Risk management and internal control
HMS Group is exposed to various risks and uncertainties that may have undesirable financial or reputational implications. A risk management and internal control system has been integrated into the Group’s operations in order to minimise the negative impact of such risks and to benefit from available opportunities. The overall objective of this system is to obtain reasonable assurance that the Group’s goals and objectives will be achieved.
The main principle in the design and maintenance of such systems is that the expected benefits should outweigh the associated costs.
Key features of the internal control system over financial reporting
The Group uses a formal risk management and internal control program across its companies; there is an ongoing process for identifying, evaluating and managing the significant risks that the Group faces. Risks are classified according to their likelihood and significance; different strategies are used to manage identified risks. This process is regularly reviewed by the Board in accordance with applicable guidance.
The Board is responsible for the Group’s system of internal control and for reviewing its effectiveness. This system is designed to manage rather than eliminate the risk of failure to achieve business objectives and can only provide reasonable and not absolute assurance against material misstatement or loss.
Internal control and risk management monitoring is performed through internal and external assurance providers, which include:
- Financial statement audits performed by external auditors. Discussion by the Audit Committee of the results of the audit, including a review of the financial performance, any changes to disclosure, a subsequent events review, important accounting matters and other internal control matters.
- Review and formal approval of the financial results by the CEO, CFO, Audit Committee and the Board.
- Board and sub-committee approval and monitoring of operating, financial and other plans.
- Consolidation and verification of correct identification and proper assessment of critical business risks. The Audit Committee reviews changes to the risk profiles together with progress on actions for key risks on a regular basis.
- Internal audit function. The Head of Internal Audit, by way of its function, reports to the Audit Committee and, for administrative purposes, to the First Deputy CEO. The internal audit department performs its activities in accordance with an audit plan and incorporates a review of material controls, including financial, compliance and operational controls. The results of each audit are discussed in detail with the companies and business units concerned and action plans are agreed upon.
The Group’s goal is to continuously improve its governance and risk management sub-systems. We assess the findings of audits and internal investigations and use them to revise our internal processes and procedures.
The key features of the risk management process include:
- The gathering and analysis of information related to internal and external factors which can affect the achievement of the Group’s objectives;
- Identifying the possible negative impact of various events on operational and financial results in accordance with applicable risk-assessment methods;
- Setting appropriate risk-tolerance levels;
- Ranking risks according to their significance and probability;
- Making appropriate decisions to manage identified risks; and
- Actively monitoring the steps taken to control the most significant risks.
Principal risks and uncertainties
The table below shows the main categories of the risks that we encounter and how they affect our strategy.
Below is the summary of the principal risks and uncertainties facing the Group’s business. The Group also faces other risks and uncertainties, both known and unknown; some of them apply to similar companies operating in both the Russian and international markets.
Global political and economic risks
The Group may be exposed to various political, economic and other risks not only in the countries where it has primary production facilities (Russia, Ukraine, Belarus, and Germany) but also in jurisdictions where the Group has other interests (e.g. projects in the Middle East and Central Asia).
Starting from 2014, sanctions have been imposed in several packages by the US and the EU on certain Russian officials, businessmen and companies.
Nowadays, more than 14,000 Russian legal entities and 174 Russian citizens have been sanctioned. According to experts’ reviews, more than 28 percent of Russian companies under sanctions are manufacturing facilities, approximately 17 percent trade companies, nine percent transport companies, and three percent natural resource providers and agricultural companies. The great number of companies subject to foreign sanctions is related to OFAC’s so-called “50 Per Cent Rule”. Under this rule, any company, of which 50 percent or more in the aggregate of interests are owned by a blocked person or entity, will be blocked even if the company itself is not on the list of entities under sanctions.
The above-mentioned events have led to reduced access of Russian businesses to international capital markets. Russian companies try to seek alternatives via the government or foreign non-Western investors (e.g, Chinese investors, initially). For instance, in December 2020 the Russian government approved the list of 70 legal entities receiving Chinese investment for a total of US$ 107 billion.
The impact of further economic and political developments on the future operations and financial position of the Group might be significant.
