Risk management and internal control

The Gazprom Neft’s Board of Directors approved the Risk Management and Internal Control Policy (PT-0102/14 of 26 March 2020), which defines the goals, objectives and principles of the organisation and operation of the risk management and internal control system, and identifies this system’s participants and components.

That policy designed to develop and further improve Gazprom Neft’s risk management and internal control system, increasing its reliability and efficiency, and ensuring sufficient guarantees of achieving the company’s goals.

Internal control operates on the principle of its integration into all key business processes of the company. Control procedures are designed to ensure that the necessary measures are taken to mitigate risks affecting the achievement of the company’s goals. Control procedures are implemented across all management levels in accordance with requirements set out in the company’s internal regulations. The scope of control procedures depends on the level of management and functional area, and is developed by business units in accordance with the company’s tasks and objectives.

Internal control tasks:

  • developing, implementing, properly executing, monitoring and improving control procedures across all levels of the company’s business and management;
  • informing management bodies at the relevant level about any significant lack of control, with proposals for corrective measures;
  • ensuring the continuity of the company’s business and its maximum efficiency, as well as its sustainability and development prospects, including timely adaptation of the company to changes in the internal and external environment;
  • ensuring high-quality information, methodological and analytical support in the company’s managerial decision-making;
  • proper distribution of responsibilities, powers and functions among internal control participants and avoiding duplication of functions;
  • continuous improvement of the internal control system in the area of information technologies; and
  • timely resolution of conflicts of interest arising in the course of the company’s operations.