Risk management framework

Company’s operations are associated with inherent risks that may unfavourably affect its strategic and operational goals, including financial results. To ensure that all risks are managed in an efficient way, we have implemented and keep improving our corporate risk management framework (CRMF).

The CRMF is at the core of our corporate governance system and was designed in accordance with Russian and international laws, including the Corporate Governance Code recommended by the Bank of Russia, and Russian and international professional risk management standards, including ISO 31000 family standards [Risk management] and COSO ERM [Enterprise Risk Management – Integrated Framework]. The Company’s risk management framework is built on uniform principles embracing all business areas and management levels with a view to:

  • increase the likelihood of achieving the company’s goals;
  • improve the resource allocation efficiency; and
  • boost the Company’s investment case and shareholder value.

The CRMF implementation and improvement initiatives are spearheaded by the Company’s Vice-President for internal controls and risk management and its Risk Management Service.

Evolution of the corporate risk management framework

The Company has been introducing new risk management methodologies and integrating them with key business processes and functions. Risk management training programmes take place on a regular basis to improve employees’ professional skills ad competencies.

In 2016, as part of the corporate risk management framework development initiative:

  • the Company adopted a Corporate Risk Management Policy, while the Company’s President endorsed the new policy in a declaration of commitment;
  • risk experts, whose responsibility is to coordinate risk management activities and provide knowledge-based support to risk owners, were appointed in various departments of the Head Office;
  • key risks affecting the Company were identified, reported, analysed and documented along with related risk management procedures. The Management Board and the BD Audit Committee review risk-related reports on a regular basis;
  • risk management regulations were developed and approved for our investment projects.

Key initiatives aimed at improving the corporate risk management framework include:

  • creation of local risk management standards and guidelines for Company’s units and business areas that are customised to fully fit their operations;
  • integration of risk management practices into the core business processes of the Company, including strategic and operational planning and investment activities;
  • phased deployment of IT systems and risk management automation tools in the Head Office, branches, and subsidiaries;
  • continuing development of quantitative risk metrics and, in particular, creation of a quantitative model for key risks affecting the Company.

Risk insurance

Insurance is one of our most important tools for managing risks and finances in the long-term perspective, and protecting the assets of the Company and its shareholders against any unforeseen losses related to our operations, including due to external hazards.

The Group has centralised its insurance function to consistently implement uniform policies and standards supporting a comprehensive approach to managing insurance policies and fully covering every risk at all times.

As part of our risk mitigation initiatives, we have implemented a corporate insurance programme that covers assets, equipment failures and business interruptions across the Group. Our corporate insurance policies are issued by major Russian insurers in cooperation with an international broker. This helps the Company make sure that its risks are underwritten by highly reputable international re-insurers.

The same principles of centralisation apply to our freight, construction and installation, aircraft and ship insurance arrangements. The Group, as well as its directors and officers, carry business and third-party liability insurance.

To optimise terms of coverage and better manage covered risks, we follow the best mining practices.

Key risks and their mitigants

Risk type / Risk description Suggestions from risk management function

Workplace injury risk

Failure to comply with the Norilsk Nickel Group’s health and safety rules may result in threats to the employee’s health and life, temporary suspension of operations, and property damage.

Pursuant to the Industrial Health and Safety Policy approved by the Company’s Board of Directors, the Company undertakes to:
  • ensure continued control over compliance with the health and safety requirements;
  • improve the working conditions for employees of the Company and its contractors deployed at the Company’s production facilities, including by implementing new technologies and labour saving solutions, and enhancing industrial safety at production facilities;
  • provide staff with certified state-of-the-art personal protective equipment;
  • carry out preventive and therapeutic interventions to reduce the potential impact of hazardous and dangerous production factors;
  • regularly train and instruct employees and assess their health and safety performance, and conduct corporate workshops, including by deploying special simulator units;
  • enhance methodological support for health and safety functions, including through the development and implementation of corporate health and safety standards;
  • improve the risk assessment and management framework at the Group’s companies and production facilities as part of the Risk Control project;
  • analyse the competencies of line managers at the Group’s companies and production facilities, develop health and safety training programmes and arrange relevant training sessions;
  • provide training for managers under the programme to determine root causes of accidents using the best international practices (“Tree of Causes and Hazards”, 5-why, etc.);
  • provide information about the circumstances and causes of an accident to all employees of the Company, conduct ad hoc instruction sessions.

Price risk

Potential decrease in revenues due to lower prices for metals (nickel, copper, platinum, palladium) subject to the actual or potential changes in demand and supply on certain metal markets, global macroeconomic trends, and the financial community’s interest in speculative / investment transactions in the commodity markets.

