Risk Management Report

Risk Management Concept

The Board acknowledges that risk management can provide strong support and basic security for the high-quality and sustainable development of the Group. In this connection, the Board regarded risk management as a proactive measure for creating efficiencies and promoted risk management responsibilities to the Board, the management and all staff members as well as its whole business process. The Board has established a risk management structure with three lines of defence, namely “Business, Supervision and Support, Assurance”, for the Group, under which the Group has integrated risk management with its strategic goals. The Board required risk management to be “comprehensive, focused, dynamic and continuous”. As such, the Board regularly studies and clarifies the comprehensive risk indicator system in relation to the Group’s operation through the Risk Management Committee. It has also taken a dynamic approach to set up key risk checkpoints based on the changes in the Group’s internal and external environment, which will be used to monitor the management’s performance in carrying out their responsibilities in relation to dynamic monitoring and ongoing risk management and control during daily operating activities. The Board consistently works on building a “prudent, aggressive and responsible” risk culture through proactive risk management activities with a view to ensuring the high-quality and sustainable development of the Group.

Risk Management Committee

The Risk Management Committee is delegated by the Board with responsibilities to oversee the Group’s overall risk management framework and to advise the Board on the Group’s risk-related issues. The Risk Management Committee is also responsible for approving the Group’s risk management policies and assessing the effectiveness of the Group’s risk controls. The details of the terms of reference of the Risk Management Committee have been posted on the websites of the Company and the Hong Kong Stock Exchange.

The Risk Management Committee held two meetings during 2018 and focused on the discussion on the following matters:

  • reviewed the risk management reports for the year 2017 and the first half of 2018 and risk management plan for the year 2018 prepared by the Company’s Internal Audit Department in relation to the Group’s risk management framework, effectiveness of the risk management system, cybersecurity risks and the responsive measures adopted for risk control and risk management policies which govern the identification, assessment, monitoring and reporting of the major risks faced by the Group;
  • reviewed and approved the “Development of Internal Control Working System for Risk Management”; and
  • reviewed, discussed and approved the connected transactions in relation to the sale and purchase of coal futures between China Power Guorui and the subsidiaries of SPIC in June 2018, and made recommendations to the Board.


Risk Management Framework

Pursuant to the standards regarding risk management framework of the COSO (including standards being updated on an ongoing basis), the Group has established a risk management framework with “three lines of defence”:

  • 1st line of defence: Business risk management — During the course of business activities, each of the functional department and business unit, as well as personnel holding the respective business position, shall be the first responsible unit for handling matters within their terms of reference for risk identification and management.
  • 2nd line of defence: Supervision and support for risk management — The Risk Management Committee under the Board and the functional departments for risk management, including the departments responsible for the functions of internal audit, legal affairs, compliance, finance, human resources, safety and environmental protection monitoring, shall assist the front-line business departments to assume joint responsibilities for overseeing, inspecting and evaluating those works relating to the implementation of risk management.
  • 3rd line of defence: Independent assurance — The Audit Committee under the Board and the Group’s Internal Audit Department shall be responsible for auditing the results of the risk management works and issuing an audit report.


In 2018, to accommodate the needs of its strategic development, the Group has, on the basis of the existing functional departments for risk management, further optimized the setup of risk departments of its subsidiaries and established a comprehensive risk management network, through which the capability and efficiency of functional departments for risk management have been enhanced in terms of allocation of risk management resources within the Group. This also enabled centralized deployment of manpower to engage in risk evaluation works and strengthened team-building for risk management talents of the Group, at the same time solidifying the 1st line of defence on the business front.

Risk Management Mechanism and Procedures

The risk management mechanism and procedures of the Group comprise comprehensive risk management, risk management targeting major investment projects and specific risk management targeting key risk areas.

The procedures of comprehensive risk management are as follows:

Phase 1: Formulate of risk management policies, strategies and risk assessment standards — The Board shall determine risk policies in respect of the Group’s governance, culture and development strategies, and shall take these policies into consideration when determining its business targets. The Risk Management Committee shall be entrusted by the Board to determine the risk management strategy of the Group, while the Group’s Internal Audit Department shall establish common risk assessment standards and set up risk score sheet for the Group.

Phase 2: Comprehensively collect first-hand information for risk management and identify risks — Each department/business unit shall extensively and continuously collect internal and external information in relation to the risks of the Group and the risk management thereof and identify potential risks that may have an impact on the key processes of their operations.

Phase 3: Conduct risk assessment and establish comprehensive risk management ledger — Each department/business unit shall assess and score the risks identified along with their impact on the business and the likelihood of their occurrence. All risks of the Group and its subordinated units shall be recorded in the risk management ledger.

Phase 4: Risk follow up treatment and tracking of risk management ledger on a quarterly basis — Based on the assessment, each department/business unit shall propose measures for monitoring and follow up treatment of risk identified and determine the responsible person for the risk. All these information shall be recorded in the comprehensive risk management ledger and updated on a quarterly basis to ensure that the risks are controllable.

