Italgas has an Internal Control and Risk Management System integrated into the organisational, administrative and accounting structure and, more generally, a corporate governance system that ensures compliance with the laws and company procedures, protects the company assets and contributes to the management of activities, solidifying the accounting and financial data processed.
The Enterprise Risk Management (ERM) Department is tasked with overseeing the Group’s integrated business risk management process. The ERM activities focus on the definition of a homogeneous, transversal model for assessing the risks, identifying priority risks, ensuring consolidation of the mitigation actions and developing a reporting system.
The ERM methodology adopted by the Italgas Group is in line with the reference models and the existing international best practices (in particular, the 2017 COSO framework relative to the Enterprise Risk Management, issued by the Committee of Sponsoring Organizations of the Treadway Commission, and ISO 31000:2018). The process for the identification, assessment, measurement and management of the risks is carried out periodically, at least once a year, on the basis of the importance of the risk and any changes in context.
The activities directly involve all business departments through dedicated meetings that make it possible to incorporate updates to the information on the description, significance and management of the risks already existing in the portfolio, and the detection of new emerging risks. These activities are carried out in a way that covers the entire scope of the Group and all the potential applicable events. In order to ensure the correct assessment and prioritisation of risk events, the assessment is carried out considering the following potential types of impact: economic-financial; operative; legal, governance and compliance; environment, health and safety; reputation and market. The ERM model establishes an integrated, cross-cutting and dynamic risk assessment that enhances the management systems already existing in the individual business processes. Each risk is assessed using a specific assessment scale that sets out the thresholds of relevance for the Group and attributes a rating to each risk, thereby making it easier to prioritise them. For all risks, the risk ownerships are identified and attributed and the management strategies are defined, broken down into specific actions for dealing with the risk and establishing the relative implementation time.
With reference to strategic risks, the Enterprise Risk Management Department, in coordination with all relevant departments, carries out a specific in-depth analysis of risks, opportunities and uncertainties related to the Strategic Plan. The analysis is conducted using a proprietary Monte Carlo simulation model that uses the information gathered on risks, opportunities and volatility and on related correlations to generate a multitude of alternative scenarios for the evolution of the variables underlying the Strategic Plan and evaluates their overall impact on the value drivers. In addition, specific “what if” scenarios are identified in relation to the reference context on which the Strategic Plan is based, and the impacts that these scenarios would have on the strategic agenda are then assessed. The analysis allows estimation of the overall volatility of the defined economic and financial targets and evaluation of the level of resilience of the Strategic Plan. The “Strategic Plan” document, which has been approved by Italgas S.p.A.’s Board of Directors, contains the output of this analysis.
The Enterprise Risk Management Department draws up specific summary reports on the identification, assessment and management of the risks and shares them with the different company levels. The risks are updated once a quarter, half-year or year, depending on their relevance. The results found in relation to the main risks and related management plans are presented to the Control, Risk and Related Party Transactions Committee at each updating. Moreover, the mapping of risks and the relative management strategies are presented periodically to the Board of Statutory Auditors and the Supervisory Body of Italgas and to the Boards of Statutory Auditors and the Supervisory Bodies of the Subsidiaries.
The Officer Responsible and the Internal Audit department periodically receive the results of the risk assessments performed by the ERM unit.
The reconciliation table below shows the main risks mapped in the ERM process being monitored, the management methods and the material topics identified. It is specified that the management methods include those initiatives envisaged on the Strategic Plan that amongst others have the effect of reducing exposure to risk. The table also shows the correlation between the risks and the material topics reported in the materiality matrix. Note that the specific topic “Responsible governance and risk management” is not explained in the table as, by nature, it applies transversally to all risks.
It should be noted that, despite the mitigation actions introduced in order to monitor and prevent the occurrence of significant risks, the Company cannot rule out specific events that could lead to the recognition of liabilities in the financial statements.