The introduction of new regulations or the imposition of trade barriers or a new round of sanctions against Russia could disrupt the Group’s business activities or impact the Group’s customers, suppliers or other parties with which it does business, though amid fairly high crude oil prices the influence of these actions could be softened.
We consider the additional imposition of targeted personal sanctions to be the most probable of these risks facing our Group. They alone will unlikely create systemic risks and financial stability risks. Such measures could return certain private capital to Russia and put some pressure on the Russian ruble amid relatively high oil prices.
Sanctions against the corporate sector (finance, defense, oil and gas industries) would create the most serious risks for Russia’s economics and financial system. Tighter and broader restrictions concerning both the use of equipment and/or software and financial operations could lead to a heavy disturbance on the markets. The capacity to develop new fields could also be constrained by sanctions; in the longer term, as existing fields run out, the country may find it hard to maintain the current level of crude oil output and gas production.
In 2019, Ukraine and Russia widened the range of sanctions imposed on each other. In March 2019, Ukraine broadened sanctions against 294 Russian companies and 848 citizens. In response, in addition to individual sanctions against certain companies and Ukrainian citizens, Russia widened its list of restricted import goods from Ukraine, including starch, fruit-sugar, certain medical equipment, heaters, central heating boilers and certain machine-building products.
In 2020, Russia continued widening the range of sanctions imposed on individuals. In total, there have been 849 Ukrainian citizens listed for sanction, for whom economic measures were applied, including the freezing of non-cash money, uncertificated securities and assets in Russia, as well as the prohibition of their transfer out of the Russian Federation. Additionally, in November 2020, Russia extended a prohibition on the import of Ukrainian agricultural products.
In general, the most dangerous effect of sanctions lies in growing uncertainty. Uncertainty affects both short-term and long-term investment projects. This could have an adverse, material effect on the Group’s financial position and prospects.
The Group’s business depends on the levels of capital investment and maintenance expenditures by the Group’s customers, which in turn are affected by numerous factors, including the state of the Russian economy and those of other nations, fluctuations in the price of oil, taxation of the Russian oil and gas industry, availability and cost of financing, and state investment and other support for the Group’s customers and for state-sponsored infrastructure projects.
The Group’s business depends on being awarded contracts and on the renewal and extension of existing contracts. A large share of the Group’s revenue is generated by a limited number of key customers and contracts and may incur losses due to unfavourable terms of contracts with certain large customers, though the Group does not depend on any one particular client, contract or industry.
Project execution risks
Since the Group’s contracts are typically on a fixed-price basis, there are risks associated with cost overruns (especially in large integrated projects). The Group seeks to mitigate these risks through its efforts to improve profitability and cost control, in part relying on volume growth and an increasing share of high-margin integrated solutions services.
Contract execution risks
The Group systematically reviews and manages its legal risks through identifying and preventing conditions giving rise to such risks, at the pre-contractual stage of an engagement as well as at the stages of execution and any legal proceedings.
Risk formation in 2018 was stipulated by a number of reasons, both macroeconomic and contractual related to a number of projects executed by the Group.
The main legal risks which arise when contracts are executed include:
- a) The risk of non-performance of a contract by a client (in whole or in part);
- b) The risk of non-fulfillment of obligations or liabilities by third parties, responsible for delivery or production of a product’s components;
- c) The risk of a “mediator” insolvency (e., a failure to generate a cash flow in a “settlements’ chain” from client to producer);
- d) The risk of penalty, litigation or claims for a breach of the contract;
- e) Default risk (including, as a result of sanctions and/or other enforcement actions from state services); and
- f) Piracy risks.
The management of legal risks is based on expert assessment, and the identification of, monitoring of, and mitigation against risk factors are generally performed by HMS’s Legal department.
HMS’s Legal department uses the following basic strategy of risk management:
- Legal risks are identified and/or verified when potential contracts are vetted as well as through further support;
- Regarding risks (a)-(c) above: contracts execution security to guarantee adequate sources of funds to cover any breach or non-performance of the obligations of a contract, through:
- Usage of different kinds of collateral and non-material securities provided by a counterparty when entering into an agreement in the form of independent guarantees (g., banking or corporate) for advance payments/contract performance, third-party guarantees, collateral and others;
- Withholding of an advance payment until the provision of a security; if it is not provided, then payment is made after delivery; and
- Management of the “contract commitments chain” from client to producer, which assures the receipt of the relevant payment at the time of cash flow passing.
