Corporate governance in Acea
The governance model adopted by Acea complies with the recommendations of the Corporate Governance Code for listed companies and with the principles of transparency, balance and separation between guidance, management and control activities.
The Acea SpA Board of Directors establishes the strategic guidelines of the Group and is responsible for corporate governance.
Some committees have been set up within the Board of Directors (BoD) of the parent company, in line with the most recent indications proposed by the Self-Regulation Code, having propositional and consultation duties: the Audit and Risk Committee, the Appointment and Remuneration Committee and the Ethics and Sustainability Committee. Moreover, in implementation of Consob regulations, a committee has been set up for examining Party-related transactions, formed exclusively of independent directors. During the year, the Board of Directors also set up an Executive Committee in accordance with the Italian Civil Code (art. 2381) and the Articles of Association (art. 20, para. 1), composed of two independent Directors – one of whom chairs the Committee – and the Chairman and Chief Executive Officer of Acea SpA. This body exercises powers relating to institutional affairs, sponsorships and donations, to be managed in accordance with the budget established by the Board of Directors. The methods of exercising these powers are governed by specific regulations approved by the Board of Directors.
Lastly, the Board of Statutory Auditors performs supervisory duties, according to the traditional model in force.
CORPORATE GOVERNANCE COMMITTEES
The Audit and Risk Committee helps defining the guidelines for identifying, assessing, managing and monitoring the main risks for the Group companies, including risk becoming significant with a view to medium/long term sustainability, establishing compatibility criteria for such risks and supporting, subject to appropriate preliminary activities, the evaluations and decisions of the Board of Directors with respect to the internal auditing and risk management system. The Committee gives a prior opinion to the Board with regard to the annual approval of the activity plan prepared by the Head of the Internal Audit Function and provides its own opinion on any proposals for the appointment, removal and remuneration of the above, while monitoring the Function’s independence, efficiency and performance.
The Committee is also responsible for assessing, together with the competent Acea Function, having consulted with the statutory auditor and Board of Auditors, the correct use of accounting standards implemented in order to draw up the consolidated declaration of a non-financial nature as per Legislative Decree 254/2016. Finally, regarding matters of competence, monitor the adequacy of the Code of Ethics and its effective implementation. The Committee reports to the Board of Directors at least on a half-yearly basis concerning the completed activity. In 2018 it met 13 times.
The Appointment and Remuneration Committee provides opinions to the Board of Directors regarding its composition (size, adequacy of skills, compatibility of positions) and recommends the policy for remuneration of Directors and Executives holding key positions depending on strategic goals and the risk management policy. In this regard, it submits recommendations for performance goals related to variable remuneration. Monitors the application of the decisions adopted by the Board on remuneration policy, checking, in particular, on the effective achievement of the performance targets. The Committee met eleven times during 2018.
The Ethics and Sustainability Committee provides the Board of Directors with advisory and proactive support in the areas of corporate ethics and environmental, social and governance issues. The Committee’s duties include among other things: supervision on the matter of sustainability linked to exercising corporate activities and the dynamics of interaction with the stakeholders; examination of the Sustainability Plan guidelines and monitoring of the implementation of such Plan once approved by the Board of Directors monitoring of the adequacy and implementation of the Code of Ethics. The Committee was also recently assigned responsibility for the promotion of a culture of diversity and fighting discrimination in the company. The Committee reports to the Board of Directors at least on a half-yearly basis concerning the completed activity. In 2018 it met eight times.
The company is managed by the Board of Directors (BoD), which has between 5 and 9 members depending on the decision of the Shareholders’ Meeting. The members of the BoD — the process of identification and appointment of which is governed by Acea’s Articles of Association according to the provisions of the applicable law — remain in office for three financial years and can be re-elected. The method used for their selection is able to guarantee the representation of the genders, appointment of an adequate number of Directors representing the minorities and the required number of Independent directors pursuant to law 19.
