KEY RISKS
The Company regularly identifies, assesses and monitors risks, implements measures to lessen their probability and any potential consequences they may have, and informs shareholders and other stakeholders thereof.
To ensure effective risk management, the Company has a risk assessment system in place. The impact of risks on the Company’s activities is assessed according to three levels of materiality, which are a generalised assessment of the risk probability and consequences:
Moderate, which does not have a significant negative impact on financial and economic performance, but requires continuous monitoring for timely identification of possible increase in the level of risk materiality
Significant, where the risk once realised may lead to significant deviations in key performance indicators, short-term suspension of operations, downgrade of independent ratings, negative publicity of operations
Critical, when risk once realised may lead to failure to achieve the goals set by the governance bodies, long-term business interruptions, negative publicity of the Company’s activities and a decrease in the market quotation of the Company’s shares
PREFERRED RISK (RISK-APPETITE)
In accordance with the Risk Management and Internal Control Policy of PJSC Rosseti South, subject to the requirements of the Preferred Risk (Risk Appetite) Determination Procedure, the Board of Directors of the Company approved the preferred risk (risk appetite) (Minutes No. 546/2023 dated 6 October 2023).
In accordance with the approved risk appetite targets, PJSC Rosseti South:
- Ensures reliable and high-quality power supply
- Ensures implementation of the obligations under the Occupational Health and Safety Policy, development and improvement of the occupational health and safety management system and safety culture
- Enables the development and increased accessibility of the power grid infrastructure
- Endeavours to reduce electricity losses during transmission and distribution
- Seeks to maintain a sustainable financial position
- Strives to reduce (minimise) the negative environmental impact
- Ensures that the rights of shareholders are respected
- Does not accept violation of the requirements established by the legislation of the Russian Federation
- Strives to ensure technological and innovative development by making and integrating scientific developments
- Promotes the development of the power grid complex’s human resources potential and maintains a consistently high staffing level
KEY RISK MANAGEMENT
Risk ID | Risk description | Impact on key performance indicators | Risk materiality level | Key risk management measures | |
|---|---|---|---|---|---|
2022 | 2023 | ||||
Decrease in the volume of electricity transmission services to consumers connected to regional distribution grids | Achievement of consolidated earnings from operations (EBITDA) targets | C | C |
| |
RGR penalties for non-fulfilment of investment programme parameters | Achievement of consolidated earnings from operations (EBITDA) targets | C | C |
| |
Professional risks of the Company. No increase in the number of S&A employees injured in accidents | No increase in the number of S&A employees injured in accidents | C | C |
| |
Involvement of the Company / Company employees in corrupt practices | Compliance with legislation, including laws on preventing and combating corruption and antitrust laws | C | C | Implementation of measures of the Anti-Corruption Plan of PJSC Rosseti South for 2023 | |
Changes in the structure of electricity transmission services by voltage levels, tariff options, consumer groups | Achievement of consolidated earnings from operations (EBITDA) targets | S | M | Monitoring of risk assessment | |
Bankruptcy and liquidation of counterparties | Achievement of consolidated earnings from operations (EBITDA) targets | S | M | Monitoring of risk assessment | |
Court rulings (dispute resolution) on recovery of debts for electricity transmission services against the Company | Achievement of consolidated earnings from operations (EBITDA) targets | S | S |
| |
Failure of counterparties to fulfil their obligations to pay for electricity transmission services within the terms and (or) in an incomplete amount as stipulated in the agreement/contract | Achievement of the planned level of accounts receivable for electricity transmission services rendered | S | S |
| |
Failure to enforce judicial acts on collection of receivables | Achievement of the planned level of accounts receivable for electricity transmission services rendered | S | S |
| |
Disagreements on the volume and cost of services rendered, including acts of off-the-meter electricity consumption | Achievement of the planned level of accounts receivable for electricity transmission services rendered | S | S |
| |
Violations of legal requirements by the Company as a result of counterparties' failure to fulfil their obligations to the Company, resulting in holding the Company liable | Compliance with legislation, including laws on preventing and combating corruption and antitrust laws | S | M |
