Control and Reporting

The internal control and risk management system

The Internal Control System comprises the system of bodies and areas of internal control that ensure compliance with the procedure for meeting and implementing objectives set forth by the laws of Russia and the incorporating and internal documents of Sberbank.

The Supervisory Board is responsible for defining the principles of and approaches to the organization of internal control and risk management systems of the Bank. The creation and maintenance of effective functioning of internal control and risk management systems at the bank are provided by executive bodies, which are also responsible for implementing decisions by the Supervisory Board in these areas.

The internal control and risk management systems of Sberbank are built using the Three Lines of Defense model, where:

Internal control in Sberbank is performed by:
Control bodies of the Bank Internal Audit Service
Audit Commission Internal Control Service
Chief accountant of The Bank (his/her deputies) Structural unit (responsible official) for countering the (laundering) of criminal proceeds and financing of terrorism
Heads (their deputies) and Chief accountants (their deputies) of the Bank’s branches Inspector of a professional participant of the securities market
Other units and employees exercising internal control within the scope of authorities set forth by the Bank’s internal documents.
Organization of the risk management process

The risk management system applied by Sberbank is based on standards and tools recommended by the Basel Committee on Banking Supervision and complies with the requirements of the world’s best practices. The main objectives of the integrated risk management system as an integral part of Sberbank’s management processes are the introduction of risk management standards, principles, limits, and restrictions, monitoring of the risk level and generation of risk reports, ensuring compliance of the level of assumed risks to fixed risk appetite limits, and the modeling and creation of a common risk profile.

To ensure the effective planning and control of accepted risks, risk management functions are distributed among the Supervisory Board, the Chairman of the Board, the CEO, the Executive Board, the supervisor of the Risk Unit (Head of the Risk Management Service of Sberbank), specialized committees of the Executive Board, business units of the Risk Unit, and other business units of Sberbank and members of the Group.

Internal Audit Service

The Internal Audit Service is intended to support Sberbank’s control bodies in achieving their objectives and ensure the efficiency and high performance of Sberbank’s operations and operates in compliance with the principles of constant activity, independence, impartiality, fairness, objectivity, and professional competence. The Internal Audit Service is an independent structural unit that performs inspections of the entire system of internal control functioning; it is accountable to the Supervisory Board and is administratively subordinate to the CEO, Chairman of the Executive Board. The Head of the Internal Audit Service is appointed to and removed from office by the Supervisory Board.

In August 2016, OOO PricewaterhouseCoopers Advisory (PwC) conducted an external assessment of the Internal Audit Service of Sberbank for compliance with International Internal Audit Professional Standards. Main conclusions of external assessment: “The results of the analysis of internal audit performance make it possible to state that the activity of Sberbank Internal Audit Service is continuously improving. The strong points of the Bank’s Internal Audit Service are the qualification level of its employees and the quality of its audit reports.”

Sberbank shall take the necessary measures to ensure the independence and fairness of the Internal Audit Service and the seamless and efficient performance of the Internal Audit Service’s functions.

The Internal Audit Service conducts audits in all areas of Sberbank’s activities and monitors the effectiveness of the department and control body measures that reduce identified risks following audit results.

The Head of the Internal Audit Service provides the Supervisory Board with the Service’s reports on the implementation of the Yearly Audit Plan as approved by the Supervisory Board and on the results of Sberbank audits for the respective periods.

In its work, the Internal Audit Service uses the best internal audit practices, including the international fundamentals of the professional internal audit practice

Oleg Chistyakov
Oleg Chistyakov
Head of the Internal Audit Service

Year of birth: October 22, 1964

Year of appointment: 2014.

Work experience:

2009 to present – Director of the Internal Control, Inspection, and Audit Administration of Sberbank. September 12, 2014, appointed as Head of the Internal Audit Service of Sberbank.

Education:

1986 – Sergo Ordzhonikidze Moscow Management Institute, Engineer-Economist

Internal Control Service

To implement internal controls, assist the control bodies of Sberbank in ensuring the compliance of Sberbank’s activities to the laws, regulations, and best practices, as well as to create and apply effective methods and mechanisms for managing the risk of losses incurred by Sberbank as a result of noncompliance with the laws of Russia, internal documents of Sberbank, standards of self-regulatory organizations and/or sanctions, and/or other enforcement measures on the part of supervisory authorities, Sberbank established its Internal Control Service to comprise the structural business units and employees of Sberbank acting in accordance with the Regulations on the Internal Control Service.

The Internal Control Service acts in accordance with the principles of independence, continuity, objectivity, impartiality, and professional competence.