The Board in office, appointed by the Shareholders’ Meeting of April 2017, is composed of 9 directors, 3 of whom are women. In June 2018, following the resignation of the then Chairman of the Board of Directors of Acea SpA, the Board of Directors elected Michaela Castelli as Chairwoman. The other two female Directors were also attributed the Chairmanships of the Audit and Risks, Appointments and Remuneration, and Ethics and Sustainability Committees.
The Board of Directors met 12 times during 2018. The Chief Executive Officer is the only executive Director.
19 - Pursuant to art. 147 ter., para. 4 of Legislative Decree 58/98, so-called Finance Act (TUF), the minimum number of independent Directors must be 1 in the case of a BoD up to 7 members, 2 in the case of BoD exceeding 7 members. During the year the BoD verified that the Directors met the conditions required to qualify as independent. As at 31/12/2018, 6 directors are effectively independent.
In accordance with the Code of Conduct for listed companies, Acea carries out a board evaluation annually, availing of an external advisor in order to assess the dimension, composition and function of the BoD and its internal Committees, as well as the issues subject matter of discussion.
The Report on corporate governance and shareholders’ structure, available on the institutional website (www.gruppo.acea.it), provides detailed information about the Directors of Acea SpA: curricula, qualification of independence, presence in meetings of the Board and the Committees of which they are members and any positions in other companies.
THE ROLE AND POWERS OF THE BOARD OF DIRECTORS IN ACEA
The duties lying with the Board of Directors pursuant to the law provisions, the Articles of Association and in compliance with the recommendations provided in the Code of Conduct include:
- outlining the company’s general and strategic policies as well as guiding lines; coordinating the economic and financial operations of the Group by approving business plans, including financial plans, investment plans and annual budgets;
- defining the nature and extent of risks consistent with the strategic goals of the company, including in such assessments, all risk which could become significant with a view to sustainability in the medium/ long term of the issuer’s activity, for this purpose defining the guidelines of the Internal Control and Risk Management System;
- approving and amending internal regulations with regard to the general organisational structure of the company;
- establishing the Committees required by the Code of Conduct and appointing their members;
- adopting Organisation, management and control models as pursuant to Legislative Decree no. 231/01;
- assessing the adequacy of the organisational, administrative and accounting structure of Acea and its key subsidiaries;
- interacting with the shareholders and undertaking initiatives aimed at increasing their engagement and enabling them to exercise their rights smoothly;
- evaluating the independence of its non-executive members at least on a yearly basis.
FUNCTIONS OF THE CHAIRMAN, CHIEF EXECUTIVE OFFICER
The Chairman is the legal representative of the company and is vested with powers of signature. He/she also has the power to call and chair the Board of Directors and Shareholders’ meetings.
The Chairman’s duties include: overseeing the Group’s activities and checking the enforcement of board resolutions and corporate governance regulations; monitoring business activities and processes with reference to delivered and perceived quality as well as activities related to corporate social responsibility. Lastly, the Chairman shall supervise corporate secretariat operations of the parent company. Finally, one of the powers entrusted is the chairmanship of the Tenders Supervisory Committee.
The Chief Executive Officer is entrusted with the ordinary business of the company, vested with powers of signature, he/she is the company’s legal representative and is authorised to represent the company in dealings before the courts of law. He/she shall also discharge such other duties as may be entrusted pursuant to the law provisions and the Articles of Association. His/ her terms of reference are based on long-term plans and annual budgets approved by the Board of Directors. Moreover, he/she ensures and monitors compliance with operational guidelines, implementing organisational and procedural changes to the Parent Company’s activities consistent with the guidelines issued by the BoD.
The current Chief Executive Officer, in addition to being identified by the Board of Directors as the Director in charge of the Internal Control and Risk Management System, also performs the duties of Head of the Foreign Industrial Area and Business Development Strategies.
The Chairman and the Chief Executive Officer report at least quarterly to the Board of Directors and the Board of Statutory Auditors on the general operating trend and outlook.
The Chairman and the Chief Executive Officer may jointly implement, if necessary, acts reserved for the Board of Directors concerning contracts, purchases, participation in tenders, issue of sureties, appointment of members of the Board of Directors and Boards of Statutory Auditors of the most significant subsidiaries and affiliates when the urgency of the matter does not allow their convocation, informing the Board at its first subsequent meeting, which shall verify the legitimacy of such operations.