Category | Risk | Description | Main methods of management | Connected material topics |
Strategic/business-related | Changes in Regulation and legislation | | Risk of changes in the regulatory and institutional context in Europe or nationally affecting the natural gas sector | Risk of penalising update of the rate of return on net invested capital recognised by ARERA according to the update of some reference macroeconomic variables | | Specific structures for monitoring regulation, legislation and their prospective development plans, including in Europe | Active participation in the consultations called by ARERA, sharing corporate positions and/or proposals for defining, updating and implementing clear and transparent regulation criteria | Active participation in consultations called by the Italian government or by European community organisations on relevant topics, including Taxonomy; | Guidance aimed at defining unified trade positions in Italy and abroad | Generation of sustainable economic value and ESG finance |
Strategic/business-related | Climate Change | | Physical Risk: increased frequency of extremely intense natural events in the places where Italgas operates (more or less prolonged unavailability of assets and infrastructure, increase in repair and insurance costs, service interruption, etc.) with a negative impact on costs, revenue and level of service | Emerging risk24: Physical Risk: increase in the average temperatures in the areas where Italgas operates with a negative impact on volumes of gas distributed and/or on the number of active re-delivery points served, with a negative impact on revenue | Emerging risk: Transition Risk: changes in the Italian and EU legislative and regulatory context in terms of greenhouse gas, with the objective of limiting emissions, for instance by introducing measures that require natural gas distributors to acquire certificates to cover emissions, with a negative impact on costs | Emerging risk: Transition Risk: technological changes that may lead to a negative impact on residential demand for natural gas with a negative impact on costs, revenue and level of expected investments | Emerging risk: Transition Risk: uncertainty of the role of natural gas in the future energy mix with a negative impact on costs, revenue and level of expected investments | | Operational countermeasures as described in the “Service continuity: malfunctioning, accidents or extraordinary events” risk | Target to reduce greenhouse gas emissions by 30% and energy consumption by 25% in the 2021-27 period | Use of Picarro Surveyor technology, currently the most advanced technology in the field of gas network monitoring activities, with significant benefits in terms of speed of execution, extent of the areas being controlled and three times greater sensitivity of detection of gas in the air than those currently used by sector operators (parts per billion versus parts per million) | Process of converting the approximately 74,000 kilometres of network into digital infrastructure in order to enable the distribution of gas other than methane, such as hydrogen, biomethane and e-gas | Development, implementation and adoption of digital applications for the remote control of network and facility construction, development and maintenance worksites | Conversion to methane of the distribution networks supplied by LPG, with resulting reduction in emissions compared to the current configuration | Actions to continuously modernise the network (investments in maintenance, replacement of cast iron pipes with mechanical joints, restoration of upright columns and brackets) | Promotion of responsible business practices, by joining the UN Global Compact and the OGMP 2.0 of the UNEP | Guidance aimed at defining unified trade positions in Italy and abroad | Active participation in consultations called by the Italian government or by European community organisations on relevant topics | Active participation in the activities of European sector associations to oversee technological changes | Carrying out energy efficiency projects through the subsidiary Seaside | Investments intended to increase the Group’s presence in the water and energy efficiency sectors | Promotion of sustainable mobility | Development of power-to-gas technology powered by renewable energy in order to produce renewable gas that can be used in the existing networks | Network and facility analysis initiatives for the evaluation of their adequacy and of interventions intended to enable the distribution of gas other than methane, such as hydrogen, biomethane and e-gas | | Energy transition and the fight against climate change | Generation of sustainable economic value and ESG finance | Safety of the networks, assets and people | Quality of service and customer satisfaction | Innovation | Corporate identity | Environmental sustainability |
Strategic/business-related | Risks associated with the development and awarding of area tenders for the gas distribution service | | Risk of not being awarded concessions in the planned areas, or being awarded con- cessions with less favourable conditions than previously | Risk of higher management costs borne by the Group with respect to its operating standards in case of concessions awarded in ATEMs (Minimum Territorial Areas) pre- viously managed entirely or partially by other operators | Risk of legal and/or arbitration disputes with possible negative effects on the business and the equity, economic and financial position of the Italgas Group deriving from the complexity of the legislation that governs the expiry of the concessions held by Italgas | Risk that the redemption value of the concessions, for which a third party is an assign- ee following the area tenders, is lower than the value of the RAB, with possible negative effects