In this mandatory section of the annual report, Moscow Exchange lists potential operating risks and describes steps that the Exchange takes to monitor and mitigate them.

Political Risks

Moscow Exchange may face operating risks related to possible changes in the political and economic situation in Russia that could affect the company’s business.

To reduce political risks during the course of its operations, the Exchange monitors the political and economic situation and builds high-probability political and economic scenarios. The results of such research are later considered in the Exchange’s approved development plan and when implementing new projects.

Political and economic instability in Russia may be detrimental for businesses in the country. The Russian economy relies to a significant degree on the pricing and export of crude oil and other minerals and also on the global market environment. For instance, the global financial turmoil of 2008-2009 changed the operating environment for most Russian business entities significantly, by triggering capital outflow and a slump in manufacturing, trade and investments. Uncertainty as to the scale and duration of the current economic crisis and capital cost may affect the Exchange’s financial standing, performance and economic prospects.

Corporate Management Risks

During the course of the Exchange’s operations, corporate management risks may arise from untimely or incorrect executive decisions, delayed solutions to controversies that trigger litigation, media publications and other factors that could affect the Exchange’s business reputation.

To minimise corporate management risks, the Exchange’s internal documents set out the meeting and decision-making procedures for management regarding operational issues, with measures designed to prevent conflicts of interest and procedures to enforce such internal procedures.

Operating Risks

Moscow Exchange’s operations may be impacted by operating risks, i.e., risks of potential loss caused by mismatch with the company’s profile and scale, legal non-compliance of corporate procedures and regulations and failure of executives and employees to observe them, inadequate functionality or failure of IT and other systems used by Moscow Exchange Group, and as a result of external events.

Moscow Exchange has implemented a series of measures to improve management of operating risks:

• a dedicated subdivision to handle operating risks was established;
• operational risk across the company’s divisions was assessed;
• collection of information concerning events associated with operational risk was arranged;
• a database of operational risks was created;
• a procedure for assessing each operational risk was established and a procedure for making a decision on further actions concerning such risk was introduced. An action plan is being developed for each risk for which a resolution was made to reduce it;
• a procedure for independent control to enforce mitigation plans for identified operating risks was introduced;
• a series of personnel trainings on operational risk management was arranged.

The Executive Board considers operational risk issues on a monthly basis. Operational risks and issues, together with issues of legal, reputational and regulatory risk, are discussed on a regular basis by the Risks Commission, which reports to the Supervisory Board.

To ensure information security and integrity of business processes:

• independent audits of IT control processes are conducted;
• basic IT control processes to match international practices CobIT and ITSM are adopted;
• periodical audits in companies that purchase the Exchange’s market data are arranged;
• Information Security procedures have been considerably optimised, and preliminary work to prepare for compliance certification under IT security standard ISO27001 completed;
• an Operations Continuity and Recovery Plan for the Moscow Exchange Group’s business divisions has been drafted;
• the project of Exchange’s backup office expansion was initiated;
• certification to ISO 22301 has been prepared.

Currently, the key system availability ratio is maintained at 99.98%, which is equal or higher than that of other major international exchanges.

Regulatory (Compliance) Risks

In its operations as an organiser of trading, Moscow Exchange may face compliance (regulatory) risks, potentially leading to reputational risk. To reduce the risks related to trading parties’ or Exchange employees’ activities and to protect the rights and lawful interests of investors, the following system of measures has been established:

• creation and approval of corporate documents regulating the activities of Moscow Exchange as a trading venue, ensuring compliance with the laws, regulations and statutes of the Bank of Russia;
• creation of rules to prevent, detect, and stop unlawful use of insider information and/or market rigging;
• ongoing monitoring of participant activities on the exchange market (filing requests and entering transactions) to detect unusual events, including ones that may destabilise the market, with monitoring results submitted to the Bank of Russia;
• Anti-money laundering and terrorism control efforts;
• Anti-corruption efforts;
• Efforts to prevent, detect and eliminate conflicts of interest;
• Processing and analysis of customers’ applications;
• Establishment and enforcement of requirements to protect confidential and restricted-use information, commercial secrets and personal information to prevent unauthorised access;
• Control of access to classified and insider information, and commercial secrets strictly in compliance with regulations.

Central Counterparty Risks

One of the main credit risks to which the Group is exposed is risk associated with the performance of central clearing for members. In case of a clearing member default, the central counterparty must fulfil its obligations to non-defaulting members. Managing this risk is one of the Group’s core activities. An integrated system for monitoring and managing the risk has been developed that comprises the following:

• a division responsible for designing risk-management methodologies and procedures;
• margin requirements for clearing members’ open interest;
• the guarantee of funds to cover simultaneous defaults of the two largest clearing members;
• periodic stress tests of members’ positions to check collateral and guarantee fund sufficiency for periods of high market uncertainty;
• procedures for settlement of default situations to minimise losses;
• close cooperation with regulators (including the Bank of Russia) in central counterparty risk management.

In the event of a clearing member defaulting and insufficiency of collateral and guarantee funds, the central counterparty’s capital may be involved in paying off the defaulter’s debts

Legal Risks

In the course of its operations, Moscow Exchange is likely to confront legal risks that may affect its performance.

The list of legal risks that arise during operations of Moscow Exchange includes risks of newly enacted legal acts and other legislation that may affect professional activities on financial markets, resulting in compromised competitive ability, lost sources of revenues and other adverse outcomes for professional operations on the securities market.

