In addition to the risk management framework (RMF) detailed in the Risk Management section of this Report, Nornickel also has in place an internal control framework (ICF) covering key business processes and all management levels across the Group.
The ICF is aimed at improving operational effectiveness and efficiency, keeping reliable and accurate financial and management accounts, and ensuring compliance with the requirements of Russian laws and Nornickel’s by-laws.
Nornickel has the Internal Control Policy adopted by resolution of the Board of Directors in October 2018. In addition, internal control requirements, procedures, and processes are set forth in the Procedure for Internal Control Processes as well as in regulations on business units and other guidelines.
The internal control entities are structured into a multi-level hierarchy comprising Nornickel’s and subsidiaries’ governance bodies, business units and employees as well as the following dedicated control bodies:
- Audit and Sustainable Development Committee
- Internal Audit Department
- Audit Commission
- Internal Control and Risk Management, comprising the Internal Control Department, Financial Control Service, and the Risk Management Service.
The performance of ICF elements is evaluated annually as part of a financial statement audit and ICF self-assessment. Reports containing the ICF evaluation results are reviewed by Nornickel’s management and the Audit and Sustainable Development Committee of the Board of Directors.
The Financial Control Service audits financial and business operations of Nornickel and its subsidiaries to make updates and recommendations for the President and members of the Board of Directors. The Head of the Financial Control Service is appointed by resolution of the Board of Directors.
Internal control functions
Internal control aims to build an effective internal control framework as a totality of organisational measures, policies and guidelines, control procedures, corporate culture standards and activities of the internal control entities to provide reasonable assurance that Nornickel will achieve its goals. This includes the following activities:
- Development and improvement of the robust ICF
- Ensuring a consistent approach to the design, operation, and development of the ICF
- Identification and prevention of any waste, misuse, or embezzlement of funds or property of the Company or its subsidiaries
- Ensuring accuracy of metrics and measurement standards for the control and accounting of metal-bearing products
- Arranging and implementing internal controls to combat money laundering and financing of terrorism
- Managing the Corporate Trust Service speak-up programme
Internal audit functions
The Internal Audit Department was established to assist the Board of Directors and executive bodies in enhancing Nornickel’s management efficiency and improving its financial and business operations through a systematic and consistent approach to the analysis and evaluation of risk management and internal controls as tools providing reasonable assurance that Nornickel will achieve its goals.
The Internal Audit Department conducts objective and independent audits to assess the effectiveness of the internal controls and the risk management framework. Based on the audits, the Department prepares reports and proposals for management on how to improve internal controls, and monitors the development of remedial action plans. In order to ensure independence and objectivity, the Internal Audit Department functionally reports to the Board of Directors through the Audit and Sustainable Development Committee and has an administrative reporting line to Nornickel’s President.
In 2019, the Audit and Sustainable Development Committee:
- reviewed the annual audit plan, and internal audit development plans
- reviewed bonus-related performance targets (KPI scorecards) of the Internal Audit Department Director
- discussed the results of completed audits, including gaps identified and remedial actions designed by management to improve internal controls and minimise risks.
In 2019, the Board Audit and Sustainable Development Committee also reviewed performance assessment reports on internal controls and the risk management framework, as well as performance reports of the Internal Audit Department, concluding it was effective.
The Internal Audit Department continuously monitors the implementation of initiatives developed by management. The Department’s monitoring covered 263 initiatives of 2019, with the resulting insights regularly reviewed by the Audit and Sustainable Development Committee.
Corporate Risk Management Framework and Internal Control Framework. The frameworks were assessed according to the guidelines approved by the Board of Directors in 2018. The review concluded that the Corporate Risk Management Framework and Internal Control Framework remain effective overall, with some minor improvements required.
In 2019, the Internal Audit Department conducted a total of 21 audits of production-related business processes, as well as corporate governance, IT management, and project management processes at Nornickel.
In line with the functional development plan, the Internal Audit Department oversees the deployment of the SAP Audit Management system at Nornickel. The project was piloted in December 2019, and will enhance the effectiveness of audit through automating standard procedures for planning, auditing, reporting, and making and following up recommendations. It will also ensure the management of databases on controls and risks for internal audit.