In accordance with current legislation, the Ordinary and Extraordinary Shareholders’ Meeting may be convened both by the Board of Directors and at the request of shareholders representing at least 5% of the share capital. Furthermore, in compliance with such provisions, the shareholders representing at least 2.5% of the share capital may request that additional matters be discussed by either recommending additional topics or submitting resolution proposals for matters already included in the agenda.
Shareholders are encouraged to attend by ensuring appropriate operating conditions: technology-based interactions are envisaged (electronic notice of proxies; notice of call posted on the website).
Moreover, prior to the date set for the meeting, the shareholders may (even by email) submit enquiries regarding topics on the agenda. There are no shares with limited voting rights or absent of such right 20.
Except for the shareholder Roma Capitale, restrictions shall apply to the voting right of shares exceeding 8% of the share capital, as laid down by the Articles of Association. Neither shareholders’ agreements nor special rights of veto or in any way affecting the decision-making process exist other than as a result of the equity interest held.
The Parent Company has a number of Company Committees that operate on a continuous or periodic basis. These are set up with technical and advisory functions that are carried out in synergy, facilitating decision-making processes and increasing the ability to respond to emerging problems promptly and in a coordinated manner.
These are the Management Committee, made up of the heads of the Parent Company who report first to the Chief Executive Officer, the Business Review Committee for the analysis of data and economic-financial performance, and ad hoc committees on specific operational areas: the Public Lighting Committee, the Private Electricity Grid Committee, the Group’s Water Company Committee, the Aqueduct Development Committee and the Treatment Development Committee.
Furthermore, in 2018 the Business Strategy Committee was also set up to analyse the possibilities of developing core and non-core activities in Italy, and the Post Audit Committee was set up to analyse the corrective actions taken to overcome any critical issues identified in audit reports. These Committees, chaired by the Chief Executive Officer of the Parent Company or by the Managers of the relevant business areas, are attended by the Managers of the Industrial Areas and Functions of Acea SpA. If necessary, additional company professional resources with specific skills will be involved. The matters dealt with may be the subject of reports to the Board of Directors.
It should also be noted that in 2018 the Tenders Supervisory Committee was set up at the Parent Company. This body, which reports to the Board of Directors on the activities carried out and is made up of, among others, the Chairman and the Chief Executive Officer, is responsible for monitoring the application of current legislation and company procurement procedures; identifying and monitoring the progress of the tender procedures and the execution of the Group’s most significant contracts in terms of economic value, strategic value and executive risks, informing the company bodies of new tenders and potential risks and impacts on existing and planned tender procedures.
PROCESS FOR SETTING EMOLUMENTS FOR THE TOP MANAGEMENT
A remuneration policy is in place in Acea concerning top management, directors tasked with specific duties and executives holding key positions.
The remuneration system regarding these individuals is based on a clear and transparent process, with a key role being played by the Appointment and Remuneration Committee which formulates proposals regarding the remuneration Policy and the Board of Directors of the company which approves them. The role of these two main corporate governance bodies ensures the observance of rules which favours a consistent Policy, avoiding conflicts of interest and ensuring clarity through adequate information.
The Shareholders’ Meeting may set the fixed emoluments of the Board members throughout their term of office and, furthermore, issues a non-binding resolution on the Policy pursuant to Article 123-ter, paragraph 6, of the Finance Act) on remuneration. In relation thereto, the remuneration was confirmed for the Board members, as established by resolution of 5 June 2014 whereas, in exercising its competence in setting the payments for the Directors vested with special offices, the Board of Directors resolved on the retributive references for the Chairman and the Chief Executive Officer throughout their term in office. For further details, see the Remuneration Report Financial Year 2018 available on the website www.acea.it.
20 - With the exception of 416,993 own shares (corresponding to about 0.2% of the total shares) for which the right of vote is suspended pursuant to art. 2357-ter Civil Code. See also the Report on corporate governance and the shareholders’ structure 2018.