Phase 5: Risk reporting and monitoring — Each department/business unit shall monitor their own risk mitigating works and summarize and report the comprehensive risk management condition to the Risk Management Committee bi-annually, so that the Committee can keep abreast of the distribution and changes of comprehensive risks on a continuous basis, evaluate the effectiveness of the risk management works and suggest measures for improvement. The Risk Management Committee submits the risk management report to the Board annually.

The risk management procedures targeting major investment projects are as follows:

  • Project Establishment and Feasibility Study Stage: Business departments and all supporting departments for risk management shall conduct work such as feasibility study and due diligence report for their investment projects, so as to fully identify and assess the risks of the investment projects and the risk cost thereof, and put forward strategies and measures against material risks.
  • Investment Decision Stage: Before making investment decisions, the relevant departments shall prepare the risk assessment report for specific project based on the feasibility study and the due diligence report with a view to disclosing the risks of the investment project and the impact of the risk factors, and suggest preventive measures.
  • Construction Stage: The relevant departments shall conduct risk analysis on the conditions for commencement of construction, including analysis on compliance risks relating to aspects such as land, environment and energy conservation, technical risks relating to engineering design plan and risks relating to engineering management, etc.. Construction work will be commenced after establishing feasible responsive measures and passing the compliance evaluations.
  • Management through closed-loop tracking: A closed-loop tracking mechanism will be implemented for the risk analysis and evaluation conclusion for each of the above stages to ensure all risks are controllable and under control.


The procedures of specific risk management targeting key risk areas are as follows:

  • Identify and determine key risk areas: The management shall hold regular meetings to identify new and non-traditional risks arising in the course of strategic development of the Company, and commence specific risk assessment on such area.
  • Commence specific risk investigation, research and assessment: Before making investment decisions, the relevant departments shall prepare the risk assessment report for specific project based on the feasibility study and the due diligence report with a view to disclosing the risks of the investment project and the impact of the risk factors, and suggest preventive measures.
  • Compile risk assessment report and put forward management advice: The risks assessed and responsive measures thereof shall be submitted to the relevant business management department for consideration and review. The relevant business management department shall put forward management advice for responsive measures relating to mid- or high-level risks, formulate risk assessment and management report upon discussion with the functional departments, and provide guidance to the responsible business unit to commence its risk management works.
  • Management through closed-loop tracking: Risk checkpoints identified through the specific risk assessment shall be included in the risk management ledger. Through the integration of specific monitoring and dynamic monitoring, comprehensive tracking and prevention of risks shall be in place, and various requirements relating to risk management and control shall be incorporated into corporate management and corporate procedures.


In 2018, the Group has conducted specific risk assessment in areas such as management of development and construction of new energy projects, procurement of materials, engineering construction, and put forward detailed management advice. Meanwhile, it continued to build the Group’s information platform for compliance management. Information technology will be used to manage the compliance review and assurance procedures for decision-making, contract execution, procurement and capital management. In addition, the Board also continued to attach great importance to risk prevention and control in relation to information security, internet security, sharing of financial information and the relevant confidentiality, and established systems and working mechanism to track the relevant risks according to regulatory requirements on a continuous basis, thereby ensuring the material risks of the Group are controllable and under control.

Pursuant to the risk assessment for 2018, the major risks of the Group are as follows:

Description of Risks Target Risk Key Response Plan(s)
Risks relating to macro-economy - The potential downward trend of economic structural adjustment in China might lead to reduction in electricity demand.
  1. Conduct analysis and research on the supply and demand relationship in the electricity market with a view to seizing every opportunity to achieve basic electricity goals, at the same time making strenuous efforts to expand the free trade market for electricity beyond its basic electricity goals, and actively commencing work in relation to direct transaction with major electricity users.
  2. Develop integrated energy services that can provide various energy services including electricity, heat, cold energy and industrial water simultaneously to users.
  3. Actively develop intelligent energy services in the new economic zones, which are the key development areas of the Central Government.
  4. Carry out heat supply system renovations for largescale coal-fired power generating units with a view to expanding into the new market for heat supply.
  5. Actively develop emerging markets by carrying out acquisition and project investment in rapidly growing provinces.
Risks relating to policy changes - The policy changes in the electricity market were unfavourable to existing coal-fired power plants; and the policy changes in relation to tariff of new energy might affect the tariff of and subsidies for new development projects, and hence resulted in a decrease in revenue and profit. There is still uncertainty as to when the subsidies for the operating new energy projects would be in place, which have had an adverse effect on the operation.
  1. Step up efforts in the research and analysis of policies to make timely adjustments to development strategies.
  2. Acquire various incentive electricity under different new policies, including incentive electricity for reform, shut down and environmental upgrade of old power plants, so as to mitigate the operating pressure of certain coal-fired power plants.
  3. Closely monitor the subsidies for the tariff of renewable energy and timely apply for such subsidies.
  4. Strengthen the communication with local government departments, closely monitor the adjustment of policies, laws and regulations, and actively engage in policy formulation.
Risks relating to competition based on market price of electricity - With the market-oriented reform of the power industry, there were increasing numbers of electricity sales companies which ended up with more choices. Hence, the competition for electricity sales has intensified, and most of the transaction prices of electricity in the market were lower than the benchmark electricity price.
  1. Optimize the electricity customer base, secure quality and trustworthy customers and reduce malicious biddings.
  2. Strengthen the cooperation and communication among power generation enterprises to avoid vicious market competitions.
  3. Formulate reasonable tariff pricing plan to avoid electricity transactions with low margin gain.
Risks relating to construction project management -
  • In respect of project progress, as the regulatory policies tightened, there was the risk that individual project may not be completed on schedule.
  • The construction in progress failed to meet the requirement of commissioning and acceptance quality, which gave rise to the risk that the timing of commencement of production and operation of the project may be affected.
  • In respect of the safety of project construction, there was risk relating to serious personal injuries, and safety incidents will directly affect the Company’s reputation and cost of the project.
  1. Strengthen the selection of contractors for construction projects to ensure compliance with the stringent tendering process and assure that the construction quality can meet the requirements of the government based on their expertise.
  2. Strengthen the training for management and construction workers to enhance the level of safety management and the protection skills of the staff.
  3. For construction projects that involve more dangerous works, precautionary measures and pre-arranged plan for emergencies have been formulated.
  4. Strengthen the tracking and on-site inspection during the construction process, enhance safety technology briefing to ensure safety risks of the construction projects are controllable and under control.
Risks relating to production management -
  • Given the more stringent environmental protection laws and regulations, any failure to meet such requirements may result in shutdown of generating units or suspension of production, and hence increase the risks relating to production management.
  • Overhaul maintenance and repairs of major power generating units, delay of completion of technical upgrade projects, failure to meet the designed standard of maintenance and repairs may give rise to risks that facilities may be affected and unable to commence production or operation as scheduled.
  1. Strictly adhere to national laws and regulations regarding safety and health, and continue to improve the working conditions, provide employees with working tools and protective gears that are in line with safety standards, arrange various trainings and drillings on safety knowledge, safety skills and emergency situations.
  2. Strengthen the environmental management of power plants and carry out the technical upgrade for power generating units on a timely basis.
  3. Adopt digitalized management and implement standardized operation procedures for daily production of power plants to reduce the risk of human errors.
  4. Strengthen the supervision and inspection over preliminary production and ensure the responsibility of each post and each personnel is well-defined. Facilities and construction area are safely isolated when the facilities are put into test run.
  5. Strictly ensure the management over commencement and retirement of power plants, enhance the identification of production risks and formulate relevant measures.
Risks relating to cash flow - With the continuous development of the Group, there would be increase in new construction projects, investment in technical upgrade of power generating units, investment for meeting environmental compliance requirements and thus increase in indebtedness. However, with the tightened monetary policy of the central bank in the PRC, obtaining domestic financing was relatively difficult.
  1. Encourage all business units to replace existing short-term loans with mid- to long- term loans to reduce the risks relating to cash flow arising from “short-term loans for long-term use”.
  2. In 2018, the Company issued mid- to long-term notes of RMB2 billion in the PRC to replace existing short-term loans, which has further improved the proportion of long-term and short-term loans.
  3. In 2018, the Company introduced investment capitals from ICBC Financial, ABC Financial and Huabao Trust with a total of RMB4.79 billion injected into three subsidiaries of the Company by way of cash contribution. The proceeds have been used for repayment of existing debts. The leverage ratio and finance costs of the Group has been effectively reduced as a whole, which is conducive to upgrading the Group’s competitiveness and sustainability for healthy development. For details, please refer to the Company’s announcements dated 24 October 2018 and 22 November 2018, respectively.
Risks relating to compliance management - Subsidiaries in different provinces, which joined the Group as a result of acquisition by the Company, may not have sufficient understanding of the regulatory and disclosure requirements for listed companies in Hong Kong, and hence lack initiative in the compliance with regulatory rules of listed companies and may not be able to report material events on a timely basis. Thus, there was risk relating to the timeliness and accuracy of information disclosure as a listed company.
  1. Step up efforts in the promotion of the rule of law, systems and policies, and strengthen the training on regulatory rules and systems of statutory information disclosure as a listed company for new subsidiaries of the Group located in various provinces.
  2. In 2018, the Company organized two rounds of training targeting senior management and departments of subsidiaries located in various provinces on listing and regulatory rules, as well as training sessions on annual review of continuing connected transactions. Assistance was also given to the Group’s subsidiaries located in various provinces to establish positions and system for information disclosure to further enhance the awareness of compliance governance and risk prevention of the management members, and facilitate understanding of the requirements of information disclosure and compliance management for listed companies.