Environmentally friendly and trusted market infrastructure

Environmentally friendly and trusted market infrastructure

The cyber threat landscape is constantly evolving and becoming more sophisticated. Advanced cybersecurity practices are essential to the Exchange’s systematic and proactive approach to confronting and managing cyber threats, both existing and emerging. Given the crucial role that MOEX plays in the evolving financial market, it has an enormous responsibility to take the lead on cyber resilience efforts, establish trust and collaboration among participants, promote initiatives to enhance sector capabilities and increase cyber awareness.

MOEX Group believes that achieving operational resilience is critical. As a neutral trading platform and service provider, the Group must ensure trustworthiness by maintaining transparency and facilitating market access while providing quality services. The Group pays attention to the quality of information it provides, thereby creating trust among investors. The company’s security policies protect its infrastructure from different types of cyber threats. Investors appreciate the benefits of trading in a completely secure and trusted environment. Below, MOEX Group highlights the range of measures it is undertaking to ensure that its operations proceed unimpeded.

MOEX Group corporate goals relevant for this focus area and set in line with UN SDG targets
	SDG 9.b Ensure the sustainability of the financial infrastructure

Major highlights in environmentally friendly and trusted market infrastructure

Risk management

Moscow Exchange Group has successfully established an integrated risk management system

that complies with Russian regulatory requirements, as well as with leading international standards and best practices.

Role of management bodies in risk management

ESG risk management is handled by the Supervisory Board and other management bodies, such as participants in the Group’s integrated risk management system. They perform monitoring and control procedures.

The Supervisory Board of Moscow Exchange is responsible for establishing the principles and approaches of the risk management system, including approving the risk management strategy, internal documents, and policies that stipulate actions to prevent the materialisation of risks and to minimise their consequences.

The Risk Management Committee of the Supervisory Board reviews risk management reports and develops recommendations for managing individual risk profiles, analyses internal procedures and proposes measures for improving them, and monitors the reports submitted. Similar structures have been established within the Group’s companies, including the Risk Committee of the NCC Supervisory Board and the Risk Committee of the NSD Executive Board. Moscow Exchange has also created a separate structural unit that is responsible for managing the risks of the market operator.

ESG risks and their potential impact on the Group’s operations are identified annually within the Group’s integrated risk management system. Risk acceptance and pre-approval of risk management issues are submitted for discussion at Supervisory Board meetings. The Executive Board is responsible for defining the acceptable level of risk.

The Group has conducted regular training sessions for its employees to improve their risk identification skills. The sessions are part of the Development Strategy for the Risk Management System. Risk management KPIs are included in the criteria used by management for assessing employee performance.

Key risk profile

Each of the Group’s companies faces different types of risk, depending on the specific nature of their activities.

As the parent company of the Group, Moscow Exchange faces risks associated with the organisation of trading, as well as with transactions involving its own assets. The NSD, as a core element of Russia’s financial market infrastructure, faces risks in its depository activities. The key risk bearer in the Group is the NCC, which acts as a clearing house and central counterparty for all major markets of the Group and as a commodity delivery facility for the commodities market.

The Group’s financial and non-financial risk map is updated annually following the results of the risk identification procedure.

Internal audit and internal control

Moscow Exchange’s risk management system is based on the COSO principles and structured on the ‘three lines of defense’ model, which stipulates that risk management and internal control responsibilities be distributed among management bodies, business units responsible for control and coordination, and the internal audit function. The Group continues to improve its internal control system to maintain a high level of performance.

COSO Internal Control System

Line of defense	Responsibility	Units
First line of defense	Identifying, assessing and managing risks, and developing and implementing policies and procedures governing business processes	All business function staff and employees of the operating units of Moscow Exchange
Second line of defense	Ongoing risk monitoring and risk management by units as part of their functions. Infrastructure resilience issues include: Information security Compliance with legislation and internal documents Prevention of corruption and unlawful and fraudulent activities Prevention of improper use of inside information and/or market manipulation Prevention of conflicts of interest	Operational Risk, Informational Security, and Business Continuity Department Internal Control and Compliance Department Internal Control Service Security Department Legal Department Designated employees and departments of the Finance Unit
Third line of defense	Overseeing the efficiency of business activities, the management of assets and liabilities, and the effectiveness of the risk management system	Internal Audit Service Management bodies of Moscow Exchange

Compliance with international standards

The Group conducts an annual audit of its compliance with the CPMI-IOSCO Principles for Financial Market Infrastructures, the COSO Enterprise Risk Management Framework, and the Basel Committee on Banking Supervision risk management guidelines.

In 2020, NCC successfully underwent an operational audit by PwC (an international audit and consulting company) to check compliance with the requirements of the Central Bank of Russia. The audit covered the following components: management of risks of the central counterparty, assessment of the accuracy of the central counterparty model, stress-testing of risks of the central counterparty, determination of the allocated capital of the central counterparty, and recovery of financial stability of the central counterparty.

The operational audit is conducted every two years, and the most recent was conducted in March 2022.