Acea’s Internal Control and Risk Management System (SCIGR), an essential element of the Group’s corporate governance structure, consists of a set of rules, policies, procedures and organisational structures whose objectives are:
- identify the risks that can affect the pursuit of the objectives defined by the Board of Directors;
- encourage the taking of conscious decisions that are consistent with the company’s objectives, within the framework of a widespread knowledge of the risks and the level of propensity for them established by the Board of Directors, legality and company values;
- safeguard the company’s assets, the efficiency and effectiveness of its processes, the reliability of the information provided to corporate bodies and the market and compliance with internal and external regulations.
2018 saw the completion of the process of revising the various elements of the SCIGR that had begun last year, leading to the definition and approval of the new Guidelines, the Mandate of the Internal Audit Function that defines, on the basis of professional standards, the scope, tasks and role of the Function and the new version of the Code of Ethics (see the dedicated box).
THE NEW ACEA CODE OF ETHICS
The Code of Ethics is a public statement of Acea’s commitment to conducting a business that respects ethical principles and shared values, taking into account the legitimate interests of the company itself and all stakeholders, including the natural environment.
The Code defines a system of values and rules of conduct for the performance of corporate activities that strengthens the Group’s identity and manifests it externally, in the belief that this system of values contributes to the achievement of expected results and the creation of value in the medium to long term. During 2018 the Code was updated through a joint effort of company departments and external experts, seeking to combine the company’s identity values with the needs determined by the new strategic objectives that Acea is pursuing and by the dynamic nature of the market.
Some of the aspects that have been introduced or strengthened include: the provision of a method for updating the Code that is open to the active contribution of all stakeholders, to identify deficiencies or points of improvement; the prevention and combating of corruption through the adoption of a management system compliant with UNI ISO 37001 “Anti-Bribery Management Systems” and specific controls; the promotion of diversity and surveys to monitor organisational well-being; the introduction of the precautionary principle in the event of potential danger to health and the environment; the commitment to manage production processes by making the most of the circular economy.
The new text of the Code of Ethics, available on the intranet as well as on the website www.gruppo.acea.it, was approved by a resolution of the Board of Directors in July and brought to the attention of all employees.
The SCIGR Guidelines, adopted by the Acea Board of Directors in February 2018, taking into account the recommendations of the Corporate Governance Code of Borsa Italiana and drawing inspiration from existing national and international best practices, in particular the COSO - Internal Control - Integrated Framework (Committee of Sponsoring Organisations of the Treadway Commission), are intended to:
- provide guidance for the various subjects in the SCIGR, so as to ensure that the main risks pertaining to the Acea Group – including those regarding sustainability in the medium-long term – are correctly identified as well as adequately measured, managed and monitored;
- identify the principles and responsibilities of the governance, management and monitoring of the risks connected to the company’s activities;
- provide for activities of control at all operational levels and clearly identify tasks and responsibilities in order to ensure coordination between the main subjects involved in the SCIGR.
Risk management is a cross-cutting process with widespread responsibilities involving all the parties of the company in various ways: the Board of Directors and the Board Committees, the Director in charge of the SCIGR (who is also the Chief Executive Officer), the Board of Statutory Auditors, all the managers and employees, the Manager in charge, the second level Supervisors, the Supervisory Body, the Internal Audit Function.
