Risks management

Transtelecom JSC realizes the importance of risk management as a key component of the Company's corporate governance system aimed at timely identification and taking measures to reduce the level of risks that could adversely affect the Company's cost and reputation.

The risk management policy of the Company is implemented through the introduction of the Corporate Risk Management System (hereinafter referred to as the "CRMS"). The CRMS is a set of interrelated elements, united in a single process, within which the Board of Directors, executives and employees, each at their own level, participate in identification of potential events that may affect the Company's activities and these events management within the risk level admissible for shareholders.

The introduction and improvement of the CRMS is a necessary condition for Company's strategic and operational goals achievement and is one of the most important tasks in the short term.

The implementation of CRMS in the Company implies the establishment and development of the necessary infrastructure and culture, and also covers the application of logical and systematic methods of identification, analysis and assessment, monitoring, control and risk management inherent in all areas of the company’s activities, functions or processes in order to prevent losses and maximize benefits.

The main goal of the CRMS is to increase the effectiveness of threats and opportunities management, which should contribute to the process of capitalization increasing.

The CRMS also has the following objectives:

  • Design and application of uniform and consistent approaches to Company's risks identification, assessment and management, simplification of procedures for the exchange of vertical information on risks (management) and horizontal one (exchange of experience);

  • Arrangement of an opportunity for the Company to set and monitor the quality of risk management in the Company on the basis of clear and understandable criteria;

  • Formation of an information base for building an asset accounting system, their market value and valuation of the share capital;

  • Prompt response to emerging risk events, changes tracking in the external and internal environment;

  • Organization of purposeful risk management activities in order to reduce them to an acceptable level or transfer to third parties (insurance, hedging);

  • Systematization and further accumulation of information about the Company's risks, business manageability raising;

  • Finally - increase of the Company's capitalization by means of efficiency improvement and risk management optimization.

The Company annually or as necessary establishes alternative ways to achieve its goals and determines the risks associated with such alternatives or events that may affect the achievement of goals Such an analysis provides a basis for risks identification.

Each of the risks of the Register undergoes a procedure of its occurrence probability level and the magnitude of the consequences. In addition, during the year, the Company's risk managers drafted additional reports on financial risks, key risks and occurred risks, and also monitored the Company's business processes.

For assurance of horizontal communication and effective implementation of the register, the Company has a Risk Committee, which is an advisory body to the Management Board of the Company that develops proposals regarding risk management.

The main results and conclusions of the risk management process in the Company are displayed in the form of regular reporting on risks and measures to respond to them, on organization and supporting an effective risk management system of the Company.

Within the framework of the CRMS effectiveness increase in 2017, a number of the following key events were conducted:

  • Quarterly reports on risk management were drafted for the Board of Directors of the Company with description and analysis of key risks of Transtelecom JSC, as well as information on the implementation of plans and programs aimed at risks reduction

  • In order to improve qualifications in risks and develop a risk culture in the Company, in 2018 they held a training on self-assessment of risks with the Company's sectors and risk owners, as well as training for risk coordinators.

Depending on the sources of origin and sphere of influence, the following classification of risks for the past year was made in the Company:

  • Strategic risks – The risks of losses arising from changes or errors (shortcomings) in the definition and implementation of the activity and development strategy, changes in the political environment, regional conjuncture, sectoral decline, and other consistent external factors;

  • Financial risk – The risk associated with the structure of equity and financial profitability reduction. Financial risks include market risks (fluctuations in interest and currency rates, fluctuations in prices for natural resources), liquidity risks, credit risks (for corporate counterparties, second-tier banks and requirements in other countries);;

  • Operational risk – The risk of loss, accidents at work as a result of deficiencies or mistakes in the implementation of internal processes committed by employees (including personnel risks), the operation of information systems and technologies (technological risks), industrial safety, as well as due to external events;

  • Legal risk – The risk of losses resulting from non-compliance with the requirements of the legislation of the Republic of Kazakhstan, in relations with non-residents of the Republic of Kazakhstan - the laws of other states, as well as internal rules and procedures.

The Company pays special attention to risks assessment and control, both strategic and operational and other risks that may affect the achievement of long-term strategic goals and key performance indicators.

Following the results of risk assessment and identification, the following key risks of the Company were identified, which could adversely affect its operations and achieve strategic goals:

  • Liquidity loss risk

    Risk factors in the Company are the imbalance of financial assets and financial liabilities, overdue receivables. According to the results of the year, the current liquidity ratio is at the level of 0.8, in connection with the resulting receivables of the group of companies of KTZ NC JSC, which as of December 31, 2018 amounted to 15.71 billion tenge.

  • Information security risk

    Information security risk represents the possibility of IS breach with negative consequences.

    During the first half of 2018, in connection with cyber attacks, measures were taken to reduce this risk, such as disconnecting the PC from the local network and blocking the accounts of infected PCs of the Company's employees in all systems, namely Active Directory, TTCdocs EDMS, Green Corporate Portal before reinstalling all workstations, as well as formatting disks and reinstalling the operating system and changing passwords, the agent and antivirus protection of Kaspersky Endpoint Security 10 for Windows were installed on workstations

  • TELCO Income Loss Risk

    Risk associated with the lost revenues from TELCO projects provided by the Company.

    According to the results of the year, income from TELCO amounted to 28.58 billion tenge, which is 76% of the plan.

  • Risk of untimely project implementation

    The risk associated with the failure to perform a number of project activities, such as the incompleteness of ToR, design, planning, inefficiency of information flows, lack of funding and delayed approval by authorized bodies.