on the business and on the equity, economic and financial position of Italgas | | The existing legislation states that, in the event of failure to be awarded concessions previously managed, the outgoing operator is entitled to the redemption value for the networks it owns | Specific procedures that govern the pre-tender activities, including calculation of the redemption value, and participation in area tenders | Monitoring of legislative changes (national, regional, local) and evaluation of the potential impacts on the tender process | Planning of the Tender calendar and the bidding strategy integrated into the Group’s Strategic Plan | Critical analysis of the quality of the tender bid and implementation of improvement measures, including through use of external experts, organisations and universities | | Corporate identity | Generation of sustainable economic value and ESG finance |
Strategic/business-related | Risks related to energy efficiency certificates | Potential risk of economic loss due both to the possible negative difference recorded between the mean purchase value of the Energy Efficiency Certificates purchased and the recognised tariff-based fee at the end of each year of obligation and the failure to achieve the targets annually set | | Established a specific provision to cover the liabilities associated with the Energy Efficiency Certificates | Process for the acquisition of Energy Efficiency Certificates and the management of related obligations | Monitoring of legislative changes | Active participation in working groups and development of sector position papers with proposals for guidelines for reviewing the rules of the EEC system | Optimised purchasing strategy through access to the market, evaluation and development of any reports for bilateral agreements, periodic reporting to company management | Presence in energy efficiency sectors through the development of projects with partial reduction of the EEC short position | | Environmental sustainability | Energy transition and the fight against climate change | Generation of sustainable economic value and ESG finance |
Financial | Credit Risk | Risk of potential losses arising from counterparties failing to fulfil their obligations or delayed payment of amounts owed with negative effects on the financial results and financial position of Italgas | | Rules for user access to the gas distribution service established by ARERA and set out in the Network Codes, namely, in documents that establish, for each type of service, the rules regulating the rights and obligations of the parties involved in the process of providing said services, and lay down contractual conditions that reduce the risk of non-compliance by customers, such as the provision of bank or insurance guarantees on first request | As at 31 December 2021 there were no significant credit risks. Note that on average, 97.8% of trade receivables relating to gas distribution are settled by the due date and over 99.7% within the following 4 days, confirming the strong reliability of the customers | Analysis and monitoring of the credit portfolio | Assessments of initiatives for outsourcing to external companies specialised in credit recovery. Monthly monitoring of the activities and performance of the appointed companies | Generation of sustainable economic value and ESG finance |
Financial | Changes in interest rates, inflation and deflation | Risk of fluctuations in interest rates, impacting the market value of the Company’s financial assets and liabilities and its net financial expense. The risk that an extended period of inflation lower than the Group’s forecasts could have adverse effects in the long-term on the RAB value and expected regulated revenue. Risk of an unexpected increase in the inflation rate with possible adverse effects on expected costs | | Process for the preparation and monitoring of the financial and management plan, and control and reporting of financial risks | Financial planning activities with a time frame of 7 years, carried out annually | Maintenance of a debt ratio between a fixed rate and floating rate to minimise the risk of rising interest rates (as at 31 December 2021, 92.7% of the gross financial debt was at fixed rate and 7.3% at floating rate) | Use of a diverse mix of external financial resources (bonds subscribed by institutional investors, syndicated loans with banks and other financial institutions, in the form of medium-to-long-term loans and bank credit lines at interest rates indexed to benchmark market rates, in particular the Europe Interbank Offered Rate [Euribor]) | Monitoring of the main economic and financial indicators, including financial structure indices used by rating agencies, liquidity indicators and liquidity buffers, risk indicators of counterparty liabilities, and of certain key parameters, such as the ratio between debt and the RAB, indicators of debt mix/composition (fixed/variable, short/long, used/agreed) | Generation of sustainable economic value and ESG finance |
Financial | Liquidity Risk | Risk that new financial resources may not be available (funding liquidity risk) or that the company may be unable to convert assets into cash on the market (asset liquidity risk), meaning that it cannot meet its payment commitments. This may affect profit or loss should the company incur extra costs to meet its commitments or, in extreme cases, lead to insolvency and threaten the company’s future as a going concern | | Process for the preparation and monitoring of the financial and management plan, and control and reporting of financial risks | Financial planning activities with a time frame of 7 years, carried out annually | Adequate level of cash held in current accounts and fixed-term deposits with leading banks | The EMTN programme, in addition to funding from the banking system, which presently allows issue of the remaining bonds worth a nominal € 1.9 billion to be placed with institutional investors | Monitoring of the main economic and financial indicators, including financial structure indices used by rating agencies, liquidity indicators and liquidity buffers, risk indicators of counterparty liabilities, and of certain key parameters, such as the ratio between debt and the RAB, indicators of debt mix/composition (fixed/variable, short/long, used/agreed) | | Corporate identity | Generation of sustainable economic value and ESG finance | Sustainable supply chain management |