| |
Natural technical failures in protection systems of information and telecommunication systems of power grid facilities | Comprehensive security of the Company's operations | S | S |
| |
Disruption and (or) cessation of operation of information infrastructure facilities and telecommunications systems of power grid facilities | Comprehensive security of the Company's operations | S | S |
| |
Probability level | High | 01-01 | 01-09 | |||||||
Medium | 1-02 | 01-13 | 01-14 | 09-01 | 12-04 | |||||
03-01 | 03-02 | 03-03 | 12-02 | |||||||
Low | 13-01 | 13-03 | ||||||||
Low | Medium | High | ||||||||
Level of consequences | ||||||||||
Probability level | High | 01-01 | 01-09 | ||||
Medium | 01-02 | 01-13 | 01-14 | 03-02 | 09-01 | 12-04 | |
03-01 | 03-03 | ||||||
Low | 12-02 | 13-01 | 13-03 | ||||
Low | Medium | High | |||||
Level of consequences | |||||||
INFORMATION SECURITY RISKS AND CYBERTHREATS
Risk associated with the materialisation of information threats, including those caused by deficiencies (vulnerability) of the applied information technologies.
This risk may be caused by the use of obsolete equipment, lack of technical support, use of equipment after the end of its service life. Realisation of this risk may lead to a decrease in the security of power grid facilities, temporary downtime in information and telecommunication systems. The Company assesses the risk as moderate with low level of consequences.
In order to prevent the risk, the Company provides technical support for information protection means, conducts periodic performance tests of information protection means, conducts repair and (or) replacement of equipment, and controls that protection systems are provided with guaranteed and backup power supply.
Risk of disruption and (or) cessation of operation of information infrastructure facilities and telecommunications systems of power grid facilities.
The main risk sources may be unlawful actions of third parties resulting from a computer attack, which may lead to material damage to the Company, damage to business reputation, as well as cut-off of electricity consumers. The Company assesses the risk as significant with a high level of consequences if realised.
Inclusion of information security requirements in technical specifications for the design of information infrastructure facilities and telecommunications systems of power grid facilities.
Implementation of information protection means at information infrastructure facilities as specified in the relevant technical design specifications.
The Company oversees the actions of the Company’s employees through information security systems, monitors and analyses external information security events, and applies certified information protection means.
RISKS PERTAINING TO SUSTAINABLE DEVELOPMENT
Environmental risk.
The probability of damage (compensation for damage) associated with the negative environmental impact of the Company’s production and business activities is assessed as insignificant, since the Company does not operate production facilities that have a significant negative environmental impact. The Company operates in accordance with the requirements in the field of environmental protection and environmental safety.
The Company assesses the risk as moderate with low level of consequences.
Natural and climatic risk.
Risks related to climate change may have a certain impact on production activities and financial results.
Climatic risks are associated with an increase in average annual air temperature. In addition, changes in conventional climatic conditions can cause natural emergencies.
In particular, such natural phenomena caused by temperature changes as hurricane, flooding, heavy snowfall and freezing rain are capable of damaging the Company’s assets, primarily power transmission lines, thus disrupting uninterrupted power supply to consumers.
The regions where the Company operates are outside the regions with a permanent increased risk of natural disasters (earthquakes, floods, storms, epidemics). The Company assesses the risk as moderate with low level of consequences.
Risks related to non-compliance with social rights and guarantees of employees.
Social rights extend to just and favourable conditions of work, protection against unemployment, fair and satisfactory remuneration, equal pay for equal work, the opportunity to maintain the health and well-being of the people and their family, and education.
The Company takes efforts to observe the social rights of employees, including protection from unemployment, fair remuneration, reimbursement of sports costs, and upgrade of the education level of the Company’s employees.
Given the Company’s high level of responsibility in the context of its social commitments, this risk is assessed as moderate with a low level of consequences if realised.