Risk management is an integral part of every process and functional responsibilities of every employee of UAPF JSC, aimed at timely identification of risks, assessment, monitoring and taking measures to reduce them in order to achieve the strategic and operational goals of the Fund. The risk management system of UAPF JSC consists of interrelated elements combined into a single process and includes a system of processes and procedures that provide the executive body and management body of the Fund with timely information about risks and decisions to minimize them.
The structure of risk management and internal control at the Fund is represented by the “three lines of defense” model in accordance with the principles of international COSO standards. According to this model, risk owners form the first line of defense, responsible for identifying, measuring, monitoring and controlling the operational risk inherent in their activities, including those associated with people, products, processes and systems, as well as ensuring an effective internal control system. The Risk Management Department is one of the second line of defense units that monitors, ensures and tracks the implementation of effective risk management and internal control practices. The third line of defense is provided by the Fund's Internal Audit Service. The Internal Audit Service provides an assessment to the Board of Directors and management of the Fund of the effectiveness of the first and second line of defense.
The Board of Directors and the Executive Board of UAPF JSC ensure the creation of a control environment that expresses and demonstrates to employees the importance of internal control and compliance with ethical standards at all levels of management and areas of the Fund’s activities. The Board of Directors of UAPF JSC annually approves a risk register, a risk map, an action plan to minimize risks, the general level of risk appetite and risk tolerance in relation to key risks. The Fund's risk management unit is responsible for coordinating and further improving the risk management system.
The Fund, as a major financial institution, takes the necessary measures and allocates sufficient resources to identify, measure and manage operational, financial, legal and other inherent risks, in order to ensure the reliable operation of the Fund's key activities, the achievement of the Fund's strategic goals and financial stability, and effective support for the continued operation critical core and support processes.
The Fund pays great attention to the development of a risk culture through the involvement of all employees in the risk management process, including through the regular exchange of information between the Board of Directors, the Executive Board and employees of the Fund. Training events are held for the Fund's employees in the field of risk management and internal control. As part of the RMS, the management and employees of the Fund, each at their own level, participate in identifying potential risks that may affect the activities of the Fund, as well as in managing these events within an acceptable level of risk.
The Fund also provides for work to further improve the corporate risk management system, in particular, the internal control system, as well as the business continuity management system (an example of the effectiveness of the Fund’s business continuity management process can be the work of the Fund during the introduction of a state of emergency in the Republic of Kazakhstan due to the pandemic coronavirus infection (COVID-19), which has not been stopped for a single day).
The Fund has approved and operates the Risk Management Policy at UAPF JSC, approved by the Decision of the Board of Directors of UAPF JSC No. 8 dated June 13, 2023, which describes the goals, principles and processes of the functioning of the risk management system.
Considering that the Fund’s activities are regulated by the requirements of the Social Code of the Republic of Kazakhstan and the Law of the Republic of Kazakhstan On the Securities Market, the risk management system of UAPF JSC was formed in accordance with the Rules for the formation of a risk management and internal control system for a unified accumulative pension fund, voluntary accumulative pensions funds approved by the Resolution of the Board of the Agency of the Republic of Kazakhstan for Regulation and Development of the Financial Market dated June 7, 2023 No. 40, as well as the current international internal control standard COSO Internal Control - Integrated Framework, other regulatory legal acts of the Republic of Kazakhstan and internal regulatory documents of the Fund.