Financial | Credit rating risk | Risk of a downgrade in Italgas’ credit rating due to worsening in the economic and financial parameters or due to a downgrade of the rating of the Italian Republic, which, based on the methodologies adopted by the rating agencies, could trigger a downward adjustment in Italgas’ rating | | Process for the preparation and monitoring of the financial and management plan, and control and reporting of financial risks | Financial planning activities with a time frame of seven years, carried out annually | Monitoring of the main economic and financial indicators, including financial structure indices used by rating agencies, liquidity indicators and liquidity buffers, risk indicators of counterparty liabilities, and of certain key parameters, such as the ratio between debt and the RAB, indicators of debt mix/composition (fixed/variable, short/long, used/agreed) | Constant dialogue with rating agencies | | Corporate identity | Generation of sustainable economic value and ESG finance |
Financial | Debt covenant and default risk | Risk of failure to comply with financial covenants for existing loans (in some cases only when this non-compliance is not remedied within a set time period, and the occurrence of other events, such as cross-default events, some of which are subject to specific threshold values), which could result in Italgas’ failure to comply and could trigger the early repayment of the relative loan | | Absence of financial covenants and/or collateral in the loan agreements (as at 31 December 2021, there were no loan agreements with these characteristics, except for the EIB loan taken out by Toscana Energia, for a nominal € 90 million, which requires compliance with certain financial covenants) | The issue of bonds as part of the Euro Medium Term Notes programme, requiring compliance with covenants that reflect international market practices regarding, inter alia, negative pledge and pari passu clauses | Monitoring of compliance with the following types of contractual clauses: negative pledge undertakings, pursuant to which Italgas and its subsidiaries are subject to limitations regarding the creation of real rights of guarantee or other restrictions concerning all or part of the respective assets, shares or goods; pari passu and change of control clauses; limitations on some extraordinary transactions that the company and its subsidiaries may carry out (as at 31 December 2021, these commitments appear to have been respected) | | Corporate identity | Generation of sustainable economic value and ESG finance |
Operational | Anomalies in smart meter performance | Risk of increased levels of malfunctioning of remote-reading meters with lost/failed reading of the use and/or requiring replacement or regeneration | | Maintenance of an adequate provision to cover the liabilities generated by the costs arising from malfunctioning; | Issue of adequate guarantees by the suppliers of materials | “Smart Tracker” Digital Factory application for the tracking and management of smart meters throughout the entire life cycle | Plan to replace and/or repair meters with function anomalies | Operative centres for the regeneration of smart meters with anomalies | Audits on suppliers and supply tests | Updating of technical specifications, including in consideration of technological developments | Adoption in the field of smart meters equipped with NB-IoT communication technology | Project for the development of latest generation smart meters, also compatible with renewable gas like biomethane and hydrogen and patented by Italgas | | Corporate identity | Quality of service and customer satisfaction | Environmental sustainability | Generation of sustainable economic value and ESG finance | Safety of the networks, assets and people | Sustainable supply chain management | Innovation |
Operational | Service continuity: malfunctioning, accidents or extraordinary events | Risks of malfunctioning and unforeseeable distribution service disruptions from unintended events, such as accidents, breakdowns or malfunctioning of equipment or control systems, the underperformance of plants, and extraordinary events such as explosions, fires, earthquakes, landslides or other similar events beyond Italgas’ control | | Third Party Liability Insurance and Asset Protection coverage | Procedures and systems for emergency management, emergency plans with measures defined to make plants safe and guarantee service continuity | Health and safety procedures, communication campaigns, training and meetings to raise awareness of and analyse the prevention of accidents, initiatives that also involve suppliers/contractors | Integrated Centre for Supervision (ICS) active 24/7 which makes it possible to monitor the status of the network remotely using remote monitoring systems, manage requests for prompt intervention, identify the places that require intervention and monitor the progress of making conditions safe | Plant and asset safety and network monitoring systems | Digitisation of the network, for the improvement of real-time monitoring systems and predictive maintenance | Planned search for leaks using the best systems and