Control BodiesFor more details on control bodies’ activities see Appendix 2 Governing and Control Bodies to this Annual Report.

Internal Audit Unit

Key roles

  • Internal audit based on a risk-oriented approach and best practices
  • Independent assistance in the enhancement of risk management, internal controls, and corporate governance
  • Ensuring efficient operation of the Ethics Hotline.

Key 2018 results

  • Executed the audit action plan, achieved economic benefit
  • Provided recommendations to increase risk manageability, and proposals to receive additional income and cut costs
  • Began implementing the continuous audit model developed earlier
  • Integrated IT solutions into audit.

Risk Management divisions

Key roles

  • Building, monitoring, and maintaining the risk management system (RMS).

Key 2018 results

  • Implemented projects to automate the RMS:
    • Online risk reports for managers
    • Risk indicator dashboard for business processes (pilot)
  • Initiated changes in the procurement management process following the RMS automation development projects
  • Adopted simulation in risk assessment
  • Included risk modelling and risk response measures verification procedure in the Regulations on the Corporate Project Management
  • Initiated the Single Point of Contact for Project Management to obtain information on the project management and product launch risks
  • Approved the Risk Management Programme
  • Approved the Action Plan to mitigate the risks of business interruption due to sanctions.

Asset Protection Department (Compliance)

Key roles

  • Corporate culture development in terms of anti-corruption, prevention of embezzlement and the conflict of interest, and compliance with ethical standards
  • Analysing and monitoring the activities of the Company and its subsidiaries and affiliates related to asset protection
  • Maintaining a hotline and an anti-corruption portal.

Key 2018 results

  • Launched an automated system to resolve conflicts of interest
  • Developed and implemented the Company’s 2018 compliance programme
  • Held in-person and remote compliance trainings
  • Introduced anti-corruption programmes at 30 subsidiaries and affiliates.

Dedicated officials responsible for the implementation of internal controls to counter money laundering, the financing of terrorism, and the financing of the proliferation of weapons of mass destruction

Key roles

  • Protecting the Company from criminally obtained incomes
  • Mitigating the risk of money laundering and the financing of terrorism
  • Monitoring compliance with the requirements for subscriber identification
  • Identifying and terminating criminal/dubious activities.

Key 2018 results

  • Appointed dedicated officials responsible for internal controls in all macroregional branches
  • Created teams headed by security directors in all regional branches
  • Appointed employees responsible for subscriber identification
  • Automated subscriber inspection for invalidated passports and engagement in extremism and terrorism
  • Assessed the risk of legalisation of criminally obtained incomes by customers
  • Arranged for trainings on countering money laundering, the financing of terrorism, and the financing of the proliferation of weapons of mass destruction.

Internal Control Unit

Key roles

  • Assisting the top management in building an efficient internal control system (ICS).

Key 2018 results

  • Reviewed the ICS across the key processes and the Company’s macroregional branches to develop recommendations and take actions to enhance its efficiency.

Audit Commission

Key roles

  • Monitoring financial and business operations between General Shareholders’ Meetings.

Key 2018 results

  • Audited the financial and business performance of the Company in 2018, including the annual report and annual accounting statements.

External audit

We annually engage an external auditor for independent assessment of the accuracy of the Company’s financial statements.

In 2018, following the procurement procedure, LLC Ernst & Young was selected as PJSC Rostelecom’s auditor of both IFRS and RAS financial statements for 2H 2018 and 1H 2019, with the  fee for audit-related servicesFor more details on the auditor’s fee see Appendix 2 Governing and Control Bodies (in Russian) to this Annual Report. totalling RUB 70.95 million.

The auditor confirmed the accuracy of the 2018 financial statements.

Compliance and anti-corruption efforts

Rostelecom is committed to the principles of openness, transparency, and integrity. The Company and all its employees are required to comply with the anti-corruption laws as well as principles of ethical business conduct.

Key regulations on anti-corruption compliance procedures:

  •  Anti-Corruption PolicyFor more details on Rostelecom’s Anti-Corruption Policy see the Company’s website (developed in 2014, updated in 2018)
  •  Code of EthicsFor more details on Rostelecom’s Code of Ethics see the Company’s website
  • Code of Corporate Conduct
  • Code of Supplier Business Ethics
  • Regulations on the Conflict of Interest Management
  • Regulations on Giving and Receiving Gifts
  • Regulations on Donations and Charitable Aid

The procedures ensuring compliance with anti-corruption laws are also stipulated in the Company’s business process regulations.

Key  anti-corruption focusFor more details on Rostelecom’s other anti-corruption focus areas see Appendix 2 Governing and Control Bodies to this Annual Report. areas in 2018:

  • Employee training
  • Feedback channels
  • Conflict of interest management
  • Subsidiary relations

Employee training

Rostelecom regularly holds anti-corruption trainings for its employees. All new employees pass a mandatory online course on the key principles set out in the Code of Ethics. In January 2018, we launched a new version of the course with more exercises and relevant examples.

In March 2018, an advanced online Corruption Prevention course was developed for the Company’s employees in positions with a higher corruption risk. In 2018, 480 employees of Rostelecom and 420 employees of its subsidiaries passed classroom compliance training.

Feedback channels

In line with the new strategy of digital coverage of Rostelecom’s anti-corruption efforts, a dedicated anti-corruption portal (in Russian) is in place and is constantly improved. The portal comprises Rostelecom’s anti-corruption internal regulations, compliance tests for employees and suppliers, materials on corruption prevention, and the information on all feedback channels that can be used to report instances of corruption.

Anti-corruption portal (in Russian)

Conflict of interest management

In June 2018, Rostelecom launched an automated system to resolve conflicts of interest. Any Rostelecom’s employee with a conflict of interest, as well as employees in positions exposed to a higher corruption risk regularly complete electronic declarations. Using pre-determined criteria, the system automatically identifies employees who should submit the declarations, and monitors timely completion of declarations by these employees, thus excluding the human factor from mandatory disclosures.

For 2019, we have scheduled the integration of the conflict of interest management system with automated internal and external systems, as well as the expansion of the system’s functions.

Anti-corruption efforts development at PJSC Rostelecom’s subsidiaries and affiliates

In 2018, Rostelecom developed anti-corruption processes at 30 subsidiaries and affiliates in which it has an effective interest of over 50%.