Risk Management

The Risk Management System

Kcell’s operations are subject to various risks. Working in these conditions and achieving goals set by shareholders and the Kcell Board of Directors is impossible without an effective system of risk management. Kcell’s risk management system is designed not only to identify and assess the risks faced by the Company in a timely manner, but also to identify potential risks in order to further manage and minimize their impact on the Company.

In order to classify risk management processes, Kcell approved the Regulation on Risk Management. The main purpose of this Regulation is to create an effective integrated system and a comprehensive process of risk management, as part of corporate management and ongoing improvement of activities, on the basis of a unified standard approach to the methods and procedures of risk management. Applied risk management methods are described in the Regulation.

Risk management process includes identification of current and potential risks, their evaluation, reaction and the development of a plan to reduce the risk, as well as the preparation of reports on risks and their monitoring.

Risks of each Company department are identified on the basis of its goals and includes the following:

  • Identification of the risk type: strategic, operational, financial, legal or force-majeure;
  • Short description of the risk;
  • Influence of the risk on the Company’s activities.

Once the risk is identified, it is rated on the basis of two criteria - probability and the level of damage. The risk is evaluated follow a 5*5 model: probability (very high, high, average, low, very low) * level of damage (catastrophic, very significant, significant, minimum, insignificant).

For the risks rated “High” and “Average” a plan is developed to reduce the risk level. This plan includes the affected parties, reaction strategy, actions necessary to reduce the risk, terms, the list of employees responsible for taking actions, necessary resources and the status of actions.

Kcell structural division Role in the risk management system
Top management
  • Approval of the Kcell Regulation on Risk Management.
  • Review of the consolidated register of risks and control over the implementation of the risk reduction plan.
  • Submission of the risk report for the office of TeliaSonera Eurasia.
  • Maintenance of the risk awareness in the Company.
Department directors
  • Appointment of risk coordinators within the department.
  • Monitoring of the fulfillment of requirement contained in the Regulation on Risk Management within the department.
  • Review and approval of the risk registers, submitted by the risk coordinator.
  • Ensuring effective management and the reduction of risk level with regard to current and new risks.
  • Implementation of procedures within the department aimed at promoting risk management culture; determination of powers and remuneration of personnel within the course of risk management.
Security Department
  • Preliminary approval of the departments’ risk registers with regard to the risk evaluation accuracy every six months.
  • Review and approval of the consolidated risk register
  • Participation in the implementation of corporate risk preventive measures, which necessitates the participation of the Security Department, in other cases at the department’s discretion.
Internal Control (Financial Department)
  • Coordination of the risk reporting process across the Company.
  • Updating the consolidated risk register and submitting of the reports to the Chief Financial Officer and TeliaSonera.
  • Monitoring of the risk reduction plans’ implementation by the departments.
Risk coordinators
  • Identification and evaluation of risks, development of risk reduction plans, risk monitoring and preparation of risk reports within his/her department.
  • Preparing and submitting updated risk registers to the Department Director, the Internal Control Group and the Security Department.
  • Submitting the updated risk reduction plan upon request of the management, the Internal Control Group and the Security Department.
Affected parties
  • Assistance with the preparation, review and updating of the risk register within their powers.
  • Ongoing monitoring of new and current risks within their powers.
  • Notification of the risk coordinator of the changes to the risks on a regular basis.
  • Review, updating and control over the implementation of the risk reduction plan within their powers.
All Kcell employees
  • Fulfillment of the risk management functions in accordance with the Regulation on Risk Management.