technologies (Picarro Surveyor) and with higher levels of coverage of the network inspected on an annual basis than the standards defined by ARERA | Continuous modernisation of the network (investments in maintenance, replacement of cast iron pipes with mechanical joints, plans to clean up upright columns and brackets) | Prevention of potential damage to pipes caused by third parties (e.g. other sub-services) | Qualification procedures for third-party construction, engineering and project management companies, contractor monitoring | Digital Factory for the development of innovative solutions intended to digitise processes and improve the network operating and management activities and the quality of service | | Corporate identity | Protection, inclusion, enhancement and well-being of the human resources | Safety of the networks, assets and people | Quality of service and customer satisfaction | Sustainable supply chain management | Environmental sustainability | Dialogue and the creation of value on the territory | Energy transition and the fight against climate change | Generation of sustainable economic value and ESG finance |
Operational | Cyber attacks | Risks of cyber attacks on the IT (Information Technology), OT (Operational Technology) and IoT (Internet of Things) sectors | | Specific insurance coverage of the risks related to cybersecurity | Cybersecurity organisational and operational model | Group Policy on Integrated Security, Resilience and Crisis Management | Models and procedures for business continuity, network and information security, and emergency and crisis management | Adoption of conditional access solutions on the basis of certain risk factors (illegitimate accesses, accesses from unusual locations, etc.) and multi-factor authentication for Group employees | Adoption of security measures to protect endpoints (antimalware) and e-mail through the implementation of antispam solutions (protection of mail from spam), anti spoofing solutions (protection from attacks that impersonate the address of the sender of a communication), advanced hunting (advanced analysis to proactively verify possible threats), safe link/safe attachment (protection from harmful links and attachments present in e-mails through simulation in a test environment, sandbox) | Specific training for Group employees on cyber risks, common vulnerabilities, phishing and spam | Possibility for all Group employees to report suspected phishing e-mails (phishing alarm) to a specifically appointed team that will analyse the e-mail | Phishing simulations for Group employees intended to test and strengthen their ability to recognise malicious emails | Secure Product Development Lifecycle process which defines an operational and project approach in which the considerations and measures to prevent and mitigate cybersecurity risks are integrated from the very start of the procurement process and/or the development of hardware and software | Security measures to protect the network infrastructure from unauthorised alteration, disservices, incorrect applications and unauthorised data disclosure through firewall solutions, intrusion prevention systems, web application firewalls, anti DDoS (Distributed Denial of Service) systems, protection of internet browsing (proxy) and network segmentation | Continuous real time monitoring, through Security Information and Event Management (SIEM) solutions, of IT and OT systems aimed at identifying and correlating events on monitored devices and acting accordingly where necessary | Periodic IT and OT vulnerability assessments performed by third parties | Definition and periodic updating of contract technical specifications, including in relation to cybersecurity | Leading sector suppliers that guarantee maximum levels of security and performance, the service levels of which are defined by contract and monitored | “Cybersecurity Awareness for third parties”, with which Italgas Group suppliers must formally comply. It promotes the application of appropriate cybersecurity processes by third parties | | Corporate identity | Compliance, transparency and fight against corruption | Sustainable supply chain management | Quality of service and customer satisfaction | Safety of the networks, assets and people | Generation of sustainable economic value and ESG finance | Innovation |
Operational | Risks associated with the health and safety of people and environmental protection | | Risk of incidents and/or injuries involving employees and partner companies | Risk that Italgas may incur costs or liability, including to a significant extent, arising from any environmental damage, including in consideration of changes in legislation on protecting the environment and the possible occurrence of disputes | | Specific insurance policies for “individuals”, which cover cases of professional and non-professional accidents, and death by illness | HSEQ system in compliance with the reference standards, certified according to international legislation for aspects of health, safety, environment, quality and energy efficiency, which envisages compliance audits carried out by the certification body | Research and technological innovation and actions and projects for the energy efficiency of processes, the improvement of plant safety conditions and the environmental recovery of former manufactured gas production sites | Monitoring of HSE legislation, formation and dissemination of applicable legislative oversight | Training on HSE issues and digital management system for courses (Learning Management System) | Digital applications for reporting and recording “near misses” and for waste management | Communication campaigns and meetings to raise awareness about safety and other HSE topics for all operating units. Reward systems for virtuous operating structures in