CHART NO. 10 - THE FLOW OF THE SCIGR
CHART NO. 11 – THE KEY PLAYERS OF THE IARMS
The monitoring and management of risks which, in special circumstances, can also be significant for the purposes of committing crimes, is entrusted to corporate structures having the duty to realise and adopt specific audit models. Among these we note:
- the Guidelines of the “Control Model pursuant to Law 262/05” that, together with the “Regulations of the Manager in Charge”, have the objective of defining an effective Internal Control System for the Group’s Financial Report;
- the “Privacy Governance Model”, adopted with the aim of ensuring the application of the GDPR (EU Regulation 2016/679 General Data Protection Regulation) and other national and European provisions on the protection of personal data (see the dedicated box);
- the “Antitrust Compliance Programme”, adopted with the aim of strengthening internal controls to ensure compliance with antitrust regulations and encourage the development of a corporate culture for the protection of competition and consumers (see the dedicated box);
- the model dedicated to monitoring risks associated with safeguarding health and safety and the workplace, implemented in conformity with the international standard OHSAS 18001, having the objective of reducing risks linked to corporate activities, applying policies of prevention and continuous improvement;
- the model dedicated to monitoring environmental risks, implemented in conformity with international standard ISO 14001, having the objective of reducing the environmental impact of the activities by applying policies and protocols of management and continuous improvement;
- the organisational control of Cyber Security, with the mission of defining the guidelines on computer safety aimed at ensuring confidentiality, integrity and availability of data, in line with current regulations and having the function of steering and controlling the entire Group; (see also the chapter Institutions and the company, in particular the sub-paragraph Protection of assets and management of internal risks).
A specific Operating Instruction on the Information Flows of the Internal Audit System identifies the corporate structures which are to perform second-level supervising tasks in respect of some typical risks and provides instruction on how to prepare an appropriate periodic report to be submitted to top management and governance bodies reflecting the supervisory tasks performed.
UPDATING TO THE EU PERSONAL DATA REGULATION (GDPR)
In light of the entry into force of the European Regulation 679/2016 on the protection of personal data (General Data Protection Regulation - GDPR) and the Italian legislation implementing it (Legislative Decree no. 101/2018 amending Legislative Decree no. 196/03), Acea has launched an adaptation programme in order to identify – with a priority of core processes – the steps necessary to achieve the highest possible compliance and to equip itself with an Acea Privacy Governance Model.
The discipline introduces the figure of the Data Protection Officer (DPO) – a professional who is an expert on privacy, information security, information technology and business processes – as a supervisor with the task of supervising and verifying the effectiveness of the measures that the Data Controller – the company – has drawn up, implemented and disseminated. As required by the regulations, the Acea Chief Executive Officer has appointed an internal employee having the requisites and skills required as the Group’s DPO with the concurrent establishment of an ad hoc organisational structure (DPO Office) reporting to the Risk & Compliance Function and the CEO in the performance of the tasks assigned.
The Top Management approved a Governance Model that provides for the identification of key figures for compliance within the Functions and Companies of the Group and externally, with clear obligations of compliance to ensure the conformity of the monitored processes. A group of persons has also been identified, the “privacy watchdogs”, who act as a point of reference within the organisation for the management of aspects relating to privacy and as a point of connection with the DPO Office.
The updating programme was articulated in several initiatives and activities carried out in parallel, including: the mapping of company processes and the drafting of a first model of Processing Register; the definition of a risk analysis and assessment model and the creation of a first DPIA (Data Protection Impact Assessment); the drafting, approval and publication of the body of procedures supporting the activities; the dissemination of the instructions given by the Data Controller to the Process Owners (former Internal Processors) and to the authorised persons (former Appointees); the implementation of standardised procedures for the management of requests from data subjects and the performance of related activities; the issuing of opinions and instructions on the privacy impacts of company processes either ongoing or in the planning phase (Privacy by Design); the identification of responsibilities and the issuing of the relative procedures/operating instructions for the management of any episodes of personal data breaches; the updating of the legal framework on the entire company (contractual, procedural and notice templates); awareness-raising and staff training activities and the launch of related programmes to ensure the involvement of the various groups within the company (Process Owners, designated persons, Privacy Officers, Functions with a higher impact for monitoring core processes, Information Technology, etc.).
ANTITRUST COMPLIANCE PROGRAMME
The evolution of the competitive environment in the markets in which the Acea Group operates requires growing attention to the issue of compliance with antitrust law and consumer protection regulations.
During the year, the commitment in these areas was strengthened through the adoption via resolution of the Board of Directors of a specific Antitrust Compliance Programme – with the approval of two management regulations and the appointment of an Antitrust Manager – for the Parent Company and its subsidiaries, which will have to ensure its implementation according to their activities and the markets in which they operate.
