Control environment

The system of risk management, internal control and internal audit is an element of the internal control environment of OZK.


Risk management is a strategically important part of corporate governance. Effective risk management allows the company to identify risks in a timely manner, assess them, and take measures to eliminate the consequences of their implementation. The risk management system is aimed at identifying a wide range of risks and addressing them in the most comprehensive manner, which helps to reflect a holistic picture of existing risks and make the right management decisions.

Objectives of the risk management system:
  • Provide reasonable assurance of achievement of strategic and operational objectives;
  • Preserving assets and maintaining business efficiency;
  • Provide business consistency
Risk management is guided by the following principles:
  • System approach;
  • Сonsistencyof the risk management process;
  • Depth of the risk management process;
  • Completeness of the risk management process;
  • Balanced approach to risk management

The main results and conclusions of the risk management process in the company are displayed in the form of regular reporting. Regular monitoring and analysis of the status of identified risks and response measures and or control procedures for risk management ensures control over the company's risk level.


Internal control objectives:
  • Maintaining an effective internal control system in the company aimed at providing reasonable confidence in achieving the company's goals;
  • Assist the company's management bodies in the effective execution of operational activities, including by formalizing and improving the efficiency of business processes, mobilizing internal business opportunities and reserves for profit, ensuring the protection of shareholders' investments and company assets by preparing proposals and recommendations on the results of inspections carried out as part of the implementation of internal control;
  • Control over financial and economic activities of subsidiaries and affiliates within corporate control.


The main tasks of internal audit are:
  • Evaluation of the effectiveness of the internal control and risk management system at the corporate and business process levels;
  • Evaluation of the corporate governance system;
  • Management processes efficiency evaluation of OZK and the OZK Group, as well as development of recommendations for their improvement;
  • Conduct of comprehensive inspections (audits) of the activities of the inspection objects and thematic inspections of the financial and economic activities of OZK and the OZK Group.