The risk management system of UAPF JSC (hereinafter - RMS) consists of interconnected elements combined into a single process. Within the framework of the RMS, the management and employees of the Fund, each at their own level, participate in identifying potential risks that may affect the activities of the Fund, as well as in managing these events within an acceptable level of risk. The RMS includes a system of processes and procedures that provide the executive body and management body of the Fund with timely information about risks and decisions to minimize them.
The implementation and improvement of the RMS is a prerequisite for achieving the strategic and operational goals of the Fund.
The Fund provides for the main areas of risk management.
In its activities, the Fund is exposed to operational risks. Non-financial risks pose serious threats of significant losses and negative damage, including on the reputation of the Fund.
In order to minimize operational risks, the Fund takes measures to optimize business processes by reengineering the Fund's business processes, updating the base of internal regulatory documents and systematizing management reporting flows with the exception of duplication.
In the process of managing operational risks, the Fund uses various management tools in its activities:
To ensure a holistic and comprehensive management of operational risks, operational risk management tools are used in an integrated and interconnected manner.
The trustee of pension assets represented by the National Bank of the Republic of Kazakhstan ensures the availability of a risk management system for the portfolio of pension assets. However, in order to generate annual financial statements, confirmed by an external auditing company and for internal use, the Fund carries out general observations and monitoring of the exposure of portfolios of its own and pension assets to financial risks.
All key risks (strategic, operational, financial, legal and compliance risks and others) that may have a significant impact on the achievement of the Fund's strategic and business goals are collected in the Fund's risk register. This Risk Register makes it possible to determine the size of the impact and the likelihood of key risks in all areas of the Fund's activities.
The risk register allows the Fund's management to improve the efficiency of decisions taken, taking into account the current risk profile.
The process of managing the continuity of the Fund creates a framework that guarantees that the interests of the main and interested parties of the UAPF are respected and that the Fund's reputation is preserved. The Fund's business continuity management process is organized to minimize operational, financial, legal, reputational risks and other financial consequences arising from emergencies / crisis situations and is provided by a reliable information technology and information security infrastructure, and also provides for measures to timely respond and restore the business continuity cycle as soon as possible.
An example of the effectiveness of the process of managing the continuity of the Fund's activities can be the work of the Fund during the period of the introduction of a state of emergency in the Republic of Kazakhstan in connection with the coronavirus infection (COVID-19) pandemic, which was not stopped for a single day.
The internal control system includes a set of policies, processes and procedures of internal control to ensure the reliability, completeness and timeliness of keeping individual records of pension savings and payments, the safety of assets, information and effective targeted use of the Fund's resources and the reliability of financial, regulatory and management reporting, contributing to compliance with the legislation of the Republic of Kazakhstan on pension provision and the securities market, as well as the internal rules of the Fund, on reducing the risk of losses or reputational damage.
Improvement of the risk culture in the Fund is carried out on an ongoing basis. All significant events that may negatively affect the achievement of the Fund's goals are collectively considered at the meetings of the Risk Committee. When hiring, all employees are familiarized with the principles of functioning of the corporate risk management and internal control system in the Fund. Professional development and training of all employees of the Fund is carried out continuously, including on issues of risk management. Employees also undergo professional certification in the field of risk management, internal audit, financial analysis in order to maintain the risk management and internal control system of the Fund in accordance with internationally recognized standards and best practices in these areas.
Considering that the Fund carries out its activities in accordance with the requirements of the legislation of the Republic of Kazakhstan, the risk management system and the internal control system of the Fund are formed in accordance with the Rules for the formation of a risk management and internal control system for a unified accumulative pension fund and voluntary accumulative pension funds, approved by the Resolution of the Board of the National Bank of the Republic of Kazakhstan No. 76 dated April 27, 2018 (as amended on March 30, 2020).
The main provisions and principles of the risk management system of UAPF JSC are also provided for in the Risk Management Policy of UAPF JSC (with amendments and additions as of June 12, 2020), approved by the Minutes of the Board of Directors No. 3 dated April 28, 2017..