System for Managing Risks to the Current Strategy

The principles and approaches employed by the Group in installing and operating the risk management system (RMS) are based on best international practices implemented in compliance with national and international risk and capital management standards. The Group holds an annual audit of its compliance with the CPMI-IOSCO Principles for Financial Market Infrastructures, the COSO Enterprise Risk Management Framework, and the guidelines of the Basel Committee on Banking Supervision on procedures to be employed by credit institutions in the sphere of risk and capital management. In 2018, the CCP NCC, the principal risk taker of the Group, retained its DNV Business Assurance Management System Certificate ISO 9001:2015, an international standard denoting best global practice in the field of business and quality management. The Bank was audited by DNV GL, an international certification company. DNV GL’s standards establish clear requirements for management of business processes to serve as the basis for a predictable and stable level of quality of products and services.

In 2018, the Exchange achieved the ISO 27001:2013 (Information Security Management Systems) and ISO 22301:2012 (Business Continuity Management Systems) certification covering the organization of on-exchange trading, clearing and other services on the Equity and Bond, Derivatives, FX and Money Markets. This certification ensures that the Exchange and NCC fully meet over 100 technical and administrative requirements in the area of information security and business continuity.

The integration of risk management functionality in business processes makes it possible to identify risks and assess their materiality in a timely manner, and to ensure an efficient response by mitigating potential adverse effects and/or by reducing the probability that they will materialize. Tools for mitigation include insurance, hedging, limit requirements and transaction collateral requirements.

The Group’s Risk Management System operates on the following principles:

Comprehensive Coverage is premised on identifying risk factors and risk objects, determining risk appetite based on a comprehensive analysis of existing and proposed business processes (products), implementing universal RMS working procedures and elements, consistently applying methodological approaches in resolving similar risk assessment and risk management tasks, and assessing and managing key operational risks in close connection with the non-key operational RMS.

Continuity is premised on regular, coherent, target-driven procedures, such as assessment of existing risks, including monitoring risk parameters, review of key RMS parameters and how they are determined, including limits and other restrictions in respect of clearing members’ transactions, analyzing RMS technologies and operational rules, holding stress tests and preparing reports for management.

Transparency is manifested by the Group providing relevant information regarding the RMS to clearing members / counterparties. Clearing members, including potential members, have access to methodological documents describing the RMS, including methodological approaches to risk assessment, as well as to key aspects of the procedures employed in monitoring the financial stability of clearing members / counterparties. At the same time, the assessment results of a specific clearing member or counterparty, as represented in the form of internal ratings, or limits, as well as other restrictions established in respect of treasury or administrative operations, are never made public and are never subject to disclosure.

Independent Assessment means that a comprehensive assessment and review of each risk is undertaken by separate divisions / employees who are independent from the divisions responsible for taking on risks or counterparties. These divisions / employees cannot be charged with any responsibilities that may give rise to a conflict of interest.

Paper Trail means that RMS guidelines, procedures and rules should be negotiated with the divisions involved in risk assessment and management procedures, and approved by the relevant governing bodies.

Prudence suggests that the Group bases its decision-making on a prudent combination of RMS reliability and profitability in choosing methods of risk assessment and management, and in determining the acceptable level of risk (risk appetite).

Materiality means that, in implementing various RMS elements in its operations, the Group is guided by the relationship between the costs that implementation of risk analysis, control and management mechanisms will require, and the potential outcome of such implementation, as well as the costs of the development and implementation of products, services or tools carrying the relevant exposure. As part of the risk management strategy, and with a view to achieving strategic objectives, credit entities of the Group establish and annually review their risk appetite, which defines the risk limit assumed by them by reference to strategic objectives they have been set.

The current version of the Group’s strategy includes five priority areas:

  • Diversification. Strategic objective: to substantially increase income from classic infrastructure services, and to create new trading markets.
  • Optimization. Strategic objective: to improve operational efficiency and streamline the Group’s business processes.
  • Market development (growth from the further development of the Russian financial markets). Strategic objective: to develop the local investor base, and to facilitate greater liquidity in Russia’s financial markets.
  • Integration. Strategic objective: to develop an advanced and integrated system managing risks, collateral pool and settlements, and extending to all Group markets.
  • Standardization of infrastructure. Strategic objective: to complete the upgrade of key elements of Russian financial market infrastructure in accordance with evolving international standards.

These priority areas serve as the basis for calculating threshold values for specific target indicators. Compliance with these indicators is regularly reviewed and communicated to the Supervisory Board.