- Regarding risk (d) above: we control and identify the legally important facts and circumstances of the contract, through putting together evidential documentation (letter, acts, protocols, etc.), identified factors of contractual non-fulfillment (a customer’s fault), with subsequent claims settled through the signing of amendments to the contract;
- Regarding risk (e): we monitor changes and control deal compliance with the current legislation of the Russian Federation;
- Regarding risk (f): we carry out patent searches, due diligence, and record-keeping of intellectual activity results.
When risks occur at the level of litigation, we follow standard legal procedures and collect relevant documentation, in order to evidence the client’s breach of contract. This helps to deliver success at trial (by way of complete or partial rejection of the suit, or significant lowering of penal sanctions).
The ability to achieve the Group’s strategic goals highly depends on our most important asset — our people. We develop and remunerate our employees using leading human resources practices. In line with the Group’s growth strategy, we aim to attract talented employees from the market and continuously improve our recruitment methods.
The success of the Group’s businesses depends heavily on the continued service of its key senior managers. These individuals possess industry-specific skills in the areas of sales and marketing, engineering and manufacturing that are critical to the growth and operation of the Group’s businesses. While the Group has entered into employment contracts with its senior managers, the retention of their services cannot be guaranteed. The Group is not insured against damages that may be incurred in the case of loss or dismissal of its key specialists or managers. Moreover, the Group may be unable to attract and retain qualified personnel to succeed such managers. If the Group suffers an extended interruption in its services due to the loss of one or more such managers, its business, financial condition, results of operations, prospects may be adversely and materially affected.
Loss of key research and development employees (talented personnel with high potential and unique research and development knowledge) can reduce the organisation’s productivity. Moreover, the Group can spend considerable time and money in replacing such employees. The Group employs a proactive approach to avoid unwanted resignations. The Group is increasing its focus on approaching and retaining the right talent, using a tailored mix of financial and non-financial incentives.
Acquisitions & disposals
Since its formation, the Group has completed a number of acquisitions targeting the key players in the markets of industrial pumps, compressors, modular oil and gas equipment, and engineering, procurement and construction contracts.
Taking into account the economic slow-down and high uncertainties, insufficient demand in many segments, all of which make it difficult to evaluate potential synergies from mergers and acquisitions, the Group is not currently considering any material acquisitions in the near future, so considers this risk immaterial.
Fraud and corruption risks
Fraud and corruption are pervasive and inherent risks of all business operations. There is always some potential for fraud and other dishonest activity at all levels of a business, from that of a factory worker to senior management. Efficient operations and optimal use of resources depend on our ability to prevent occurrences of fraud and corruption at all levels within the Group.
The tightening of anti-corruption control over government-owned corporations can affect the pattern of interaction of the Group with its largest Russian customers in terms of mutual trust and confidence.
In addition, the tightening of anti-corruption control over state authorities (arrests and cases against ministers, governors and other state officials), often accompanied by media publications with political complexion, can affect mutual trust and confidence between business and state authorities.
The Group promotes ethical behaviour among its employees and maintains dedicated violation reporting channels to raise concerns within the Group through an ethics hotline available 24/7. The Group’s internal audit and/or security department perform investigations into alleged fraud and misconduct. If necessary, the results of such investigations are provided to the CEO, the Board, the management and the Audit Committee, as necessary.
As the Group operates in a number of jurisdictions around the world, the Board and senior management also put a strong emphasis on corporate compliance with applicable regulation, including anti-bribery and anti-corruption legislation, such as the UK Bribery Act.
The Group has implemented procedures to ensure that all employees are aware of the requirements of the Group’s anti-corruption policies, with a particular focus on those roles most exposed to the risk of breach.
