Annual Report for 2024 NEXT GENERATION NETWORK FOR YOUR PRESENT

Internal Control System

Kcell JSC has implemented an Internal Control Policy that defines the objectives, tasks, and structure of the Company’s internal control system (ICS), as well as the key principles for its operation. Based on this policy, the Company has also developed Internal Control System Management Rules, which outline the main objectives, responsibilities, and areas of accountability for the ICS. These rules were developed in accordance with the COSO framework and other international best practices in risk and internal control management.

The internal control model at Kcell JSC consists of five interrelated components: Control environment, Risk assessment, Control activities, Information and communication, and Monitoring. These five components are illustrated in Figure 1. For the internal control system to be effective, all components must be clearly defined and consistently applied across the Company’s operations.

As part of the Company’s internal control system, the responsible structural unit oversees the development and, when necessary, the updating of the business process classifier, the identification of key business processes, and the documentation of control procedures. This is followed by the identification of process-level risks, the development of appropriate control procedures to address those risks, and the evaluation of both the design and operational effectiveness of the controls through testing.

Annual testing plans for the effectiveness of control procedures are approved by the responsible structural unit. Kcell JSC has developed risk and control matrices covering areas such as inventory accounting, tax accounting, incoming and outgoing payments, and procurement, along with a dedicated action plan for the internal control system.