The adoption of the Programme was preceded by the mapping of sensitive areas and processes and by an assessment of the risk of committing offences that enabled the preparation of an organisational oversight model designed on the basis of the specific characteristics of the Group. Widespread training and awareness-raising activities were also carried out for the personnel. The main objective of the programme is to strengthen internal controls aimed at preventing the violation of regulations through the implementation of regulatory and organisational instruments, as well as through a more widespread dissemination of the culture of respect for the principles of fair competition and consumer rights.
Within the framework of the internal control and risk management system, Group companies have also adopted their own organisation, management and control models pursuant to Legislative Decree no. 231/2001 (231 Models) in order to prevent the risk of certain crimes or administrative offences being committed in the interest or to the advantage of the entities by top management or entities subject to their management or supervision, which may give rise to the administrative liability of the entities themselves.
The drafting of these Models is preceded by a careful mapping of the company areas exposed to the risk of committing crimes, including those related to legislation on corruption, health and safety at work and the environment, on the basis of which sensitive activities and offences that could be committed are identified. The Models are periodically updated in order to adapt them to any changes in the internal organisation and activities carried out or with respect to the predicate offences referred to in the legislative decree, as well as with the aim of making them more clear and effective in the event of significant violations or circumvention of the provisions contained therein.
The Supervisory Body (OdV), as an expressly designated body, has full and autonomous powers of initiative and intervention and control with regard to the effectiveness and observance of the 231 Models, it continuously monitors activities sensitive to the commission of the crimes indicated by the oft-mentioned legislative decree.
For Acea, the adoption of ethical principles relevant to the prevention of crimes pursuant to Legislative Decree no. 231/2001 is an integral part of the internal control system. To this end, the rules of conduct set out in the Code of Ethics represent the point of reference for all those who must abide by it in the performance of company activities.
In 2018, following the legislative changes introduced in the last quarter of 2017, the Group’s subsidiaries updated their 231 Models.
Furthermore, in October work was started on updating the Parent Company’s 231 Model.
The Internal Audit function is responsible for carrying out the controls envisaged in the Audit Plan, approved by the Board of Directors, subject to the opinion of the Control and Risk Committee and drawn up on the basis of the analysis and prioritisation of the main risks of Acea and its subsidiaries, starting with all the processes identified during the Risk Assessment and the results of the monitoring carried out by the corporate functions responsible for second-level controls.A
During the year in question, about 50% of the Plan activities concerned corporate processes deemed as exposed to the risks as per Legislative Decree no. 231/01, amongst which the crimes regarding corruption and the environment, as well as those in violation of injury prevention laws and the laws safeguarding health at the workplace. The processes that are audited and at risk of corruption are as follows: “Sponsorships”, “Personnel selection”, “Purchasing”, “Finalisation of work contracts”, “Finalisation of services” and “Incentives for electricity produced by plants using renewable sources”.
As required by the professional standards of the Institute of Internal Auditors (IIA), the specific fraud risks of the process analysed and the operation of the related controls are considered, assessed and tested in the context of the various audits. With reference to fraud detection activities, 5 Fraud Key Risk Indicators have been adopted for the purchasing area, analysed every six months by the Function.
REPORTS RECEIVED RELATED TO THE CODE OF ETHICS
Acea has adopted a procedure that can be followed by both employees and external parties for the reception, analysis and processing of reports – so-called “Whistleblowing” – relating to any failure to comply with the law, internal rules and the Code of Ethics, as well as issues relating to the Internal Control System, corporate notices, the administrative responsibility of the company (Legislative Decree no. 231/01), fraud and conflicts of interest.
This procedure requires an assurance of the maximum level of confidentiality and privacy in the processing of communications received, protecting those voicing their concerns and those responsible.
The Audit Function is responsible for acquiring, registering and ascertaining the existence of violations and analysed 8 cases of presumed violations of the Code of Ethics in 2018, also in coordination with other competent corporate Functions. Of these, 3 were traceable to cases of a technical/commercial nature and the significance thereof for the purposes of the prescriptions of the Code of Ethics was excluded.