There are several significant risks in information technology that can affect the Group, including cyber security and incident response risk, information technology resiliency and continuity risk, data management risk, and technology operations risk. The Group believes that the main risks for the Group are the risk of data loss, the risk of a computer virus epidemic or a large-scale (purposeless) hacking, and the risk of a special virus attack intended to pilfer information without detection.
The Group has developed a group-wide information security (IS) strategy and a road-map based on the audit results. The action plan was started in 2018, including the creation of an Information Security department. The Group implements measurements on ongoing basis to mitigate the risk of information security breaches, including through the development of an Information Security Policy, perimeter protection, segmentation of the network, TDS /Intrusion Prevention System, and two-factor authentication.
Legislation and regulations
Laws and regulations affecting businesses in Russia continue to change rapidly. Tax and regulatory frameworks are subject to different interpretations. The future economic direction of the Russian Federation is heavily influenced by the fiscal and monetary policies adopted by the government, together with developments in the legal, regulatory and political environment. Recent Russian government initiatives which are currently under consideration are likely to include, inter alia, significant amendments to tax law governing operations with entities incorporated in offshore jurisdictions. As a company with a majority of its operating assets located in Russia, the Group recognises that these developments may have significant implications for its business and development plans. The Group continues to monitor these developments.
The Group’s activities expose it to a variety of financial risks: market risk (including currency risk, fair value interest rate risk, cash flow interest rate risk and price risk), credit risk and liquidity risk. The Group’s overall risk management focuses on the unpredictability of financial markets and seeks to minimise potential adverse effects on the Group’s financial performance. Risk management is carried out by the Group’s finance department. The Group’s finance department identifies and evaluates financial risks in close co-operation with the Group’s operating units.
The Group does not use financial instruments for hedging or other risk management and, as a result, the Group is not exposed to risks relating to hedging.
Foreign exchange risks
The Group has no material foreign exchange mismatch. The Group operates primarily in Russia, with the majority of its revenue generated in Russian rubles. Operating costs are also mainly Russian ruble-denominated and almost 100 percent of debt is in Russian rubles.
Credit and liquidity risks
In February 2017, HYDROMASHSERVICE JSC, the Group’s subsidiary, issued 3.0 billion rubles of bonds. The maturity of the bonds was 10 years with a three-year put option and semi-annual coupon periods. A coupon rate of 10.75 percent was set for the first six coupon periods. In February 2020, the bonds were fully redeemed by the Group.
In 2020, the Group continued work with its debt portfolio.
In July 2020, the Group through its subsidiary HYDROMASHSERVICE JSC issued 3.0 billion rubles of bonds. The maturity of the bonds is 10 years with a three-year put option and semi-annual coupon periods. A coupon rate of 8.15 percent is set for the first six coupon periods. Subsequent coupon rates are to be determined in July 2023.
In October 2020, HYDROMASHSERVICE JSC issued 3.0 billion rubles of bonds. The maturity of the bonds is 10 years with a three-year put option and semi-annual coupon periods. A coupon rate of 7.95 percent is set for the first six coupon periods. Subsequent coupon rates are to be determined in September 2023.
The financial resources acquired from issuing such bonds were used for the partial refinancing of bank credits. As a result of the above actions, at the end of 2020, the Group had only 1.3 billion rubles to be repaid in 2021.
At the end of 2020, the Group accumulated 10.4 billion rubles of available cash. The Group didn’t exceed the credit limits of any of the banks during the reporting period. Considering all the above factors, the Group estimates its exposure to credit and liquidity risks as immaterial.
The COVID-19 pandemic
Starting from late 2019/early 2020, a new coronavirus disease (the COVID-19) began rapidly spreading all over the world resulting in the declaration of a pandemic by the World Health Organization in March 2020. Responses put in place by many countries to contain the spread of COVID-19 are resulting in significant operational disruption for many companies and have significant impact on global financial markets. In addition, in March and April 2020, oil prices dropped significantly, which resulted in the immediate weakening of the strength of the Russian ruble against major currencies.
The Group’s management does not expect the current operating environment to have a significant adverse impact on the financial position and operating results of the Group and the Group’s ability to continue as a going concern.