The Audit Commission is Nornickel’s standing internal control body that monitors its financial and business operations. The activities of the Audit Commission are guided by Russian laws, Nornickel’s Articles of Association, and Regulations on the Audit Commission. The Commission audits Nornickel’s financial and business operations following the end of its fiscal year and at any time as decided by the Commission, the General Meeting of Shareholders, or the Board of Directors, or as requested by shareholders who hold collectively at least 10% of voting shares in Nornickel. The Audit Commission works in the shareholders’ interests and reports to the General Meeting of Shareholders, which elects members of the Audit Commission to hold office until the next Annual General Meeting of Shareholders. The Audit Commission is independent from the officers of Nornickel’s governance bodies, and its members do not serve on the Company’s governance bodies.
In 2019, the Audit Commission audited Nornickel’s business operations for 2018, with the auditors’ report presented to the shareholders as part of materials for the Annual General Meeting of Shareholders. Nornickel’s business operations for 2019 will be audited in 2020, with the audit findings to be presented to shareholders during the preparation for the Annual General Meeting of Shareholders reviewing the FY 2019 performance.
The following members were elected to the Audit Commission at the Annual General Meeting of Shareholders on 10 June 2019. Alexey Dzybalov, Georgy Svanidze, and Vladimir Shilkov were nominated to the Commission by Nornickel shareholders, while Anna Masalova and Elena Yanevitch were nominated by the Board of Directors.
Alexey Dzybalov replaced Artur Arustamov as a new member of the Audit Commission elected by the 2019 Annual General Meeting of Shareholders. Other members were reelected to the Audit Commission. The elected members of the Audit Commission have the necessary business experience and expertise in accounting, finance, and control to contribute to the Commission’s effectiveness and its objectives.
Remuneration payable to members of the Audit Commission who are not Nornickel employees was approved by the Annual General Meeting of Shareholders on 10 June 2019. Members who are Nornickel employees are remunerated for performing their roles under their employment contracts.
|Name||Primary employment and position|
|Alexey Dzybalov||Analyst, United Company RUSAL PLC|
|Anna Masalova||Chief Financial Officer, Moscow–McDonalds CJSC|
|Georgy Svanidze||Head of the Financial Department, Member of the Management Board at Interros Holding Company|
|Vladimir Shilkov||Chief Investment Officer at CIS Investment Advisers, Deputy Project Manager of the Financial Control Service at MMC Norilsk Nickel|
|Elena Yanevitch||CEO of Interpromleasing|
Managing conflicts of interest
Timely prevention and management of conflicts of interest are central to anti-corruption. Conflicts of interest are addressed and managed in line with the Regulations on the Prevention and Management of Conflicts of Interest. As part of the Regulations, Nornickel has approved the standard conflict of interest reporting form to be filled in by candidates applying for vacant positions at Nornickel or by its employees as required. The Regulations apply to all employees of the Company and outline key principles, which include the obligation of each employee to disclose any conflict of interest, as well as non-retaliation for reporting them.
For more details on managing conflicts of interest related to members of the Board of Directors and senior management, please see the Corporate Governance Framework section.
Nornickel complies with anti-corruption laws of the Russian Federation and other countries in which it operates, as well as any applicable international laws and Nornickel’s own by-laws. This commitment enhances Nornickel’s reputation and boosts trust and confidence among our shareholders, investors, business partners, and other stakeholders.
Nornickel openly declares its zero tolerance to corruption in any form or manifestation. Members of Nornickel’s Board of Directors/Management Board and senior management role model a zero-tolerance approach to corruption in any form or manifestation at all levels across the organisation. In addition, facilitation payments and political contributions to obtain or reward the retention of a business advantage are strictly prohibited by Nornickel’s policy. Nornickel will not tolerate any retaliation against an employee who reports a concern about suspected bribery or corruption, or refuses to accept or offer a bribe, facilitate bribery, or take part in any other corrupt activities, even if their refusal to do so has resulted in a lost opportunity or a failure to obtain a business or competitive advantage for Nornickel.
The corporate Anti-Corruption Policy is Nornickel’s key anti-corruption document, setting out the main objectives, principles, and scope of anti-corruption efforts.