The remaining 5 cases concerned article 14 of the Code of Ethics “Management, employees and collaborators”. The Internal Audit Function prepares periodic reports on the progress of the reports and the main findings are addressed to the Control Bodies.
INTEGRATED RISK ANALYSIS
In order to promote an integrated view of the risk profile and the proactive management of the risks themselves, associated with the many business processes, Acea has launched the ERM Programme, based on the recent COSO framework “Enterprise Risk Management (ERM) - Integrating with Strategy and Performance”, aimed at representing the nature and level – in qualitative terms – of the main risks that may jeopardise the achievement of industrial planning and sustainability objectives, as well as directing the development strategies of a mitigation plan, where necessary.
According to the ERM programme, risk management in the Acea Group is a structured and continuous process, carried out in order to treat the risks of the entire organisation in an integrated manner, in line with the propensity to risk expressed, in order to guarantee management the information necessary to take the most appropriate decisions for the achievement of strategic and business objectives, for the safeguarding, growth and creation of company value (see also the dedicated box).
The methodology implemented and the support tools developed to allow a consistent representation at a Group level when identifying and assessing the severity of risks have taken into account the main sustainability issues both in the classification of sources of risk (“suffered” risks) and in the type of object potentially affected by the risk, understood as economic/financial, technical/production, natural, intellectual, human and social/relational capital (“generated” risks).
The results of the ERM Programme are also taken into account when planning actions to address risks and seize opportunities for Acea Group companies that implement management systems that comply with the new ISO 9001:2015 and ISO 14001:2015 standards.
PROGRESS OF THE ERM PROGRAMME
The data collected under the ERM Programme have been reclassified by ESG (Environmental, Social, Governance) topics in light of both Legislative Decree no. 254/2016 and the “Acea material topics” (see also the chapter Disclosing sustainability: methodological note) and have made it possible to identify in this first application the sources of risk – expressed by the risk owners – that could most affect the execution of the strategy and the management of the business.
In particular, considering the Industrial Segments the Group’s businesses are involved in, though the boundaries cannot be considered to be well defined, the following main findings should be noted:
ENVIRONMENTAL: the topics of efficient use of water; water saving and reduction of losses and protection of drinking water quality are of decisive importance for the Water Industrial Segment, both in the phases of plant acquisition and for operations, in the process of defining and executing industrial investments and in the correct planning of design and works management and network monitoring activities, in order to pursue the effectiveness and efficiency of operational management (see the chapter Institutions and the company, in particular the sub-section Operational risk management for the protection of the common assets). On the subject of waste recovery and circular economy, the Industrial Environment Segment has an impact on waste treatment, recovery, valorisation and disposal operations, as well as the management of sewage sludge for compost production.
SOCIAL: with regard to listening, involvement, stakeholder awareness and relations with the local region, the Industrial Water, Energy Infrastructure and Environment Segments are impacted due to the peculiarities of the respective businesses managed, where relations with the competent bodies are of fundamental importance in order to issue the concessions and/or authorisations necessary for the management of the plants and the realisation of investments, as well as the relationship with the social context in which the company operates due to pressure and possible opposition from committees, consumer organisations and users.
The Industrial Water and Commercial and Trading Segments are impacted by the issue of customer focus. In their interaction with the customer/user, on the one hand they aim to improve the technical and commercial quality of the service, and on the other hand they formulate marketing policies through competitive commercial offers and an adequate presence in the territory with their own sales outlets in order to fully satisfy the customer’s expectations. The sustainable management of the supply chain has a cross-cutting impact on all Industrial Segments because suppliers – by subcontracting the company’s activities – become fundamental partners of the company.
It becomes essential to select suppliers able to guarantee quality work, also in accordance with the Acea integrated management systems and timing of the contracts.
The topic of technology and innovation of industrial processes, infrastructure and services also affect all Industrial Segments. Through technological innovation it is possible to achieve optimal management of the plants and their efficiency, to improve the resilience of energy infrastructure and water networks with a consequent reduction in losses and to optimise the costs of running the waste treatment production plants; in addition, the evolution of architecture and IT systems in the commercial field allows providing a service that is more appropriate to the dynamic needs of business.
