МTB Group implements ESG risk management in risk management activities on all three lines of defense. In accordance with the Risk and Capital Management Strategy, VTB Group integrates ESG risks into the risk management system through an assessment of ESG factors impact on VTB Group risks.

Factors related to the environment (E-factors), social (S-factors) and corporate governance (G-factors) have a positive or negative effect on the financial performance of VTB Group. The transmission channels of ESG factors can be:

VTB Group determines procedures for managing ESG factors in risk standards, which are developed at the consolidated level and applied by VTB Group members. They regulate the procedures for identifying, assessing risks, controlling their amount and structure, and identify effective measures to optimize and reduce risks. In addition, risk standards contain requirements for the preparation of regular risk reports submitted to the Management Board (monthly) and to the Supervisory Board (quarterly) and including ESG risk management issues.

VTB Group determines the materiality of financial risks and non-financial risks, taking into account the assessment of the impact of ESG factors. This provides a link between the degree of influence of ESG factors on the financial position of VTB Group and approaches to managing these risks and capital. VTB Group establishes a risk appetite for limiting the financing of project/ counterparties that are not in line with sustainable goals and evaluates economic capital taking into account the influence of ESG factors.

To assess the impact of ESG factors, VTB Group segments the corporate loan portfolio, focusing on the E-component. Currently, VTB Bank has developed a prototype of an ESG questionnaire and started collecting data to evaluate ESG ratings of customers.

The training on the process of integrating ESG risk management into the VTB Group risk management system was conducted in 2021. It was attended by the heads of risk management of VTB Group Companies and the heads of VTB Bank’s risk divisions.

Information about the integration of ESG risks into the risk management system — Risk management

Digital technologies permeate all realms of life and all human activities, hence they are essential for every business practice. Inormation technologies are the basis of modern products and services, and profitability, successfulness and even viability of the Bank depend on their reliability, consistency and customers’ trust.

The security of implemented technologies for the Bank and for the customers is a key factor for using certain solutions and offering specific products and services or even launching such products and services. Decisions on launching new products and services are always take into account risks of information security since implementation of new products and services entails risk of financial damage comparable to potential revenues, and the reputational damage might have adverse effect on the overall Bank’s performance.

To manage the risks of information security the Bank pursues the policy of selecting measures and means of information protection which are adequate to the purpose and area of implementation and strictly according to the Russian law, requirements and policies of regulators, contractual obligations and the best international and Russian practices in information protection.

The audit of compliance with requirements of the national standard GOST Р 57580.1-2017 «Security of financial (banking) operations. Protection of information of financial organizations. Compliance methodology» is conducted biannually.

The Bank has developed the interactive training for its employees on information security and risks, and processing of confidential data. The content is annually updated. The training is taken as necessary but al least once a year. In 2021 over 40 thousand employees took the training.