As part of its anti-corruption efforts, Nornickel has developed and approved the following anti-corruption policies:
- Code of Business Ethics
- Code of Conduct and Business Ethics for Members of the Board of Directors
- Anti-Corruption Policy
- Regulations on the Product Procurement Procedure for Norilsk Nickel Group Enterprises
- Standard anti-corruption agreement – an appendix to the employment contract
- Regulations on Information Security
- Regulations on the Prevention and Management of Conflicts of Interest
- Regulations on Business Gifts
- Procedure for Anti-Corruption Due Diligence of Internal Documents by the Head Office of MMC Norilsk Nickel
- Regulations on the Conflict of Interest Commission
- Regulations on the Information Policy
Having joined the Russian Anti-Corruption Charter for Business, Nornickel is implementing a range of dedicated anti-corruption measures based on the Charter and set forth in Nornickel’s Anti-Corruption Policy. In November 2016, Nornickel joined the United Nations Global Compact, which seeks to encourage businesses around the world to recognise and adopt the ten universal principles in the areas of human rights, labour, environment, and anti-corruption.
Starting from 2015, all Nornickel employees make their personal anti-corruption commitments by signing a relevant form. The corporate Anti-Corruption Policy and related regulations are communicated to all employees upon commencement of employment. From June 2019, all new hires attend an anti-corruption briefing as part of their onboarding process.
Nornickel maintains a Corruption Prevention and Combating section on its corporate intranet, providing information on anti-corruption regulations and measures taken to combat and prevent corruption, provide legal education, and promote lawful behaviours among employees.
Nornickel’s Corporate Security continuously works to identify, analyse, and assess financial, corruption, reputational, and other risks naturally inherent in major business processes, with a particular emphasis on considerations such as the integrity, solvency, and financial stability of Nornickel’s potential partners and counterparties.
Over the last four years, no administrative actions or sanctions were taken against Nornickel for breaches of antitrust laws.
In accordance with Federal Law No. 224-FZ On Prevention of Unlawful Use of Insider Information and Market Manipulation and on Amendments to Certain Legislative Acts of the Russian Federation, dated 27 July 2010, as well as Regulation (EU) No. 596/2014 of the European Parliament and of the Council of 16 April 2014 On Market Abuse, Nornickel maintains a list of insiders and reviews by-laws and corporate events to control the implementation of measures as provided for in the Russian and international laws, including disclosure of insider information. Nornickel also takes other measures to prevent unlawful use of insider information.
Corporate Trust Service speak-up programme
Nornickel runs the Corporate Trust Service speak-up programme established within the Internal Control Department to respond promptly to reports of non-compliance, wrongdoing, or embezzlement. Its operating procedures are detailed in the Procedure for the Corporate Trust Service of MMC Norilsk Nickel approved by the President of Nornickel. The Service’s performance is evaluated annually at a meeting of the Audit and Sustainable Development Committee of the Board of Directors.
Employees, shareholders, and other stakeholders can report any actions that cause or may cause financial or reputational damage to Nornickel. The key principles underlying the operation of the Corporate Trust Service include guaranteed anonymity for whistleblowers, and timely and unbiased review of all reports. Nornickel will in no circumstances retaliate against an employee who raises a concern via the Corporate Trust Service, meaning that no disciplinary action will be taken (dismissal, demotion, forfeiture of bonuses, etc.).
For more details on report statistics, please see the Sustainability Report.
Comprehensive security framework
In 2019, MMC Norilsk Nickel enhanced corporate security through consistent upgrades and implementation of its comprehensive security framework driven by the ongoing analysis of the entire range of challenges and threats in the context of the changing external environment. The consistent implementation of the Management by Objectives (MBO) model in economic, corporate, information, physical, and transport security enabled timely responses to key risks, prevention of embezzlement and illicit trafficking of precious metals and metal-bearing materials, and initiatives to prevent internal corruption.
To ensure effective prevention of embezzlement of products containing precious metals, Nornickel has in place measures to identify, prevent and stop damage to its economic interests in mining and processing, and metallurgy operations, as well as in analytical monitoring and accounting for metal products. The Corporate Security team is making further improvements to its identification methodology for products containing precious metals which have been stolen or illicitly traded. The methodology reliably identifies the nature and origin of seized products.