terms of health and safety | Conventions with suppliers/contractors intended to raise awareness/create alignment on HSE issues | Internal procedures that involve specific measures with regard to suppliers/contractors in case of HSEQ non-compliance and reward system for virtuous behaviour (Contractor Safety Trophy) | Compliance audits on the HSE and ISO 37001 integrated system and technical audits on suppliers and contractors during qualification and normal activities With particular reference to reclamation activities: | A specific provision has been set up to cover the estimated liabilities in relation to the formalities required by the law in effect | Reclamation process of contaminated sites, which defines the tasks, operating procedures and indications in operations of waste removal, land analysis, establishing safe conditions and/or reclamation of sites contaminated by previous activities | Structure dedicated to monitoring the design and construction phases. Audits on sites being reclaimed, carried out internally and by third parties, both during the works and for the final inspection | | Corporate identity | Protection, inclusion, enhancement and well-being of the human resources | Safety of the networks, assets and people | Environmental sustainability | Sustainable supply chain management | Dialogue and the creation of value on the territory | Compliance, transparency and fight against corruption | Generation of sustainable economic value and ESG finance |
Operational | Risks associated with human resources | Risks associated with the development of human resources, including risk of resources in key roles leaving, lack of technical and specialist know-how, increase in the age of company personnel, drop in the level of satisfaction and/or increase in workplace disputes | | Knowledge transfer system developed in the Italgas Digital Factory, which involves the video coding of operating activities and real-time instructions available via wearable devices | Refining of training processes, with a multimedia platform for planning, managing and accessing the various managerial, technical, HSEQ and digital training activities | Initiatives for the dissemination of the culture and digital knowledge (mapping of digital skills, creation of Digital Ambassadors and training on digital topics) | Personnel scouting and recruitment process, performance management system and development plans for resources with a role-specific training programme | Succession plan for senior roles | Collaborations with Italian universities intended to anticipate talent acquisition | Organisational structures dedicated to diversity and inclusion and to HR sustainability | Periodic survey on the corporate climate extended to all Group employees | System of services and welfare under constant expansion in order to intercept new requirements and expectations | Italgas Human Rights Policy | Italgas Diversity and Inclusion Policy | Mac@Italgas project to provide Italgas personnel already in possession of an iPhone or iPad with a MacBook to replace Windows PCs, guaranteeing an ecosystem capable of ensuring the simplicity of the approach to new digital solutions, driving exchange and collaboration and improving the daily experience | Smart Rotation project, the internal Italgas job posting, to foster the exchange of skills within the Group, enhancing its people and facilitating upskilling and reskilling | | Corporate identity | Protection, inclusion, enhancement and well-being of the human resources | Respect for human rights | Generation of sustainable economic value and ESG finance | Innovation |
Operational | Risks associated with the quality and level of service | Risk of non-compliance of the commercial levels of service for services to sales companies and/or risk of delayed or partial compliance with the obligations assumed, such as execution of the investments plan related to concessions involving obligations borne by the concession holder | | Continuous monitoring of Key Performance Indicators on commercial processes, alerts and communication to Territorial Hubs for activation/acceleration of territorial interventions | Ad hoc analysis of all commercial processes and development of improvement measures | Operating procedures and instructions for Commercial Management of the Service | Acceleration in improvements to the level of service driven by the digitisation of assets and processes | Surveys at sales companies | Italgas digital portal dedicated to Gas2Be sales companies, developed to strengthen the partnership, facilitate the accreditation process of the network and allow the sales companies direct and immediate access to information and news about Italgas, such as the most recent promotions launched in the territory, or about the upcoming webinars designed specifically to increase and improve the exchange of know-how between Italgas and the sales companies | Allocation to a specific business unit of the responsibility for mapping the existing concession obligations, monitoring and activating the network technical units for prompt interventions | Monitoring of the works progress on the basis of the obligations assumed | Constant dialogue with contracting parties, including in order to understand and satisfy update requirements | Salesforce (CRM) to support people working at the Italgas Contact Centre in carrying out front-end activities (Customer Service) | | Corporate identity | Quality of service and customer satisfaction | Dialogue and the creation of value on the territory | Generation of sustainable economic value and ESG finance | Innovation |