Of great importance is the enhancement of human capital, which also has a clear impact across all Industrial Segments, committed to implementing management and organisational tools for managing human resources, with particular regard to staff training and adequate sizing of internal staff.
GOVERNANCE: the topic of ethics, respect for rules and compliance, also linked to the fight against active and passive corruption, cuts across all Industrial Segments, not only with respect to ethical values and principles that must guide business conduct and management, but also for the peculiarities of businesses strongly subject to regulatory evolution.
As regards climate change, as shown by the evidence reported in the CDP (formerly Carbon disclosure project) questionnaire, Acea projects the assessment of related risks over a medium- term horizon. According to the indications of the Task Force on Climate-related Financial Disclosures, climate risks are divided into physical and transitional risks. The former relate to acute climate events (like hurricanes and floods) or chronic climate events (like permanent changes in temperatures), the latter to political, market and technological changes, depending on the regulatory, industrial and social approaches to climate change mitigation and adaptation.
With regard to the type of risks associated with climate change, just to mention the most obvious aspects, the most critical issues arise in the operational, regulatory and legal areas. As far as the first aspect is concerned, meteorological events like reductions in rainfall can have negative impacts on both hydroelectric energy production and the reduction of the availability of drinking water to be distributed, with among other things an increase in energy consumption for the withdrawal of water from more disadvantaged sources. On the other hand, extreme phenomena like storms can lead to the risk of lightning strikes, with interruptions in the service of the electricity network or, for the water network, the overflow of inflows into the wastewater systems as well as turbidity in the water sources. Moreover, from a regulatory and legal point of view, these climatic effects can have an impact on the consequent provision of the service in accordance with the regulations in force, with consequent penalties. The implications of the legislation with regard to CO2 emission quotas, renewable sources, taxes and environmental certificates (white, green) could be very significant, with possible final impacts of a financial nature.
ANALYSIS OF POTENTIAL ENVIRONMENTAL RISKS
The environmental aspects that might generate potential risks of negative impacts on Acea’s activities have been assessed in the context of the ISO 14001:2015 certified environmental management systems of the various operating companies.
For the main companies operating in the industrial segments of Water, Energy Infrastructure and the Environment, specific events have been hypothesised in relation to their management, which could have a significant impact on the environment.
As far as the water service is concerned, the main risks are due to: inefficient operational management of the water resource, which could cause high levels of losses with consequent excessive consumption; lack of control of the parameters of the resource with environmental consequences if they are exceeded; inadequate interventions on the sewerage-treatment system with possible contamination of the soil and water bodies; risks of fires and explosions in treatment plants related to the production of biogas, with possible impacts in terms of emissions into the atmosphere.
In the context of the operation of energy infrastructures, for the transport and transformation of electricity for delivery to end users, the main risks are attributable to: existence of overhead and underground systems with impacts in terms of land use and subsoil; generation of waste and impacts on ecosystems; generation of electromagnetic fields with impacts in terms of exposure; maintenance of transformation plants with potential soil and subsoil contamination with hazardous materials; maintenance and construction of plants with impacts in terms of production of special waste. With reference to electricity production using renewable and conventional power plants, the potential environmental risks concern the accidental spillage of pollutants or the exceeding of threshold values in emissions (into the atmosphere, surface water and sewerage) in the ordinary management of plants or in the event of critical events like fires or explosions. An example of environmental risk derives from the potential dangerousness of structural failure of hydraulic works.
Finally, with regard to the activities carried out in the Environmental industrial segment – i.e. the treatment, recovery and disposal of waste, the recovery of materials and energy through waste-to-energy and composting plants and the collection, transport, recovery and disposal of non-hazardous waste produced by waste treatment plants – the potential risks with environmental impact could arise with spills of hazardous substances and consequent contamination of the soil and aquifers or surface waters or with emissions into the atmosphere above limit values. Other impacts could be acoustic or on the landscape related to the presence of the plants.