A milestone in combating illicit trafficking in metal products was UN’s approval of the resolution on combating transnational organised crime and its links to illicit trafficking in precious metals, drafted at Nornickel’s initiative and with its input in collaboration with global majors.
Anti-terrorism and improved physical security of critical industrial, energy and transport facilities remain Nornickel’s top priorities. Through interactions with law enforcement agencies, Nornickel prevented any unauthorised interference with these infrastructures in 2019.
|Total number of reports||765||961||1,181|
|Total number of reports that triggered investigation||342||394||481|
|Percentage of corruption reports||2.9% (10 reports, including 0 substantiated)||1.5% (6 reports, including 0 substantiated)||0.2% (1 report, including 1 substantiated)|
Nornickel consistently implements its Information Security Policy covering business processes and domains, including strategic and tactical management processes, operating processes, and information security responsibilities of governance bodies.
In 2018, Nornickel launched a project to protect automated process control systems, continued providing project support for its IT initiatives programme, and rolled out an Information Security Management System compliant with ISO/IEC 27001:2013 at the Murmansk Transport Division. It also continuously upgrades its comprehensive system preventing external cyber interference with operating and production processes.
As part of its day-to-day activities to minimise information security risks associated with human error in using data assets or IT infrastructure systems and elements, Nornickel runs a range of activities to raise awareness and deepen the understanding of information security issues among its employees.
Nornickel fully ensures the safety and confidentiality of employee and counterparty personal data. Audits of Nornickel by the Federal Service for Supervision of Communications, Information Technology, and Mass Media of the Russian Federation (Roskomnadzor) did not identify any issues.
Monitoring of cyber security performance is part of Nornickel’s information security management system and information security assessment and reporting. The results performance assessments of cyber security systems are reviewed at the corporate level and communicated to governance bodies and employees through corporate procedures and initiatives.
Nornickel stepped up its international efforts in information security, including through a number of policy initiatives to normalise cyber behaviours, presented at such major events as the Partnership of State Authorities, Civil Society and the Business Community in Ensuring International Information Security scientific forum in Garmisch-Partenkirchen, Germany; the Conference of the Barents Countries in Kirkenes, Norway; the Session of the Central American Parliament in Guatemala; the International Forum on the Use of Information and Communications Technology for Peaceful Purposes in Havana, Cuba; and a major Asia-Pacific forum in Singapore.
Supply chain and procurement control
Supply chain management at Nornickel ensures continuous operation of the Group and reliable shipments to its customers. Nornickel seeks to work with partners who are committed to occupational safety and environmental protection. The Company also expects its suppliers to follow global best practices in sustainable use of resources and materials, and maintain relevant certificates.
Nornickel pays close attention to fostering ties with reliable domestic suppliers and contractors to drive import substitution and thus cut costs. In 2019, Nornickel continued to apply a life cycle costing approach to sourcing (based on the costs of ownership, operation, and disposal). The selected suppliers are invited to sign a set of agreements detailing both delivery obligations and the suppliers’ responsibility to ensure required availability rates for their equipment and its uninterrupted operation
Nornickel is particularly focused on building relations with suppliers (manufacturers) whose equipment is unique and critical for the stable operation of its production facilities. Unique equipment or individual process materials are sourced only from exclusive suppliers under long-term and mutually beneficial agreements or contracts. Nornickel employs a proprietary multi-tier system to evaluate its suppliers. The criteria for selection, evaluation, and re-evaluation of external suppliers have been determined in line with the requirements of ISO 9001:2015 Quality management systems.
Along with saving jobs, ESG-driven supplier selection supports unique enterprises whose continuous operation is essential to the well-being of both their employees and local communities. The use of advanced equipment, technology, and materials combined with pilot tests and operational improvements facilitate lean resource management and reduce the environmental footprint, directly improving the environmental performance of Nornickel’s operations.
Nornickel is committed to increasing local content and has developed a centralised pilot testing procedure to drive competition and replace imported materials and equipment with local alternatives. Foreign suppliers are mainly engaged to deliver unique equipment or systems that do not have Russian alternatives.
In 2019, Nornickel completed 24 pilot tests of equipment and materials, including 16 successful tests (of which 12 were on Russian equipment and materials). Another 22 pilot tests were in progress as of the end of 2019.
