Control and Audit

Risk management and internal control system

The risk management and internal control system in the Company is a set of internal documents and activities to identify, assess risks, develop and implement risk management measures, as well as monitor and control their level.

The goal of risk management is to guarantee that the Company’s business objectives, as outlined in its strategy, are achieved by creating and maintaining an organisational structure, processes, and resources to detect, assess, manage, and monitor risks.

Risk management in the Company is based on the following principles:

  • comprehensiveness – risk management is an integral part of all business processes of the Company and passes under control of the pertinent employees of the Company
  • continuity and consistency – risk management is ongoing and systematic
  • preventiveness – instead of trying to eliminate the effects of a risk realisation, risk management measures strive to lessen its possibility and/or damage
  • efficiency – risk management is a component of day-to-day management, and it mandates that each employee must recognise and evaluate risks in order for management to make the best decisions possible for the Company
  • rationality – management weighs the expenses of risk management against the potential consequences if the risk materialises. If the expenses of responding to a risk, the Company may choose not to take any action
  • accuracy, completeness and reliability of information – the Company employs the most accurate, complete and reliable data, such as historical data, analytical materials, predictions, etc., for risk management

The risk management and internal control system in the Company is governed by the following documents:

  • Risk Management Policy (approved on 4 May 2022)
  • Regulations on internal control (approved on 14 August 2013)
  • Foreign Exchange Risk Hedging Policy (adopted on 3 November 2015)

In 2023, management intends to update and review internal policies regulating the risk management and internal control bodies.

[GRI 2–12]
Internal Control and Audit System Framework
Control and Audit

Participants in the risk management and internal control system and their role

Participant Functions
Board of Directors
  • Oversees risk management, including making decisions and suggestions based on an assessment of the risk manager’s risk reporting
Audit Committee of the Board of Directors
  • Studies the structure and list of the Company’s risks, as well as the application of its internal control and risk management policies
  • Checks the reliability and effectiveness of the risk management and internal control system and the corporate governance system, including the assessment of the effectiveness of the Company’s risk management and internal control procedures and corporate governance practices, preparation of proposals for their improvement, organisation and conduct of meetings with the Company’s executive bodies on risk management and internal control issues
Chief Executive Officer
  • Responsible for organising a strong risk management framework to identify, assess and manage the Company’s risks
  • Approves the Company’s risk map and register
  • Approves a list of measures to manage existing risks
  • Approves the list of risk owners
  • Identifies a structural unit’s head, who provides information on risks and their management strategies
  • Uses the risk information reported by the risk manager
Heads of structural units
  • Ensure that workers in their structural units follow the rules of the risk management policy
  • Provide information on the risks in the area of their expertise to the risk manager to update the risk map and register
  • Ensure that risk management measures are put in place in a timely manner
  • Allocate resources when prompt action is needed to manage risks or to mitigate the negative impact of risks that have already materialised
  • Optimise business processes to mitigate the level and consequences of risks
  • Consider risk information when establishing the structural unit’s objectives and budget
Risk manager
  • Coordinates the work of the structural units in identifying and assessing risks and in developing risk management measures
  • Ensures that the Risk Management Policy is up to date
  • Aggregates risk information and prepares reports on the Company’s risks
  • Devises and implements measures to promote the company’s risk management culture (if necessary)
Other workers
  • Identify the risks in their area of expertise
  • Implement the approved risk management measures
  • Monitor the level of risks in their area of expertise

