MegaFon defines compliance as employees’ acting in accordance with the Company’s principles and standards of business ethics and integrity to protect the interests of the Company and all parties affected by its activities or decisions. Compliance requires observance of applicable Russian and foreign laws, as well as the Code of Ethics and Corporate Conduct, and other internal regulations.
MegaFon is focused on building an effective compliance framework in line with ISO 19600:2014 – Compliance management systems, while incorporating best practice, standards, and regulatory guidance.
The Company’s Compliance Policy sets out the guidelines for building a compliance framework, describes its mandatory elements, and defines its scope. Management of key compliance risk areas and identification of compliance requirements is an ongoing process at MegaFon, along with efforts to ensure these requirements are met.
MegaFon’s compliance function management and Compliance Policy implementation are driven at several levels of the organisation, including the Board of Directors, Audit Committee, Chief Executive Officer and Management Board.
Compliance risk management is part of MegaFon Group’s integrated risk management and internal control system and is an ongoing process at MegaFon, along with efforts to ensure these requirements are met.
In 2020, the Company identified key compliance areas to roll out a structured approach to managing key compliance risks. During the year, the Management Board promptly reviewed the status of the key compliance areas and made decisions related to emerging risks.
In 2021, MegaFon intends to continue enhancing its compliance framework, including improvements to existing processes and rollout of new compliance programmes, as well as promoting employee awareness and overall compliance with ISO 19600:2014.