Operational | Supply chain risks | Risks associated with the availability and cost of materials, services and supplies, the operating capacity and scalability and the reputational and compliance reliability (including respect for human rights) of the suppliers and contractors of the Group | | Planning of procurement, analysis and monitoring of department KPIs | Supplier qualification process which provides for specific reputational checks, including regarding ESG and anti-Mafia checks | New digital IT4Buy platform, which improves the speed and simplicity of the supplier registration and qualification process | ESG rewarding criteria in tenders on Legality Index topics | Verification of sustainability and economic-financial requirements through recognised external providers when registering the supplier | Standardised tender processes and regulations | Supplier performance evaluation, including in terms of sustainability, integrated into the vendor management module | On-site, technical and ESG checks for the qualification purposes of suppliers deemed critical/strategic | Technical specifications being continuously updated including in consideration of the technological changes and contractual clauses that govern cases of goods and services exposed to cyber risk | “Supplier Code of Ethics”, which requires a commitment by the suppliers and is inspired, among other things, by the information set out internationally in the UN Universal Declaration of Human Rights, the Declaration on Fundamental Principles and Rights at Work and the Conventions issued by the International Labour Organization (ILO) and in the Ten Principles of the UN Global Compact, in addition to the contents of the UN Guiding Principles on Business and Human Rights and the OECD Guidelines for Multinational Enterprises | Anti-corruption Awareness Policy for third parties – request for declaration to suppliers regarding anti-corruption and/or ISO 37001 | “Cybersecurity Awareness for third parties”, with which the Italgas Group’s suppliers must comply | Renewed logistics model with Warehouse Centralisation and management of Withdrawal Points in the territories (UT) and consequent digitisation of monitoring materials in stock/transit | | Corporate identity | Compliance, transparency and fight against corruption | Protection, inclusion, enhancement and well-being of the human resources | Sustainable supply chain management | Environmental sustainability | Respect for human rights | Energy transition and the fight against climate change | Generation of sustainable economic value and ESG finance | Innovation |
Operational | Covid-19, pandemics and new diseases | Risks associated with the health crisis arising from Covid-19 and/or the spread of new pandemics or new diseases that have repercussions on health and safety, on the operating context and on the resulting economic and financial framework of reference of Italgas | | Formation of a Crisis Committee for the monitoring and management of the various phases of the pandemic | Continuous monitoring of the changes in the reference regulations and solutions for the management of the Covid-19 emergency both nationally and internationally, maintaining constant connections with the authorities, research organisations and hospitals | Adoption of the Italgas Group Protocol regulating measures to combat and contain the spread of the Covid- 19 virus in the workplace | Specific indemnity insurance policy for all employees who test positive for Covid-19 | Campaigns open to all employees for carrying out PCR swab tests, serological tests and flu vaccinations | Specific operating measures to minimise contact (e.g. smart working, starting from home for operative staff) and controls (e.g. temperature scanners upon entry, hand sanitiser towers, anti-gathering rules) | Daily monitoring of positive cases and personnel in quarantine, including through the Appointed Physicians and process for the receipt and management of reports regarding positive Covid-19 cases, which provides for the identification, contact tracing and activation of quarantine in coordination with health authorities | Periodic dissemination of the rules of conduct in connection with the evolution of the pandemic and the instructions given by the health authorities | | Corporate identity | Protection, inclusion, enhancement and well-being of the human resources | Safety of the networks, assets and people | Dialogue and the creation of value on the territory | Generation of sustainable economic value and ESG finance |
Legal and non-compliance | Risk of non-compliance and legislative changes | Risk of non-compliance with legislation at European, national, regional and local level with which Italgas must comply in relation to the activities that it carries out and/or risk of failure to intercept and transpose new regulations falling under the scope of application | | Internal control and risk management system and areas of responsibility defined in terms of compliance | Code of Ethics, Model 231, Policy for the prevention of and fight against corruption, ISO 37001 anti-bribery certification for Italgas and Group companies | Monitoring, analysis, distribution and implementation of legislative measures on topics of interest for the Italgas Group and verification of correct implementation | Training for personnel on compliance issues | Analysis and monitoring of the reputational requirements of the Group’s counterparties | “Supplier Code of Ethics”, with which the Italgas Group’s suppliers must comply | | Corporate identity | Compliance, transparency and fight against corruption | Protection, inclusion, enhancement and well-being of the human resources | Environmental sustainability | Energy transition and the fight against climate change | Sustainable supply chain management | Quality of service and customer satisfaction | Generation of sustainable economic value and ESG finance |
24 Risk for which the potential effects for the company and/or sector refer to a medium to long-term time frame.