Audit and control

According to the legislation of the Russian Federation, the Group’s General Shareholders’ Meeting selects auditors on an annual basis. The Audit Committee advances candidates for Group auditor who are recognized independent auditors with strong professional reputation for consideration by the Board of Directors.

The Audit Committee is guided by the following core principles when making its recommendations:

• The competence of the audit organization;
  
• The quality of its services;
  
• Its compliance with  auditor independence requirements.
  

AO PricewaterhouseCoopers Audit was selected at the Annual General Shareholders’ Meeting held in June 2018, to conduct an audit of the Company’s Russian Accounting Standards (RAS) and International Financial Reporting Standards (IFRS) financial statements. Address: 125047, 10 Butyrsky Val, Moscow, Russia.

The Internal Audit Commission is a full-time internal control authority exercising continuous supervision over the financial and business activities of the Company.

The Internal Audit Commission operates under the Charter and the Internal Audit Commission Regulations. It audits NLMK’s financial and business activities in order to confirm the accuracy of information contained in reports and other financial documents.

The Internal Audit Commission is elected by the General Meeting of Shareholders for a term of one year.

Composition of the Internal Audit Commission (elected on 8 June 2018)

• Elena Zvyagina;
• Yulia Kunikhina;
• Mikhail Makeev;
• Elena Skladchicova;
• Sergey Ushkov.

The Audit Committee’s main objectives are to draft and submit recommendations to the Board of Directors regarding effective performance of functions related to the supervision of the Company’s financial and business activities by the Board of Directors. These recommendations include priority matters in annual independent audit of accounting (financial) statements, the quality of the Auditor’s services and its compliance with the independence requirements; as well independent property appraisal in cases specified in the Russian legislation among others.

The Audit Committee is fully accountable to the Board of Directors of NLMK and is its advisory body.

The Audit Committee constitutes a part of the risk management system and has the following risk management, internal control and corporate governance functions:

• NLMK Audit Committee is responsible for reviewing the effectiveness of the Group’s internal control, risk management and corporate governance systems. It evaluates the risk management and internal control efficiency, corporate governance practices and develops proposals on how they can be improved.

• The Audit Committee analyses and evaluates the compliance with the risk management and internal control policy.

• It controls the procedures that ensure compliance with existing laws, ethical norms, rules and procedures of the Company, and stock exchange requirements.

• The Audit Committee analyses and evaluates the compliance with the conflict of interest management policy.

• Analyses the efficiency of internal control system in the Company’s affiliates and subsidiaries, considers candidates to become their Auditor and reports it to the Board of Directors.

• Ensures continuous oversight over the Company’s internal control system.
  

The Committee members comprise:

• Benedict Sciortino (Chairman, independent director)
• Nikolay Gagarin
• Marjan Oudeman (Independent director)
• Karen Sarkisov
• Stanislav Shekshnia (Independent Director)
  

Internal auditing is performed in order to provide members of the Board of Directors (Audit Committee), the President (Chairman of the Management Board) with independent and objective guarantees and consultation aimed at improving NLMK Group’s performance, through a systematic and consistent approach to assessing and increasing the efficiency of risk management, control and corporate governance processes.

Goal: To maintain or increase the value of the Company through a set of objective internal audits based on a risk-oriented approach, recommendations and exchange of knowledge.

Key functions:

• Assess efficiency of the internal control system;
  
• Assess efficiency of the risk management system;
  
• Assess efficiency of corporate governance;
  
• Consulting.
  

Key principles:

• Independence and impartiality;
  
• Systematic and balanced approach;
  
• Efficient use of resources;
  
• Professional competence and integrity;
  
• Quality assurance programme.
  

Main duties:

• Drafting and submitting reports on the results of the Internal Audit Department’s activities to the Board of Directors (the Audit Committee) and executive bodies;
  
• Providing support to the executive bodies and employees of NLMK Group in developing and monitoring the implementation of procedures and initiatives aimed at improving NLMK Group’s risk management and internal control system and corporate governance practices;
  
• Coordinating activities with consultants on risk management, internal control and corporate governance;
  
• Internal audits at controlled companies;
  
• Ensuring compliance of members of the executive bodies of NLMK Group companies and their employees with the law and NLMK Group corporate policies related to insider information; anti-corruption initiatives; as well as NLMK Group’s Code of Ethics.
  

The main goal of risk management for the Group is to minimize the possible negative impact of changes in the external environment and internal processes on the Company’s business.

The risk management policy is aimed at protecting the interests of shareholders, stakeholders and the Company in general through an efficient risk management system. Risk mitigation is a key element in creating shareholder value and achieving the strategic goals of the Group.

In 2008–2009, together with Marsh, a risk management consultant, we evaluated the effectiveness of our existing risk management system, developed recommendations to improve it and drafted internal documents regulating the Company’s risk management procedures. Since 2010, the risk management process is implemented independently.

Risk management is a continuous, integral and transparent process that involves all employees of the Group at various stages:

• Identification and continuous monitoring of risks;
  
• Evaluation of potential impact of risks on the Group’s business;
  
• Assignment of responsibility to risk owners;
  
• Development of risk management measures;
  
• Control over critical risks.