Risk categories

Possible risk factors Mitigation methods
BIOLOGICAL RISKS – RISKS RELATED TO THE SPECIAL FEATURES OF FISH REARING AND HEALTH
  • Risk of introduction of foreign pathogens
  • Transmission of disease from wild fish
  • Risk of genetic variation in fish stocks
  • Continuous production control
  • Analysis of reference indicators for water quality and natural waste generation
  • Installation of an advanced cleaning system
  • Use of special protective nets and anti-seal ultrasonic deterrents
PATHOGEN RISKS – RISKS ASSOCIATED WITH EPIZOOTIC OUTBREAKS
Epizootic outbreaks
  • Adherence to the general recommended rearing volumes, sufficiently spaced plots, and concentration of the largest biomass in areas of greater depth
  • Regular internal and external veterinary inspections of farms
  • Volume and density of fish stocking is justified by scientific institutions
  • Neighbouring farms have fish from the same generation
  • Resting of farms after the slaughter of the latest generation of fish
  • Insurance for fish
NATURAL AND CLIMATIC RISKS – RISKS OF ABNORMAL WEATHER EVENTS
  • Abnormal weather phenomena in winter or summer
  • Change in oceanic currents
Risk occurrence is very low. The existing changes in climatic conditions and oceanic currents present no threat. In case of significant changes in water temperature and routes of undercurrents, the existence of not only the Company’s farm but of the whole fishery industry of the region will be unlikely
REGULATORY AND GRGovernment Relations. RISKS – RISKS ASSOCIATED WITH THE LEGAL PECULIARITIES AND LEGAL ENVIRONMENT OF THE COMPANY
Changes in legislation (including changes in tax rates, increases in various fees and charges)
  • Monitoring and active participation in discussions on legislative initiatives
  • Increased financial safety margin
HR RISKS – HR-RELATED RISKS
  • Lack of skilled employees
  • Poaching of key workers by competitors
  • Work-related injuries
  • Risk of product theft, illegal fishing, deliberate damage to cages
  • Performance incentives for the most responsible and distinguished employees
  • Extension of agreement terms and wages for proven employees
  • Safety training for staff and monitoring of safety compliance
  • Strict controls to ensure that only well-trained and technologically competent workers are authorised to work on the production sites
  • Design of production facilities with consideration for personnel safety
  • Establishment of a security service
  • Round-the-clock monitoring of all sites
  • Installation of CCTV equipment
OPERATIONAL RISKS – RISKS RELATED TO THE SPECIFICS OF FARMING AND PRODUCTION TECHNOLOGY
  • Poor planning
  • Inadequate engineering
  • Risk of failure to reach planned capacity and low production efficiency
  • Risk of predation
  • Risk of inadvertent damage or breakdown of key equipment, which can significantly affect the production process
  • Reflection and incorporation of past experience into planning
  • Exploration of alternatives in planning
  • Careful consideration of all possible project options, identification of their strengths and weaknesses
  • Admission of the possibility of making adjustments to the project
  • Training for staff at cage farms in Norway
  • Focus on streamlining the work process according to best practices
  • Rules and regulations for the main production processes
  • Tendering procedures for all major procurements
  • Planning of production volumes, accounting for all variables influencing the outcome, prompt revision of plans, and communication of production volume changes to customers
  • Installation of anti-seal equipment
  • Permit to work to trained personnel only
  • Equipment insurance, purchase of equipment only with a long warranty period
  • Compulsory availability of a spare parts kit at the site, in particular for load-bearing structure parts and fasteners

FINANCIAL AND MARKET RISKS – RISKS RELATED TO THE FINANCIAL POSITION,
LIQUIDITY AND SOLVENCY OF THE COMPANY

  • Changes in market conditions
  • Sharp decrease in the selling price of products due to the prevailing position of foreign suppliers of salmon species on the Russian market
  • Insufficient funding
  • Fluctuation in exchange rates
  • Reduced dependence on foreign suppliers
  • Consideration of alternatives to domestic feed producers
  • Budget planning, taking into account possible increases in the cost of basic materials as well as exchange rate forecasts

COMMERCIAL RISKS – RISKS ASSOCIATED WITH THE FAILURE OF SUPPLIERS
OF RAW MATERIALS AND SUPPLIES TO FULFIL THEIR OBLIGATIONS

Breach of or default ob obligations by suppliers of raw materials and supplies
  • Penalty clauses in contracts with suppliers
  • Pre-defined alternative list of suppliers

Risk map

The Company’s Risk Map is put together by conducting polling surveys and/or one-on-one interviews with each risk owner. It includes a description of all potential risks, an evaluation of their severity and likelihood of occurrence, management strategies, and identification of who is in charge of mitigating the risk and/or its consequences. The risk map is updated regularly to reflect changing operations and external factors.

The Audit Committee of the Board regularly reviews the Company’s existing risk map and conducts interviews with key risk owners.

The members of the Audit Committee of the Board of Directors were quite complimentary of the risk governance work done by the Company’s management at their most recent meeting in 2022.

Plans to improve the risk management and internal control system

  • To analyse the Company’s current internal documents regulating the financial and economic activities of the Company in accordance with the Internal Control Regulations.
  • To draft proposals for improving and updating these documents.
  • To monitor the implementation of internal control procedures.

