Management of the risks of fraud, corruption and conflict of interest in AST is performed in accordance with Cabinet Regulation No. 630 of 17 October 2017 “Regulations Regarding the Basic Requirements for an Internal Control System for the Prevention of Corruption and Conflict of Interest in an Institution of a Public Person” and Fraud and Corruption Risk Management Regulations No. NOP-1-024 introduced in the company.
AST has determined the requirements for its employees to agree in writing on additional work with another employer. The requirements are determined in the employment contracts and the Regulations on the Development and Movement of Personnel Documents.
Pursuant to the Basic Rules for Procurement Procedures of AST, employees of AST may not participate in the preparation of technical documentation, the work of the Procurement Procedure Commission, including to perform the duties of the expert, the evaluation of applications and proposals and the decision-making on the winner of the procurement procedure if the AST employee is:
- a current or former employee, official, participant, shareholder, procurator or member of the legal person - candidate, tenderer or subcontractor, and if this relationship with the legal person has ended within the last 24 (twenty four) months;
- father, mother, grandmother, grandfather, child, grandchild, adopted, adopter, brother, sister, step-brother, step-sister, spouse of the shareholder of a legal person - candidate, tenderer or subcontractor, who owns at least 10% (ten percent) of shares (hereinafter - relative);
- a relative of a natural person - candidate, tenderer or subcontractor.
All duties and responsibilities of employees to ensure the fair course of procurement procedures in AST are set out in the Basic Rules for Procurement Procedures of the company.
When during the assessment of risks, it is established that employees comply with the requirements for management of the risks of fraud, corruption and conflicts of interest.
When cases of fraud or corruption are identified or reasonably suspected, it is the responsibility of each employee of AST to report on the cases or suspicions of fraud or corruption, possibly stating the reasons for the identified case or suspicion.
Employees are provided with the following reporting channels: via e-mail [email protected] or on the internal intranet page of AST (in the section “Report on corrupt activities”). Protection of the identity of the whistleblower is provided for such reports.
Upon the receipt of reports on fraud or corruption incidents, the implemented risk management controls are reviewed.
In 2022, risk assessments of fraud, corruption and conflicts of interest were performed for all structural units subordinate to the Board of AST. A total of 43 structural units and 172 job groups were assessed. Identified 41 unique risks. Each job group is exposed to an average of 4-5 risks.
The degrees of risk range from insignificant to medium risk. However, in 2022 there was identified 1 high risk - Fraud and/or phishing using AST partner data. The risk is not related to the possible corruption or conflict of interest of AST employees, but to an external threat related to the increased activity of fraudsters. AST developed an Action Plan to mitigate such fraud risks.
According to the results of the risk assessment, the following risk expressions have the greatest risk potential:
- Fraud and/or phishing using AST partner data;
- Participation in procurement (procurement commission, price inquiry, decision making);
- Development, coordination and control of designing tasks, technical regulations, procurement specifications and other related procurement documentation;
- Control of fulfilment of contracts;
- Control of subordinate structural units (control of fulfilment of contracts, control of use of financing, control of execution of adopted decisions, control of work tasks, etc.);
- Calculation and calculation control of hourly, daily and monthly balances of transmitted electricity and losses;
- Calculation and control of the calculation of the daily and monthly hourly balance reports of the transmitted electricity for each merchant with which AST has a network service or balancing agreement;
- Preparation and control of daily and monthly hourly reports on the use of emergency and regulatory reserves;
- Participation in the preparation and control of land lease, encumbrance and easement agreements;
- Calculations and forecasts of payments related to the compensation of ENSTO-E transnational transit losses;
- Issuance of guarantees of origin and related data operations (registration, verification, management, deletion).
In accordance with the criteria of the Fraud and Corruption Risk Management Regulations approved by AST (hereinafter - the Regulations), 1 potential expression of high risk and 12 potential expressions of medium risk of fraud, corruption and conflict of interest were identified in 2022. The group of 68 positions was exposed to the above-mentioned 1 high-risk expressions and 12 medium-risk expressions.
For other assessed positions and groups of positions, the degree of risk, according to the criteria of the Regulations, is low or insignificant.
During the risk assessment process, in accordance with the requirements of the Regulations, the effectiveness of the existing risk controls and risk management measures was assessed. In accordance with the criteria specified in the Regulations, the effectiveness of risk controls and risk management measures is assessed in all cases as high or very high, which indicates the effective operation of the control system.
No irregularities were detected in cases of fraud, corruption or conflicts of interest in the activities of employees of AST in 2022.
Heads of departments, responsible employees, materially responsible persons are obliged to periodically or randomly carry out in-depth control over the performance of the assigned tasks, use of resources in order to obtain assurance on the proper performance of tasks and compliance with the implemented controls. Deviations established, if any, should be immediately reported.
At least once a year, all employees of AST fill in the declaration of the conflict of interest, stating that they carry out their duties responsibly and avoid conflicts of interest, as well as indicating potential situations in which a conflict of interest may arise. The information provided in the conflict of interest declarations is used to prevent a situation of the occurrence of a conflict of interest.
The relationship of employees with other companies and organisations is also monitored by using the information available in the Lursoft company database. Examination of the liabilities of employees is performed. If it is established that an employee of AST holds a senior position (owner, chairman of the board, member of the board, shareholder, etc.) in one of the companies available in the Lursoft database, then a possible conflict of interest is examined.
If there have been risk reports or incidents, changes in the internal or external environment or deficiencies in the implemented controls during the monitoring period, the risk manager shall review the risk assessment and propose the necessary risk management measures, if necessary.