Internal control and risk management
Nornickel’s corporate risk management system
Nornickel’s corporate risk management system
- Integration of the corporate risk management system (CRMS) into business processes
- Risk‑based decision making at various levels of the Company to support the achievement of strategic and operational goals
- Adherence to principles and requirements established by Russian laws, professional standards Corporate Governance Code recommended by the Bank of Russia; GOST R ISO 31000–2019 Risk Management. Principles and Guidelines; COSO Enterprise Risk Management – Integrating with Strategy and Performance; and Recommendations for Public Joint Stock Companies to Organise Risk Management, Internal Controls, Internal Auditing, and the Work of Auditing Committees Under Boards of Directors (Supervisory Boards) (Appendix to the Bank of Russia’s Letter No. IN‑06‑28/143 dated 1 October 2020)., and internal documentsRisk Management Policy of PJSC MMC Norilsk Nickel; PJSC MMC Norilsk Nickel’s Procedure Rules for Risk Management.
- Key risk management objectives
- Increase the likelihood of achieving the Company’s goals
- Improve resource allocation
- Boost Nornickel’s investment case and shareholder value
The key risk management actors at Nornickel are the Board of Directors and its Audit Committee, the Management Board and its Risk Management Committee, the Risk Management Service, the Internal Control Department, the Internal Audit Department, and designated risk owners. The allocation of risk management responsibilities among these actors is detailed in Nornickel’s 2023 Sustainability Report
In 2024, Nornickel implemented a number of projects and initiatives aimed at improving its CRMS and maintaining the system’s high level of maturity.
Initiatives to further develop Nornickel’s risk management system in 2024
Further improved automation tools for investment project risk management as well as integration between risk management and budget planning processes through an existing GRC system
Updated the quantitative assessment of the cumulative impact of risks on functional strategies
Provided training for Company employees
Developed an e‑course on investment project risk management, along with a self‑diagnostic tool for assessing risk culture
Maintained regular activities of the Management Board’s Risk Management Committee and dedicated function‑level risk management committees
Initiatives to further develop Nornickel’s risk management system in 2024
Ran a quantitative assessment of the cumulative impact of key risks on the Company’s 2025 budget as well as an analysis of the budget sensitivity to key risks, with follow‑up risk management measures included in the budget
Further improved quantitative assessment tools for operational risks
Ran regular quantitative assessments of investment project risks
Had the ESG risk management system independently assessed by a third party, confirming its high effectiveness
Monitored Company‑level and division‑level risk appetite metrics
- In line with risk management system improvement plans, the following areas have been prioritised for 2025:
- Further automating risk management system functionality
- Expanding the scope of quantitative risk assessment in strategic and operational planning
- Enhancing the methodology to analyse, assess, and manage various categories and types of risks
- Applying and enhancing the concept for assessing long‑term climate‑related risks in line with TCFD recommendations
Sustainability risk management
The most significant risks by effect on Nornickel’s goals and by source are shown on the map of key risks.
Year‑on‑year changes in risk assessment results mainly demonstrate the effect of mitigating measures and changes in external factors on the Company as it adapted to a new normal.
Nornickel is improving its climate risk management procedures. For details on physical and transition risks, including methodologies for identifying and assessing such risks, and the climate scenarios developed, please see the Climate Change section and Nornickel’s 2024 Climate Change Report.
Risk insurance
Insurance is an essential tool used to manage risks while protecting the property interests of Nornickel and its shareholders against any unforeseen losses related to operations, including due to external effects.
Nornickel has centralised its insurance function to ensure the consistent implementation of its uniform insurance policy and standards. The Company annually approves a comprehensive insurance programme that defines key parameters by insurance type, key business area, and project. Nornickel has developed and implemented a corporate insurance programme that covers assets, equipment failures, and business interruptions across the Group as well as enterprises in the core production chain, all on the same terms. The directors’ and officers’ liability, freight, information risks, construction and installation, various vehicles, and other types of liability insurance programmes of the Company are also centralised and promote continuity.
Nornickel maintains insurance contracts with major Russian insurers. The Company applies industry best practice and leverages insurance market trends to negotiate the best insurance and insured risk management terms.