NCC also undergoes a certification audit every three years in accordance with ISO 9001 Quality management systems (the most recent audit was conducted in 2022).

The Group’s companies have developed risk and capital management strategies. As part of its risk management strategy, Moscow Exchange Group reviews its risk appetite and risk tolerance annually in the context of the Group’s strategic objectives.

KEY DOCUMENTS:

Market operator-related risk management rules
Financial platform operator-related risk management rules
Declaration on Business Continuity
Business Continuity Policy of Moscow Exchange
Regulatory Risk Management Policy of Moscow Exchange
Personal Data Processing Policy of Moscow Exchange
Regulation on the Audit Committee
Regulation on the Internal Audit Service
Declaration on Information Security
Policy on Information Security Management of Moscow Exchange

RESPONSIBLE BODIES:

Risk Management Committee of the Supervisory Board
Risk Management Unit
Internal Audit Service
Internal Control Service

Information security

Information security (IS) means the protection of information and the equipment used to process it from accidental or deliberate interference, whether natural or artificial.

The main goal of ensuring IS is to appropriately protect the company’s business processes, as well as to minimize IS risks when organizing trading and clearing services, and when providing services on the Equity, Derivatives, FX, and Money Markets.

This goal is achieved by ensuring and continuously maintaining the confidentiality, integrity and accessibility of the company’s protected information assets.

Moscow Exchange has implemented an information security management system that meets the requirements of Russian law and complies with ISO 27001. Organisational and technical activities are continuously conducted to ensure information security and to manage IT infrastructure and information security incidents. The Security Operations Centre is responsible for monitoring and responding to information security incidents. The Group regularly conducts information security audits, intrusion tests, and anti-phishing tests to manage risks. Moscow Exchange uses its own equipment or that of a provider to protect against malicious attacks.

KEY DOCUMENTS:

Policy on Information Security Management of Public Joint-Stock Company Moscow Exchange MICEX-RTS
Declaration on Information Security
Personal Data Processing Policy of Moscow Exchange
Information Security Strategy

RESPONSIBLE BODIES:

Operating Risk, Information Security, and Business Continuity Department
Technical Policy Committee

Market access and customer experience

Moscow Exchange offers its clients information and technology services that provide real-time

market data, as well as information on trading results and indices.

It works to increase the appeal of its services on organizing trade on the commodity and financial

markets for investors and issuers.

Moscow Exchange’s technology infrastructure provides market participants with a safe and reliable environment that supports uninterrupted trading, clearing, and settlement operations. Reliability is ensured by the following factors:

high-quality risk management;
well-capitalised central counterparty and settlement infrastructure;
high standards of listing and information disclosure by issuers.

Moscow Exchange spares no efforts to ensure convenience for its customers:

develops new products, services, and ways of trading;
extends trading hours;
implements new technologies for access to trading and market data;
strengthens cooperation with other markets and exchanges.

KEY DOCUMENTS:

Listing Rules of Moscow Exchange
Clearing Rules of the National Clearing Center (JSC) for the Equity and Bond Markets
Rules of National Settlement Depository JSC

RESPONSIBLE BODIES:

Customer Service Department
Customer Support Department
Technical Access Department

Environmental efficiency

Moscow Exchange Group hosts annual events to reduce negative impacts on the environment. In its operations, the Group is guided by the laws and regulations of the Russian Federation as well as corporate standards that ensure compliance with environmental requirements.

Energy efficiency

The Group’s companies have an extensive network of server and computer equipment across two data centres. Improvements in energy efficiency are therefore largely dependent on timely upgrades to the Group’s equipment and the use of IT technologies to transmit information.

Modern equipment consumes less energy: every new generation of servers is about 2–3% more efficient than the previous one. Moscow Exchange’s Technology Policy sets timelines for the upgrade of server equipment. To reduce electricity consumption in our offices outside of business hours, hallway lighting systems, ventilation systems, and office air-conditioning systems are automatically turned off. In winter, cold air from outside is used to cool server rooms.

Climate change impact

Direct greenhouse gas emissions are emitted by the Group’s corporate vehicles and the back-up diesel generators used to create electricity in the event of emergency outages on the part of the supplier. Indirect emissions stem from the use of electricity and heat purchased from energy suppliers.

The Group’s modern fleet of vehicles is key to reducing its direct greenhouse gas emissions: most corporate vehicles were manufactured after 2014, and all of them have engines with environmental classifications of IV and V.

Water consumption and waste water disposal

Moscow Exchange Group strives to improve the efficiency of water consumption at its offices. The Group receives water only from municipal water systems. Wastewater (including from storm drains) is discharged only to municipal sewage systems, where it is treated in accordance with applicable regulations. No wastewater is discharged into bodies of water or into natural habitats designated as nationally or internationally protected areas. The Group does not operate in regions affected by water scarcity.
Air emissions

As a result of an inventory of emissions of harmful (polluting) substances into the atmosphere and their sources, it has been established that the sources of impact on atmospheric air are: emergency diesel generator sets (DGS), the operational printing station, and motor transport, including three organised sources of emissions:

exhaust and ventilation stack of diesel generator set;
tanks for diesel fuel;
equipment of the Operational Printing Unit (paper cutting, creasing, paper boring, and thermal bagging of paper products).

and one fugitive, which is exhaust emissions from vehicles entering and exiting the underground car park.