Promotion of risk management culture within the Company

The Company is taking steps to improve workers’ risk management capabilities in order to promote the internal risk management culture, including:

  • Workshops and information sessions for employees, covering information on the status and results of risk management in the Company, the main elements and tools of risk management, and the responsibilities of employees
  • Provision of information materials (memos) on risk management to newly hired employees of the Company

Independent auditors

The General Meeting of Shareholders approves independent auditing companies with no property interests in the Company or its shareholders in order to carry out an annual audit of the Company’s RAS accounting (financial) statements and INARCTICA Group’s IFRS consolidated financial statements.

BST JSC (OGRN 1027700425444) was approved as the auditor of the Company’s 2022 consolidated financial statements.

BST JSC has been the independent auditor of the INARCTICA Group since 2011.

By decision of the annual General Meeting of Shareholders dated 23 June 2022 (Minutes No. 69 dated 23 June 2022), Atlas Audit LLC (OGRN 5147746074251) was approved as the auditor of the Russian accounting records of the Company for 2022.

How independent auditors are selected

The Company makes sure that an independent auditor is a company with impeccable professional reputation, experienced and qualified staff and high-quality services.

Steps in the selection process for candidates among auditing organisations:

  • Collection of commercial proposals from auditing organisations
  • Preliminary review of the received proposals by the Audit Committee of the Board of Directors
  • Audit Committee’s proposal to the Board of Directors to recommend to the General Meeting of Shareholders the selected audit companies to serve as the Company’s auditors and the fees payable for their services
  • Decision of the Board of Directors to nominate the Company’s auditor (auditing organisation) for approval by the General Meeting of Shareholders
  • Approval of auditor nominees by the General Meeting of Shareholders of the Company

During regular in-person meetings, the Audit Committee of the Board of Directors reviews reports from the audit organisation on the results of its audits of the Company’s IFRS financial statements.

This procedure helps the Audit Committee of the Board of Directors to form an opinion onthequality of the auditors’ work.

Remuneration of independent auditors for 2022
Company Amount of remuneration (excluding VAT), RUB
BST JSC 12,300,000
Atlas Audit LLC 240,000
Internal audit

Internal audit

The Internal Audit Service is a structural subdivision of the Executive Office of INARCTICA PJSC.

Its activity is regulated by the legislation of the Russian Federation, the Company’s Charter, decisions of the General Meeting of Shareholders, the Board of Directors, the Audit Committee of the Board of Directors, the Regulations on the Internal Audit Service, as well as orders, instructions and other local regulations of INARCTICA PJSC.

The Internal Audit Service reports functionally to the Board of Directors of the Company and administratively to the Chief Executive Officer of the Company. The Internal Audit Service’s operations are overseen by the Head of the Internal Audit Service.

The purpose of internal audit is to provide independent and objective assurance to the Board of Directors / Audit Committee of the Board of Directors and the executive bodies of the Company that the Company has adequate internal control, risk management and corporate governance systems inplace to ensure that:

  • Operations are efficient, cost-effective and productive
  • Requirements of the legislation of the Russian Federation, as well as the decisions of the governing bodies and organisational and administrative documents of the Company are complied with
  • Misconduct by Company employees andthird parties in relation to Company assets canbe prevented
  • Statements of any kind are accurate, complete and timely prepared

Functions of the Internal Audit Service

Within the parameters of its responsibilities, the Internal Audit Service performs the following primary duties:

  • Planning, organising and conducting internal audits of business processes (lines of business), business functions, projects, plans, programmes, structural and separate units and other security-related audits of the Company
  • Checking compliance with legislation, industry regulations, internal guidelines, standards and other internal documents, and contractual obligations
  • Reviewing the efficiency, cost-effectiveness and productivity of the Company’s operations
  • Checking the accuracy and reliability of the accounting (financial) and management accounts
  • Monitoring safety of the Company’s assets
  • Conducting audits, completing other assignments as instructed by the Board of Directors (Audit Committee) and/or the executive bodies of the Company on matters within the purview of internal audit
  • Communicating the results of audits to the Board of Directors (Audit Committee) and the Company’s executive bodies, giving recommendations to eliminate violations and shortcomings identified during audits and proposals to upgrade the efficiency and effectiveness of internal control, risk management and corporate governance systems, as well as to improve the Company’s operations
  • Monitoring the progress of corrective action plans to remedy breaches and deficiencies identified during audits and the application ofrecommendations and proposals to improve the Company’s operations
  • Assessing whether the risk management andinternal control system is effective
  • Assessing the quality of corporate governance in the Company

