Control and audit

Internal controls

Following an assessment of FESCO’s risk management and internal control frameworks (the Assessment) as at 31 December 2024, the sole executive body approved and implemented the 2025 Action Plan for Internal Control System Development across FESCO and its controlled entities.

In 2025, an assessment of the organisation of risk management and internal control in FESCO was conducted as at 31 December 2025 for its compliance with the Recommendations for Public Joint Stock Companies to Organise Risk Management, Internal Controls, Internal Auditing, and the Work of Auditing Committees under Boards of Directors (Supervisory Boards) (information letter of the Bank of Russia No. IN‑06‑28/143 dated 1 October 2020, hereinafter – the Bank of Russia’s Recommendations). The Bank of Russia’s Recommendations have been largely implemented, with the internal control system integrated across all Company business processes.

Internal audit has assessed FESCO’s internal control system maturity level as stable – processes are documented and standardised, with significant process risks addressed by control procedures.

In accordance with Federal Law On Joint Stock Companies and provisions of the Corporate Governance Code, the Company maintains an Internal Audit Department. This Department is functionally accountable to FESCO’s Board of Directors and administratively to the sole executive body or acting executive.

As a FESCO structural unit established by the order of FESCO’s sole executive body following FESCO’s Board of Directors’ resolution, the Department conducts internal audits of FESCO and FESCO’s controlled entities, as defined in clause 8.2.56 of the Company’s Articles of Association.

The Department is headed by the Director, who is appointed by an order of the sole executive body based on a Board of Directors’ resolution following preliminary review by the Audit Committee.

The Department consists of 14 people. In 2025, changes occurred resulting in the following structure of the department:

• Deputy Director of the Department – Head of the Centre;
• Advisor for New Assets;
• internal audit unit for processes and projects (Moscow, five employees);
• internal audit unit for Group assets in Siberia and the Far East (four employees);
• internal audit unit for capital construction projects (two employees).

The Department conducts independent, objective, risk‑based internal audits to help Company and controlled entity governing bodies maintain and enhance FESCO Group value. In its activities, the Department relies on international best practices, which are an integral part of the International Professional Practices Framework (IPPF) for Internal Auditing. The Department regularly assesses risk management and internal control system reliability and effectiveness, and collaborates with the Board of Directors, and management of FESCO and controlled entities to improve risk management, internal control, and corporate governance.

In its activities, the Internal Audit Department is guided by the Internal Audit Policy of FESCO, updated in 2025 and approved by resolution of the Board of Directors of FESCO (Minutes No. 10/25 dated 5 June 2025). Key updates to the revised policy include:

• definitions were aligned with the newly adopted Global Internal Audit Standards;
• internal consulting was introduced as an internal audit function;
• quality assurance and improvement programmes were integrated into the Internal Audit Department’s activities;
• the procedures for executing internal audit sub‑processes were revised – specifically the planning, preparation, and conduct of audits, alongside the monitoring of remediation efforts – to ensure full alignment with the Bank of Russia recommendations and the Company’s Procurement Regulations;
• the powers and responsibilities of the Audit Committee of FESCO’s Board of Directors, the sole executive body, and the Director of the Internal Audit Department were clarified.

In line with the newly adopted Policy and based on a self‑assessment of the Internal Audit Department’s conformance with IPPF standards, FESCO’s 2025 Quality Assurance and Improvement Programme (QAIP) was developed and approved. The QAIP for 2025 was approved by the Audit Committee of FESCO’s Board of Directors (Minutes No. 7/25 dated 22 September 2025). The QAIP for 2025 was 100% fulfilled.

To comply with FESCO’s Articles of Association, the Bank of Russia recommendations, and the Corporate Governance Code suggested by the Bank of Russia’s Letter No. 06‑52/2463 dated 10 April 2014, amendments were made to the Regulations on the Audit Committee of FESCO’s Board of Directors in 2025 (Minutes No. 28/25 dated 30 December 2025).

The Internal Audit Department conducts independent assessments and internal consultations based on Board‑approved work plans, completing 37 internal audits in 2025.

The Department operates without independence limitations or restrictions that would hinder its ability to fulfil statutory and Articles of Association‑mandated responsibilities.

External audit

On 30 June 2025, the Annual General Shareholders Meeting appointed B1 – Audit LLC and Pacholi LLC as the Company’s external auditors for 2025 (Minutes dated 1 July 2025). The auditors were responsible for auditing the Company’s financial and operating performance as prescribed by the applicable laws of the Russian Federation and pursuant to the contracts signed between the Company and the auditors. According to clause 4, article 5 of Federal Law No. 307‑FZ On Audit Activities dated 30 December 2008, no open tender was required to select the Company’s external auditor.

The issuer selected auditors through a tender procedure in accordance with the Rosatom’s Unified Industry Procurement Standard.