Nornickel seeks to create an environment of shared knowledge and values in its relationships with suppliers. An ESG clause is incorporated into the standard Master Agreement with its suppliers and contractors. Nornickel adheres to the codes of conduct of its business partners drafted by foreign manufacturers.
Nornickel’s experts are looking into alternative technology such as alternative fuels and energy sources to further reduce its environmental footprint and costs. A supplier’s willingness to engage in Nornickel’s alternative fuel programmes is viewed as a critical advantage in a bidding procedure.
In engaging with suppliers, Nornickel focuses on building effective feedback loops. Nornickel’s SAP SRM, an automated solution for supplier relationship management, provides its suppliers with a continuous access to its tender process information. Over 3,200 potential suppliers have registered in the system and successfully passed accreditation.
Nornickel’s procurement is aimed at facilitating the timely and full satisfaction of its needs in required products supplied to the specified quality and reliability standards at affordable price, as well maximising the value for money spent on such products.
Nornickel’s procurement process is certified to ISO 9001 and ISO 14001. The KPIs set for the procurement team cover streamlining supply chains and supplier mix (by increasing the share of manufacturers, their marketing arms, and major traders in total procurement) as well as on-time delivery and price control.
Procurement activities can be either centralised or organised independently by business units of the Head Office, Nornickel branches or Group companies. Depending on the purchase budget, procurement can be organised either as a bidding procedure, simple procurement, or simplified procurement. Procurement procedures may involve different levels of collective procurement bodies, such as the tender committee, tender commissions of the Head Office, procurement and tender commissions of branches and companies of the Group. Over 3,000 agreements were signed in 2019 for the supply of inventories under centralised procurement procedures, worth about RUB 51.2 bn (USD 791 mln) in total.
Nornickel has in place category procurement policies, outlining unified binding principles and approaches to procurement of specific categories to mitigate operational and financial risks, cut costs, reduce working capital requirements, and add reliability and cadence to the supply flow. A total of 37 category procurement policies were in place at Nornickel at the end of 2019, including three new policies approved in 2019. In 2019, about 53% of inventories were purchased for our core operations under the category procurement policies.
Requirements planning and inventory management
Procurement requirements are determined based on production plans and the needs of other business segments. During the planning phase, the Company determines health, safety and environment requirements, as well as other mandatory and optional requirements for products and suppliers, including availability of certificates, permits, and licences. The resulting data are used as inputs for a procurement plan.
Accurate planning and stock availability are key to uninterrupted operations across the Group while also facilitating inventory optimisation to minimise the Group’s working capital. Nornickel’s requirements planning and inventory management are governed by the Internal Procedure for Procurement Plan Development, Review and Approval, as well as the Corporate Standard of Inventory Management System for Materials and Supplies at MMC Norilsk Nickel.
In 2019, Nornickel’s management successfully continued developing its inventory management system and streamlining its planning and procurement processes. The roll-out of processes to optimise surplus inventories across Nornickel’s major assets reduced their surplus inventories by as much as 9%, or RUB 1.5 bn (USD 23 mln) in absolute terms both for core operations and investment activities. The overall level of inventories across these assets was reduced by 7% or RUB 4.5 bn (USD 70 mln) in absolute terms. The management’s efforts are focused on preventing the build-up of slow-moving inventories through further streamlining of business processes.
Preventing corruption and other misconduct
In order to mitigate potential engagement risks, Nornickel evaluates business standing, integrity, and solvency of its potential counterparties. To prevent procurement misconduct and maximise value capture through unbiased selection of best proposals, Nornickel’s procurement owner, customer, and secretary of a collective procurement body adhere to the following rules:
- Commercial proposals, quotes and technical specifications submitted by suppliers are compared using objective and measurable criteria approved prior to sending a relevant request for proposal
- The qualification results and the winning bidder are approved by the collective procurement body comprised of representatives from various functions of Nornickel
- A Master Agreement containing an anti-corruption clause is updated and signed with each supplier on an annual basis. The anti-corruption clause outlines the course of action to be taken between the supplier and Nornickel with respect to risks of abuse. Moreover, by signing the Agreement, suppliers acknowledge that they have read MMK Norilsk Nickel’s Anti-Corruption Policy published in the Anti-Corruption section on Nornickel’s corporate website.