1
2
ҚАЗ РУС ENG
Message from the Сhairman of the Board of Directors
Message from the Chairman of the Management Board
Samruk-Energy 2024 in figures
Key events of Samruk-Energy JSC in 2024
Samruk-Energy JSC Today
Strategic Report
Performance Indicators
ESG Aspects Management
Corporate Governance
Corporate governance system
Governing bodies
Remuneration
Securities
Risk management and internal control
Information security
Business ethics and anti-corruption activities
Annexes
Consolidated financial statements
Questionnaire
Download PDF

Risk management and internal control

GRI 2‑9, 2‑12, 2‑13, 2‑16

As part of the sustainable development strategy of Samruk-Energy JSC, effective risk management is an important element, enabling the Сompany to achieve its strategic goals and minimize potential threats. Risk management covers all aspects of the Сompany's activities, including environmental, social and economic components, as well as specific risks related to labour protection, corporate governance and legal aspects.

The Company adheres to international standards, including the COSO standard and the Three Lines of Defence model, which ensures a comprehensive approach to risk management. The risk management system is aimed at timely identification, assessment, management, monitoring and control of corporate risks. This process enables management to make riskbased decisions, adequately assessing their impact on the business in the short and long term. Modern risk analysis and management tools are used for effective control, which allows optimising business processes and making informed management decisions.

The main internal corporate documents reflecting the key principles and components of the risk management system and the functional responsibilities of risk management subjects include:

  • Risk Management Policy in Samruk-Energy JSC
  • Rules for identification and assessment of Samruk-Energy JSC risks
  • Regulations on the Internal Control System of Samruk-Energy JSC
Risk management and internal control system

The Risk Register and Risk Map for 2024 include 33 risks (detailed description on pp. 56–61). In 2024, as part of the implementation of the Roadmap for Improving the Sustainable Development Management System, an expanded identification and assessment of sustainable development risks was carried out. Special attention was paid to environmental, physical and transient climate risks, which were included in the consolidated Risk Register for 2025, namely:

Name of key risk Description of possible consequences of the risk realisation
Climatic physical risks
  • Direct physical damage to the asset
  • Deterioration of operating conditions
  • Increased frequency of service
  • Deterioration of working conditions of employees
  • Business interruptions
  • Floods and inundation of the territory
  • Relief change
  • Snow drifts, ice, icing
Climate Transition Risks
  • Increase in tax rates for environmental emissions and increase in the Company's costs
  • Declining climate ratings and loss of credibility
  • Changes in project implementation timeframes and/or project cost increases
  • Possibility of non-compliance with technology
  • Threat to energy security
  • Potential non-compliance with carbon intensity levels as energy consumption grows
  • Possible insufficiency of RES resources
  • Social tensions
  • Increase in costs due to changes in exchange rates
Environmental Risks
  • Increasing the rates of payment for pollutant emissions
  • Fines for violations of environmental and/or water legislation requirements
  • Negative impacts on fish populations and biodiversity
  • Degradation of catchment areas

For each of these risks, measures have been developed to manage them, taking into account possible consequences. The risk management system makes it possible to minimise the negative impact on the Сompany and guarantee high results at all management levels.

Internal control system and business continuity management

The organisation of the internal control system ensures control over core and auxiliary business processes, as well as effective response to risks. The system is oriented towards promptly informing management of significant deficiencies and areas for improvement, which contributes to increasing the transparency and sustainability of the Сompany's processes. Importantly, the Сompany's business continuity management system complies with international standards and provides for regular monitoring and testing of business continuity and recovery plans.

In 2025, the Risk Management and Internal Control department will continue to improve the system, with a focus on supporting subsidiaries and affiliates to enhance their risk resilience and ensure comprehensive continuity management.

Risk appetite and risk monitoring

The Board of Directors has set the Сompany's risk appetite, which includes restrictions on key activities. This allows for effective risk management and timely risk mitigation measures. The Сompany's risk appetite is regularly monitored and updated quarterly to reflect changes in the external environment and business realities.

