An effective risk management system is an essential component of protecting the interests of both the Bank itself and its depositors and counterparties. The main objective of the Bank in risk management is to minimize financial losses, which is achieved by a whole range of measures to identify, assess and monitor various risks arising in the course of its activities.

The Bank has a fully functional system of control, monitoring and risk management, stress testing is carried out on a regular basis.

The current system ensures stable operation in the face of significant changes in the financial markets. As part of the risk management strategy, the Bank strives to maintain a sufficient level of liquidity, balance the structure of assets and liabilities by terms and types of currencies, and ensure the necessary level of diversification by industry, customers and investment sizes.

The risk management system is based on the requirements of the Bank of Russia, the recommendations of the Basel Committee on Banking Supervision and Audit Companies, the experience of leading foreign and Russian financial institutions and is regulated by internal standards and procedures.

The Bank's risk management is carried out in relation to financial risks (credit risk, market risks - currency risks, interest rate risk, other price risk, and liquidity risks). The main task of financial risk management is to determine risk levels and further ensure compliance with established limits and other internal control measures. The assessment of the accepted risk also serves as the basis for the optimal allocation of capital taking into account risks, pricing of operations and evaluation of performance.

The management of operational and legal risks, the risk of loss of business reputation ensures proper compliance with internal regulations and procedures in order to minimize these risks.

The process of independent risk control does not relate to the risks of doing business, such as, for example, changes in the economic environment, technology or changes in the industry. Such risks are controlled by the Bank's management during the strategic planning process.

All divisions of the Bank are guided in their activities by the following mandatory principles:

• mandatory execution of technologies established by regulatory documents;
• execution of operations and access to information within their authority;
• availability of control for each technology of the operation.

The risk management system is checked on a regular basis by authorized representatives of the Bank's Board of Directors. The Bank's Board of Directors uses the information obtained during the audit and evaluation of the risk management system in order to assess the compliance of banking risk management procedures with the nature and scope of the Bank's activities as a whole and to prepare recommendations to the Bank's Management Board on improving certain areas of banking risk management.

The Bank has an effective internal control system. The Internal Audit Service conducts regular inspections in various areas of the Bank's activities, in accordance with the Audit Plan approved by the Bank's Board of Directors. The reports of the Internal Audit Service are approved by the Chairman of the Bank's Management Board and reviewed at meetings of the Bank's Board of Directors.

The Bank fully implements measures to counteract the legalization (laundering) of proceeds from crime and the financing of terrorism in accordance with the legislation of the Russian Federation, regulatory documents of the Bank of Russia, Internal Control Rules.