PJSC Inter RAO takes into account the reputational factor of its activities and takes measures to mitigate the adverse effect of risks on the Group’s brand.
The Group is highly focused on the interests of its investors and stakeholders, and to reduce the risks of sullying the Group’s image, it tries to inform the public about possible business threats with valid, transparent and timely disclosures in open sources. The Group also controls the risks of insider information disclosure to prevent fraud and price manipulation on the securities market, to which end the Regulations on Insider Information have been approved.
The Group takes all efforts to exclude the probability of corrupt practices that may entail penalties and sanctions for the Group’s legal entities and officials or compromise the Group’s business reputation and affect the trust of stakeholders. Conducting their labor activity, employees of the Company and the Group companies strictly adhere to the law and the highest ethical standards which implies a rejection of any forms of fraud and corruption.
To prevent the risks of corruption and fraud, the Group takes appropriate measures. The Company and the Group companies have an anti-fraud and corruption system, an approved anti-corruption policy, and authorized commissions and workgroups competent to address the issues pertaining to the counteraction of fraud and corruption and the management of conflicts of interest. Procedures for identifying and assessing corruption risks followed by the creation and maintenance of a list of corruption-hazardous functions and a list of posts related to corruption risks, are held on a regular basis. The Board of Directors is provided with regular reports on the anti-corruption measures taken and the efficiency of the anti-fraud and corruption system.
Information security risks
The Group gives special attention to ensuring information security of facilities and preventing realization of risks related to possibly breaching confidentiality, integrity and availability of information assets (cyber risks). PJSC Inter RAO has organized formalization of risk factors taking into account the possibility to control them, and made a description of the existing control procedures aimed at reducing the probability of risk realization. Besides, it has suggested various additional measures and control procedures to minimize the risks.
To protect the Group's information resources from unauthorized access (cyber attacks) and to meet the requirements of the Federal Law No. 187-FZ “On the Security of the Critical Information Infrastructure of the Russian Federation” dated July 26, 2017, PJSC Inter RAO and its controlled entities have established the functioning Commissions on classification of critical information infrastructure facilities.