The Internal Control Service is accountable to the Supervisory Board, CEO, Chairman of the Executive Board and Executive Board of Sberbank. At least once annually, the Internal Control Service provides reports on completed work to Sberbank’s executive bodies and in certain cases to the Supervisory Board.

Larisa Zalomikhina
Larisa Zalomikhina
Head of Internal Control Service

Year of birth: January 4, 1973

Year of appointment: 2014.

Work experience:

2004 to 2012 – President of Financial Broker Troika Dialog CJSC. December 2012 to present – Director of the Compliance Division. From September 2014 – Head of Sberbank’s Internal Control Service.

Education:

1996 – Moscow Institute of Physics and Technology (MIPT) with a specialization in Applied Mathematics and Physics.

Risk Management Service

For the purpose of managing risks, Sberbank established the Risk Management Service, which comprises the structural units and committees of Sberbank, the main functions of which include risk management. To avoid any conflicts of interest, Sberbank ensured the independence of business units responsible for risk management from business units engaged in operations/transactions exposed to risks

Aleksander Vedyakhin
Aleksander Vedyakhin
Head of the Risk Management Service

Year of birth: February 20, 1977

Year of appointment: 2015.

Work experience:

2008 to 2012 – the First Deputy Chairman of the Executive Board at Sberbank (Ukraine). December 2012 to July 2015 – Executive Director of the Risk Department, Managing Director of the Sberbank Risk Unit Administration. June 2015 till present – Senior Vice President.

Education:

1999 – Volgograd State Technical University with a specialization in World Economics

2001 – PhD in Economics

2010 – Russian Presidential Academy of the National Economy and Public Administration, «Banks» MBA Program

External Auditor

To check and verify the reliability of financial (accounting) statements compiled both under Russian and international standards, Sberbank employs an independent auditing organization.

Sberbank holds an annual open tender for selecting the auditing organization with the right to audit the Bank. Tender documentation for open tenders is approved by the tender commission and published on the official website of Sberbank. The auditing organization selected following the open tender is approved by the Executive Board, the Audit Committee of the Supervisory Board, and the Supervisory Board and submitted for approval to the annual General Shareholders’ Meeting of Sberbank.

On May 27, 2016 the annual General Shareholders’ Meeting of Sberbank appointed AO PricewaterhouseCoopers Audit the auditor of Sberbank for 2016 and the first quarter of 2017 (the auditor of Sberbank for 2015 and the first quarter of 2016 was Ernst& Young LLC). In accordance with the audit service agreement, AO PricewaterhouseCoopers performed the following types of works:

  • audit of Sberbank’s annual accounting (financial) statements for 2016 prepared in accordance with the requirements;
  • audit of Sberbank’s consolidated financial statements prepared in accordance with IFRS;
  • reviews of interim condensed consolidated financial statements for 6 and 9 months of 2016 and Q1 2017 prepared in accordance with IFRS;
  • audit of Sberbank’s interim accounting (financial) statements for 6 and 9 months of 2016 prepared in accordance with the requirements of the legislation of the Russian Federation.

Below the payments made by the Sberbank Group’s companies to the companies of the Group of Sberbank’s auditor are presented.

RUB, million 2015 2016
Audit of the annual statements (includes audit of the regulatory statements, IFRS statements) 245.4 13.2
Interim audits and reviews 116.6 13.5
Tax consultancy services 94.4 30.2
Other non-tax consultancy services 156.9 172.9
Audit Commission

For the purposes of control over Sberbank’s financial and economic activities, the Audit Commission is elected by the Annual General Shareholders’ Meeting. In accordance with Sberbank’s Charter, the number of members of the Audit Commission is seven. Members of the Audit Commission may not simultaneously act as members of the Supervisory Board or hold other positions in the Sberbank’s control bodies.May 27, 2016, the Annual General Meeting of Sberbank Shareholders elected 3 external representatives and 4 representatives of Sberbank to the Audit Commission.