To minimise legal risks, the Exchange uses the following system of checks:

• tracking of legislative bills that would regulate Exchange operations, and submitting relevant proposals;
• monitoring of changes to legal acts and regulations, and examination of international law and judicial practices in issues relevant to the operations of Moscow Exchange;
• expert evaluation of corporate documents and contracts signed for legal compliance with federal law and other applicable regulation;
• interaction with the Russian government and Central Bank of Russia on issues related to newly established requirements to regulation of exchange markets, with recommendations and explanations as required.

Credit Risks

In the course of its operations, the Exchange faces credit risks, the sources of which are:

• transactions to place available funds with counterparties, including funds deposited with other banks;
• administrative, business and other transactions with counterparties that require prepayment.

Moscow Exchange Group manages credit risks centrally, taking into consideration the credit risk profiles and risk levels of individual units in the Group.

Expert evaluation of credit risks by counterparties is based on analysis of their respective financial reports and other available information about their operations.

Methods of credit risk management include:

• setting priorities (criteria) to deposit available funds by Moscow Exchange;
• establishing limits for the deposit of funds.

Liquidity Risks

Moscow Exchange may be exposed to liquidity risk if it incurs losses following its failure to ensure full and timely performance of its obligations to participants and counterparts. Such losses may take place if available assets are insufficient to fulfil such obligations because the company’s financial assets and liabilities are inadequately balanced.

During the reporting period, the Exchange adhered to its regular, highly conservative liquidity management policy. The liquidity risk management method implied diversification across transactions maturity while placing temporary available funds.

International Business Risks (Country-Specific Risks)

Moscow Exchange has embarked upon a range of investment projects in several foreign states, and owns holdings in the assets of corporate entities (in Ukraine and Kazakhstan). Potential shift of political balance, changes in local law or deteriorating social and business climate might affect evolution and activities of these projects. To minimise the risks, it is necessary to continuously monitor the situation in the host countries of Moscow Exchange and its subsidiaries, and to ensure timely and adequate response to ongoing changes.

Risks of Force Majeure

Should they arise, emergencies (forces majeures) such as failure and/or physical destruction (demolition) of buildings, utility networks, equipment or information databases may impact the Exchange’s operations.

This may disrupt the functioning of the Exchange’s markets during emergencies.

To reduce the risk of forces majeures, Moscow Exchange does the following:

• Ensures that two IT centres are always available (main and standby), both able to support the operations of the main IT systems used to organise trading on Moscow Exchange;
• maintains an up-to-date action plan in case of need to switch to the capacity of the standby IT centre, and conducts regular drills of op­erating sequences under the plan;
• maintains redundant computer units and telecommunications equipment at each IT centre, with additional communication chan­nels also available;
• maintains project solutions built in to applied systems to ensure distribution of loads and backup at the level of access servers and main data processing servers;
• uses a computer with built-in duplicate main units as a platform for the most critical tasks;
• uses telecommunication devices with inbuilt duplicate main units;
• uses highly robust, high-redundancy equipment to store databases and other critical information;
• ensures working performance of procedures for regular (at least daily) multi-level backups for all critical data, which also provide for storage of regularly updated backup copies in specially equipped reinforced facilities (safe boxes) away from the IT centre premises;
• backs up (in special cases, with multiple copies) all internal workstations in digital data processing systems, both at main and standby computer centres;
• ensures that the rooms of both the main and standby computer centres have automatic fire fighting systems;
• maintains a 24/7 monitoring system to control computer and telecommunication resources and the condition of the rooms of the computer centres (both main and standby).

Sanction Risks:

The introduction of economic sanctions against Russia makes further deceleration of the rate of growth of the Russian economy in general and its financial sector in particular highly probable, which may have adverse implications on Moscow Exchange’s profitability. In this regards, Moscow Exchange develops efforts to preserve and ensure growth in the operating income, in particular, by offering new products and services to market participants, while controlling costs.

In addition, the risks of the U.S. and EU imposing economic sanctions on the Moscow Exchange and its subsidiaries may arise, that could indirectly affect the Exchange’s operating model and the its cooperation with foreign partners. To reduce this risk, Moscow Exchange is developing the plans for its operations under possible sanctions and is diversifying its global footprint.

There is also a risk of freezing of some of Moscow Exchange’s shares in Ukrainian companies, though the effect on Moscow Exchange’s financial standing would not be significant, given the low value of these assets.

D&O liability insurance

Moscow Exchange has signed a D&O (directors & officers) liability insurance agreement with regard to Supervisory Board members and senior managers of the Moscow Exchange Group. The insurer is AIG, one of the leading companies offering this type of insurance.

The terms of the D&O liability insurance are as follows:

1. Insurance coverage:
   • A-level coverage is for directors, officers, directors of stand-alone enterprises and independent (non-executive) directors, when the insurer indemnifies for losses of every insured person.
   • B-level coverage is for directors, officers, directors of stand-alone enterprises and independent (non-executive) directors, when the insurer indemnifies the company for losses which company paid out for insured person.
   • C-level coverage provides the company with indemnification only for claims related to securities.
2. Insurance period: from 14 February 2014 to 30 June 2015 (both dates inclusive).
3. Retroactive date: 20 June 2012.
4. Continuity date: 14 February 2013.
5. Territory covered: worldwide, including the US and Canada
6. Liability limit (including defence costs):
   • Aggregated (for all and each event insured): 50 000 000 (fifty million) US dollars.
   • At least 1 000 000 (one million) US dollars per one independent director with the aggregated limit of 10 000 000 (ten million) US dollars for all independent directors.
7. Franchise:
   • A-level coverage: not applicable.
   • B-level and C-level coverage: maximum 150 000 (one hundred fifty thousand) US dollars in relation to claims filed in the US and Canada, and 100 000 (one hundred thousand) US dollars in relation to claims filed in other countries.
8. Cost of insurance: 145 900 US dollars.