Considering that there are substances of hazard classes I and II in the atmospheric emissions, it is planned to implement methods to calculate the volume of emissions, including cases in which technological equipment operates in a modified mode for more than three months, to determine the volume of pollutants in emissions from stationary sources.

Waste management

The activities of Moscow Exchange Group generate office waste (paper, non-industrial waste, fluorescent lamps, etc.), as well as e-waste and waste associated with the vehicle fleet. The Group aims to reduce its office waste and to increase the share of recyclable waste.

For this purpose, the Group has taken the following measures:

introduction of electronic document management to reduce the generation of paper waste;
collection and disposal of used batteries;
use of bins for the separate collection and disposal of non-industrial waste.

Moscow Exchange Group does not handle waste on its own, but transfers it for treatment, utilisation, storage, neutralisation, and disposal to specialised organisations holding appropriate licences for handling waste of hazard classes III–V.

KEY DOCUMENTS:

Russian environmental legislation and standards
Waste Generation Standards and Waste Disposal Limits approved by the Moscow Department of Resource Management and Environmental Protection up to February 2023
Environmental Policy of Moscow Exchange
Moscow Exchange Environmental Monitoring and Industrial Control Programme

RESPONSIBLE BODY:

Administrative Department of Moscow Exchange

Moscow Exchange Group takes responsibility for the health and safety of its employees; it sets corresponding goals and objectives, plans and funds activities to achieve them. The occupational health and safety system of Moscow Exchange conforms to the requirements of Russian law. It covers 100% of the Group’s employees. No contractors or business partners of the Group are covered. The Group also has the Occupational Health and Safety Policy, which was approved in 2018 and lays out corporate standards for occupational health and safety.

According to the Occupational Health and Safety Policy, Moscow Exchange Group assumes the following obligations:

to comply with Russian law requirements on occupational health and safety of employees and ensure compliant working conditions;
to provide safe working conditions through consistent and continuous activities aimed at preventing accidents, work-related injuries, and work-related ill health, including by managing professional risks;
to inform all employees of any hazards, harmful factors, or professional risks identified in the workplace;
to improve the occupational health and safety management system in order to ensure it meets the Group’s needs and facilitates the professional development of employees responsible for occupational health and safety;
to provide employees with personal protective equipment, if needed;
to involve employees (or representative bodies authorized by them) in the occupational health and safety management system and collect feedback from employees;
to ensure the proper functioning all levels of control over compliance with OHS regulations;
to reinforce the personal interest of each employee in ensuring safe working conditions by increasing responsibility for compliance with OHS requirements;
to assess working conditions regularly and monitor compliance with statutory OHS requirements, including sanitary rules imposed to combat epidemics.

Evaluation of working conditions and professional risk assessment

In accordance with internal regulations, the heads of Moscow Exchange’s business units manage OHS activities. In the event of any complaints regarding working conditions (for example, lack of light, malfunctioning ventilation or air-conditioning systems, etc.), or where any occupational health and safety violations are identified, any employee can submit a request to technical support describing the problem.

In 2020, the OHS management system underwent an external audit. The audit ascertained that the system conformed to Russian law. No audit was conducted in 2021.

Occupational health and safety training

All new employees of the Group undergo compulsory induction briefings on occupational health and safety, fire safety, civil defense, emergencies, and electrical safety.

In addition, the OHS training system includes:

an interactive video course on occupational health and safety;
training and exams at a special study center;
an intranet portal where employees can review all OHS instructions and regulations and undergo online training.

There is currently no approach to OHS management for the supply chain. However, Moscow Exchange soon plans to develop a Supplier Code with an integrated approach to OHS management in coordination with its business partners.

Good health and employee well-being

Moscow Exchange Group seeks to support the good health and psychological well-being of its employees. Tips on healthy eating and living are regularly posted on the intranet. There is also a healthy food station and regular "Health Weeks".

Fruit is provided for employees at the Group’s offices, the cafeteria offers healthy food, and vending machines feature a healthy assortment of snacks.

There is a gym for employees, with cardio machines, table tennis tables, and opportunities are provided for running, swimming, volleyball, basketball, soccer, and hockey. Competitions are also held. The Moscow Exchange indoor soccer league holds a tournament every year, with teams from various investment companies and banks taking part.

In order to prevent the spread of infectious diseases, especially COVID-19, the Group’s companies take comprehensive measures to continually protect their employees. For more details, see the section "Overview of the COVID-19 response".

KEY DOCUMENTS:

Occupational Safety Policy of Moscow Exchange
Internal regulations on the occupational safety management system

RESPONSIBLE BODIES:

Personnel and Human Resources Policy Department
Group for fire safety, emergency situations and labor protection