The Internal Audit Service follows the following guidelines while conducting internal audits in compliance with INARCTICA’s internal audit policy:

  • Integrity
  • Fairness of presentation
  • Confidentiality
  • Professional competence
  • Independence

Auditing Commission

The Company had an Auditing Commission until June 2022, which consisted of three members: Mariya Galkova, Natalya Grigoryeva and Mariya Klimova.

By decision of the annual General Meeting of Shareholders dated 23 June 2022 (Minutes No. 69 dated 23 June 2022), amendments No.4 to the Company’s Charter were adopted, which removed the provisions on the Auditing Commission of the Company from the Charter.

Insider information

The Company places a high priority on preventing the wrongful use of insider information.

These Regulations stipulate that insider information includes information that the Company determines independently as such based on the provisions of Federal Law No. 224-FZ on Combating Insider Information Misuse and Market Manipulation and on Amending Certain Legislative Acts of the Russian Federation dated 27 July 2010 and regulatory acts of the Bank of Russia with due regard for the specifics of the Company’s operations, as well as regulate the rules for compiling lists of insiders, control measures for compliance with the insider information legislation, rules for handling insider information, insiders’ transactions with the Company’s financial instruments, and liability for the misuse of insider information.

The Company’s Legal Department is the unit responsible for control over compliance with the requirements of Russian Federation legislation on combating misuse of insider information and market manipulation.

The responsibility of the Company’s Legal Department in dealing with insider information covers:

  • Maintaining the list of insiders, amending it, submitting it to trade organisers, the Bank of Russia and other entities at their request
  • Recording and storing notices of an entity’s inclusion/exclusion from the insider list
  • Conducting internal control over compliance with the requirements of Federal Law No. 224-FZ and other by-laws in relation to the handling of insider information
  • Setting up processes aimed at identifying, analysing, assessing and monitoring regulatory risk and the risk of the Company incurring costs (losses) and/or other adverse consequences as a result of breaching the requirements of Federal Law No. 224-FZ
  • Keeping records of regulatory risk events
  • Supervising compliance with the procedure of access to insider information, the procedure and terms of disclosure of insider information, the rules for protecting its confidentiality
  • Making proposals to update the Company’s list of insider information

In accordance with the requests received from the trade organiser (Moscow Exchange), the Company sends it a list of its insiders on a monthly basis. In order to provide the trade organiser with the most up-to-date information on insiders, the Company regularly monitors changes that have occurred to persons/entities who have access to the Company’s insider information.

Anti-Corruption Management

The Company is committed to the principle of zero tolerance of corruption in all its forms and manifestations (including bribery, influence peddling and any other form of fraud).

This principle means that all associates of Group companies are fully and unconditionally prohibited from engaging in corrupt activities, including intermediation, directly or through third parties, regardless of prevailing business practices in any given country.

On 23 December 2022, the Board of Directors approved the Anti-Corruption Policy (Minutes No. 391 dated 26 December 2022) which aims to ensure that the Company operates in line with the requirements of anti-corruption legislation and high business standards, to build a uniform rejection of corruption in all forms and manifestations, to minimise the risks of involving Company employees in corruption activities and to identify and prevent cases of involvement of Company employees in such activities.

For anti-corruption purposes, the Company periodically does due diligence on its employees and counterparties as well as on individual projects, work, services, transactions and relationships.

A series of procedures are also put in place by the Company to avoid conflicts of interest. When a conflict of interest comes to light, management should decide on a precise course of action as soon as possible.

For more information on the anti-corruption efforts, see the Company’s ESG Report 2022.

Hotline

During the reporting period, the Company set up an anti-corruption hotline. Any interested party may, in good faith, report any information or reasonable suspicion of an associate’s involvement or attempted involvement in corrupt activities to the anti-corruption hotline. All calls to the anti-corruption hotline are guaranteed to be completely anonymous and confidential.

Within three working days of receipt, all incoming calls are investigated and confirmed by the Company’s Security Service.

The following channels can be used to access the anti-corruption hotline:

Hotline