Risk management action plan

We annually develop and submit to the Board of Directors for review and approval – Risk Register, Risk Map, Key Risk Indicators (KRIs) and Key Risk Management Action Plan.

As a result of the risk identification work carried out by the Samruk-Energy JSC Group of companies in 2024, 33 risks inherent to the Company's activity were identified and assessed, KPI thresholds were updated, risk factors and mitigation measures were updated by risk owners.

Based on the reassessment results, seven risks were included in the key zone of the Risk Map of Samruk- Energy JSC companies for 2024 (9 key risks in 2023).

Risk map of the Samruk-Energy JSC Group of companies for 2024 (Key risks)
  1. Risk of damage to health and life of employees in the course of fulfilment of their duties, industrial accidents
  2. Risk of accidents and disasters at work
  3. Climate risks
  4. Risks of ongoing/prospective investment projects and investment programmes of subsidiaries and affiliates
  5. Risk of asset impairment
  6. Credit risk of counterparty banks
  7. Interest rate risk
Risks of Samruk-Energy JSC and risk management measures
Description of possible consequences of the risk realisation Major changes Implemented risk management measures
Risk of damage to health and life of employees in the course of fulfilment of their duties, industrial accidents
  • Harm to the health and life of production personnel;
  • Litigation, payment of compensation;
  • Decrease in the reputation of Samruk-Energy JSC and subsidiaries and affiliates;
  • Fines for violation of the requirements of the legislation of the Republic of Kazakhstan.
 No change
  • Control over fulfilment in subsidiaries and affiliates of measures developed under the Action Plan for achieving zero injuries in the Samruk-Energy JSC Group of companies.
  • Timely provision of employees with personal protective equipment.
  • Carrying out scheduled and unscheduled on-site inspections of subsidiaries and affiliates for compliance with regulatory legal acts and internal documents in the field of occupational health and safety.
  • Control of employee training in the field of occupational health and safety, testing of knowledge of technical operation rules, safety techniques.
  • Participation in accident investigations (when accidents occur and inclusion in the commission order).
  • Control over the implementation of measures specified in accident investigation reports in the subsidiaries and affiliates that caused the accident, as well as the development of measures to prevent accidents in other subsidiaries and affiliates.
Risk of accidents and disasters at work
  • Injuries and fatalities at work;
  • Environmental damage;
  • Accidents, Failures of I and II degree according to the Rules for investigation and accounting of technological failures. Technological failures of production equipment (emergency and unscheduled repairs of the generating unit);
  • Under-supply of electric and heat energy;
  • Unscheduled repairs of equipment;
  • Occurrence of unforeseen expenses;
  • Downtime of the equipment;
  • Losses due to compensation for emergency decommissioned capacity at an electricity price higher than the selling price;
  • Lack of electric capacity reserves in the energy system of Kazakhstan.
 No change
  • Carrying out major and current repairs. Periodic inspections of the technical condition of equipment.
  • Conducting briefings and emergency drills for the operating personnel of the enterprises.
Climate risks
  • Physical damage to production assets;
  • Increasing tax rates for greenhouse gas emissions;
  • Fines for violations of legislative restrictions;
  • Disruptions in the supply chain of electricity, coal;
  • Increase in the cost and duration of investment projects;
  • Interruptions in production;
  • Flooding and inundation of territory;
  • Negative impacts on fish populations and biodiversity;
  • Degradation of watershed areas.
 No change
  • Monitoring compliance with environmental and water legislation and deadlines for submitting emission permit applications and reporting to state regulatory authorities.
  • Monitoring of greenhouse gas emission quota limit utilisation, adjustment.
  • Compulsory environmental insurance.
  • Monitoring the implementation of international standards of environmental management.
  • Monitoring of budget execution under the item of environmental protection.
© 2025 «Samruk-Energy» JSC