; environmental and industrial policy tightening; licensing
(new risk)
Import liberalisation initiatives or restrictions on import to the Russian Federation, impact of Kazakhstan and the Eurasian Economic Union, Russian Federation joining trading and economic blocs, changes in the technical regulatory requirements for environmental management at controlled entities based on Best Available Technologies (BAT) reference documents, changes in HSE regulatory standards for controlled entities, scheduled and unscheduled supervisory activities of governmental authorities, higher export duties Gaps in compliance control Poor financial and economic performance of the Company, higher pollution charges for controlled entities, higher costs of investment projects and procurement programmes, impossibility of further procurement from foreign counterparties, necessary adjustments to technological and production processes, adverse impact on the Company’s credit ratings, sanctions imposed by supervisory bodies 0.3