The composition of the Audit Commission:
Chairman of the Audit Commission Natalya Borodina Deputy Director of the Internal Audit Department of the Central Bank of Russia
Member of the Audit Commission Vladimir Volkov Deputy Chief Accountant of the Central Bank of the Russian Federation – Deputy Director of the Accounting and Reporting Department
Member of the Audit Commission Tatyana Domanskaya Head of the Division for Interaction with External Controlling Authorities, the Internal Audit Department of Sberbank
Member of the Audit Commission Yuliya Isakhanova Senior Managing Director – Head of the Financial Control Directorate of the Finance Department of Sberbank
Member of the Audit Commission Irina Litvinova Head of the Division for Audit Operations on Accounting and Financial and Business Operations of the Internal Audit Department of the Central Bank of the Russian Federation.
Member of the Audit Commission Alexey Minenko Managing Director, Deputy Chief Accountant – Deputy Director of the Accounting and Reporting Department of Sberbank
Member of the Audit Commission Natalia Revina Senior Managing Director – Head of the Integrated Risk Management Department of Sberbank

The Audit Commission shall audit Sberbank’s financial and economic activities following the results of the year as well as at any other time upon the initiative of the bodies and persons set forth by Federal Law No. 208-FZdated December 26, 1995, On Joint-Stock Companies, the Charter of Sberbank, and the Regulation on the Bank’s Audit Commission.

The Audit Commission evaluates the accuracy of data included in the annual report and contained in the Annual Accounting (Financial) Statements of Sberbank, may call to convene an extraordinary General Shareholders’ Meeting or meetings of Sberbank Supervisory Board when any breaches are revealed during the audit in the Sberbank’s financial and economic activities, or a real threat to Sberbank’s interests (or depositors) is discovered that requires adopting resolutions on matters that fall within the competencies of said bodies of Sberbank.

Payment of remuneration to members of the Audit Commission of Sberbank and the compensation of expenses connected with their participation in the operations of this control body are made in the amount and under the procedure established by the Regulations on the Audit Commission, which is an internal document of Sberbank approved by the Annual General Shareholders’ Meeting on June 6, 2014. For the performance of their duties, the Chairman of the Audit Commission is paid remuneration in the amount of 1 mln rubles; members of the Audit Commission are paid 750 thousand rubles each.

The total remuneration paid to members of the Audit Commission in 2016 related to their participation in this Sberbank control body amounted to RUB 4 mln

Compliance control (anticorruption)

Sberbank's compliance management system has been certified acordingto the standard ISO 19600:2014 - "Compliance function management"

Among the key events in the area of compliance risk management in 2016 we can single out the following:

  • the Compliance Department has a new organizational structure in order to optimize the work process for compliance-related activity;
  • additional control procedures have been implemented for the purpose of preventing the involvement of the Bank in the processes of legalization (laundering) proceeds from crime and financing of terrorism;
  • a set of measures has been developed to bring the Bank's activity in line with new legislation (including foreign laws in the financial markets which are of exterritorial effect).
  • the project of preparation for implementing the requirements of the Standard for Automatic Exchange of Financial Account Information or Common Reporting Standard, CRS, has been realized.
  • implemented additional control procedures in conflict of interest risk management and the fight against corruption in the Bank;
  • measures have been directed towards improving the identification process of economically sanctioned persons among the Bank's clients;
  • current training courses on compliance have been updated and new training courses have been developed, including the launch of training under the professional development program, "Compliance" on the basis of "Sberbank Corporate University CPE ANO for Line and Middle Managers."

During 2016, Sberbank implemented additional control procedures in the area of countering corruption and managing conflicts of interest risk (for instance, control over the joint work of relatives). In addition, measures have been taken to improve internal regulative documents: standards regulating the acceptance of gifts and disclosure by employees of conflicts of interest have been developed and approved, and the compliance control hotline function has been improved. In 2016, as part of the qualification development program Compliance on the basis of Autonomous Nonprofit Organization of Further Professional Education Corporate University of Sberbank for line and mid-level managers, over 49 thousand employees completed training in the fields of countering corruption and controlling conflicts of interests.

Development of the compliance control system:

  • Stage-by-stage transition to the target automated online compliance control platform in relation to the client and their transactions for the purpose of countering the laundering of criminal proceeds and financing of terrorism
  • Development of the system of client transaction monitoring on the Oracle FCCM platform, in part control over suspicious client transactions
  • Promotion of the hotline to counter corruption offenses
  • Modernization of automated preliminary control procedures when making transactions on the stock markets
  • Development and stage-by-stage implementation of the automated system to control conflicts of interest
  • Expansion of personnel training programs to the area of compliance

Sberbank is an active participant of professional communities, including, among others, the Expert Group on Countering the Legalization of Criminal Proceeds and Financing of Terrorism, Internal Control and Regulatory (Compliance) Risk under Expert Consultative Counsel, the Federation Counsel, the Federal Assembly of Russia Committee on Budget and Financial Markets under the Federation Counsel, as well as the National Association of Stock Market Participants (NAUFOR) and the National Securities Market Association (NSMA).