Risk Management, Internal Control, and Internal Audit

During the year, FPC continued to develop and formalise its risk management, internal control, and internal audit as recommended by the Bank of Russia’s Corporate Governance Code.

Currently, all FPC’s units are involved in the risk management process within their scope of responsibility.

The key actors driving the risk management process in the Company are its Board of Directors, the Audit and Risk Committee, and the General Director.

The Company has stand-alone Risk Management and Internal Audit units.

Allocation of roles in risk management and internal audit

Description	Risk management	Internal audit
Responsible structural unit	Risk Management Unit	Internal Audit Unit
Reporting	Reporting to FPC’s Deputy General Director responsible for the risk management system	Functional reporting to the Board of Directors (the Audit and Risk Committee of FPC’s Board of Directors) and administrative reporting to the General Director
The unit’s key objectives	Establish a risk management process at FPC Coordinating and improving risk management procedures, enhancing internal controls Performing day-to-day monitoring of the risk management process at FPC and its subsidiaries, as prescribed Monitoring and supervising the risk management process at FPC	Assessing internal control and risk management systems, as well as corporate governance practice for reliability and performance