The Company reasonably accepts the risk of changes in price for key products, while continuously monitoring metal price (market) forecasts, and, should the risk materialise, the Company will consider cutting capital expenditures (revising the investment programme for projects that do not have a material impact on the Company’s development strategy) as part of the budget process.

FX risk

USD depreciation against RUB, including due to changes in the Russian economy and the policy of the Bank of Russia, may adversely affect the Company’s financial performance, as most of its revenues are denominated in USD, while most of its expenses are denominated in RUB.

The Company reasonably accepts the FX risk, while maintaining a balanced debt portfolio where USD-denominated borrowings prevail to ensure a natural hedge.

Compliance risk

The risk of legal liability and (or) legal sanctions, significant financial losses, suspension of production, revocation or suspension of a licence, loss of reputation, or other adverse effects arising from the Company’s non-compliance with the applicable regulations, instructions, rules, standards or codes of conduct.

To manage this risk, the Company undertakes to:
  • make sure that the Company complies with the applicable laws;
  • defend the Company’s interests during surveillance inspections or in administrative offence cases;
  • use pre-trial and trial remedies to defend the Company’s interests;
  • include conditions defending the Company’s interests in the contracts signed by the Company;
  • implement anti-corruption, anti-money laundering and counter-terrorist financing initiatives;
  • take actions to prevent unauthorised use of insider information and market manipulation;
  • ensure timely and reliable information disclosures as required by the applicable Russian and international laws.

Technical and production risk

Technical, production, or natural phenomena, which, once materialised, could have a negative impact on the implementation of the production programme and cause technical incidents or reimbursable damage to third parties and the environment.

To manage this risk, the Company undertakes to:
  • properly and safely operate its assets in line with the requirements of the technical documentation, technical rules and regulations as prescribed by the local laws across the Company’s footprint;
  • timely replace its fixed assets to achieve production safety targets;
  • implement automated systems to control equipment’s process flows;
  • improve the maintenance and repair system;
  • train and educate its employees both locally, on site, and centrally, through its corporate training centres;
  • consistently identify and assess technical and production risks, develop and implement an organisational and technical action plan to mitigate such risks;
  • engage, on an annual basis, independent surveyors to analyse the Company’s exposure to disruptions in the production and logistics chain and assess related risks.

In 2016, key technical and production risks were insured as part of the property and business interruption (downtime) insurance programme, with emphasis laid on best risk management practices in the mining and metals industry.

Risks related to changes in legislation and law enforcement practices

Adverse consequences for the Company due to changes in legislation and law enforcement practices.

To manage this risk, the Company undertakes to:
  • continuously monitor changes in legislation and law enforcement practices in all business areas;
  • perform legal due diligence of draft regulations and amendments;
  • participate in discussions of draft regulations, both publicly and as part of the expert groups.

Risk of revocation of ISO 9001 and ISO 14001 certificates

ISO 9001 and ISO 14001 certificates can be revoked in case of gross violations. Revocation would affect the competitiveness of the Company’s products in international markets, product registration at exchanges, and customer and partner loyalty.

To manage this risk, the Company undertakes to:
  • maintain and develop the Corporate Integrated Quality and Environmental Management System;
  • implement environmental monitoring and reduce man-made impact on the environment;
  • do planning and provide required training for employees;
  • run internal audits in the Head Office’s business units, branches and Russian subsidiaries subject to certification;
  • prepare for external surveillance / recertification audits that involve the Company’s representatives;
  • implement an action plan for the Corporate Integrated Quality and Environmental Management System to switch to ISO 9001:2015 и ISO 14001:2015.

Risk of escalating social tensions in the regions of operations and strained social and labour relations among the workforce

Escalating tensions among the workforce due to the deterioration of social and economic conditions in the Company’s regions of operation.

To manage this risk, the Company undertakes to:
  • strictly abide by the collective bargaining agreements made between the Group’s companies and employees;
  • actively interact with regional and local authorities, and civil society institutions;
  • fulfil its social obligations under public-private partnership agreements;
  • hold public meetings to facilitate constructive dialogue between the private sector, public authorities and local communities;
  • implement the World of New Opportunities charity programme aimed at supporting and promoting regional public initiatives;
  • implement the Norilsk Upgrade project to introduce innovative solutions for sustainable social and economic development of the region;
  • implement monitoring across the Group’s operations;
  • implement programmes to retain released employees and retrain them for other jobs at the Company’s production facilities;
  • conduct opinion polls among Norilsk’s communities to learn more about their living standards, employment, migration trends and general social sentiment, and identify major challenges;
  • implement social projects and programmes aimed at supporting employees and their families, as well as the Company’s former employees.
For more information on risk management see in the quarterly reports of the Company in section 2.4 “The risks connected with purchase of placed securities” located on website