Suppliers Consumer protection Acea Energia Servizio Elettrico Roma

Governance Investors Careers

IT EN

Our business is closely involved in people lives.

We ensure residents receive essential services for their daily life.

At your side in your community

Managing your water services. Distributing energy. Selling electricity and gas. Recycling waste. Our one objective: to create value for the people and the community in which we operate.

Nowadays, innovation is at everyone's fingertips.

Acea sees innovation as the driving force to become more efficient, to raise the quality of life for our customers, to improve services for the residents and the community. Acea has used all this to create a new culture of innovation: an open culture, which everyone can share and take part in.

Our Group serves local communities and their citizens.

We are fully aware of our role of responsibility towards our stakeholders for our major economic, social and environmental impact. This is why our Sustainability Plan is part and parcel of our Business Plan.

Acea Innovation Day

Artificial intelligence and big data at the service of enterprises and startups.

The Internal Control and Risk Management System

An essential element of Acea's Corporate Governance system, the SCIGR allows us to identify, measure, manage and monitor the main risks associated with business activity. It takes into account the recommendations of the Corporate Governance Code and is inspired by Italian and international best practices, especially the COSO model for Internal Controls issued by the Committee of Sponsoring Organisations of the Treadway Commission.

The system is described in the "Guidelines for the Internal Control and Risk Management System", updated by the BoD in February 2018. (Italian version)

SCIGR objectives

To identify events, that can prevent us from achieving the objectives set by the Board of Directors
To contribute to business management according to the corporate objectives set by the Board of Directors and diffuse awareness of company risks, legality and values
To encourage conscious decisions, compatible with the risk appetite identified by the Board of Directors
To safeguard the company’s assets, the efficiency and effectiveness of our processes , the reliability of information provided to the corporate bodies and with internal and external regulations.

Risk management in the Acea Group is a structured, continual process, created in order to assess and handle using integrated logic the risks of the entire organisation, according to the risk appetite expressed, with a view to ensuring that management is provided with the information necessary to take the most appropriate decisions for the achievement of strategic and business objectives and for the protection, enhancement and creation of business value.

Main protagonists of the SCIGR

BoD
Determines the SCIGR guidelines so as to ensure that the main risks for Acea and its subsidiaries are identified, measured and managed

DIRECTOR IN CHARGE
Implements the SCIGR guidelines and, also using the Audit Department, ensures identification of the main corporate risks and submits them periodically to the BoD

BOARD OF STATUTORY AUDITORS
Monitors legislative and procedural compliance and observance of correct principles of administration

COMPANY STAFF
Intervenes with varying responsibilities, from management to employees, to maintain an efficient process of risk identification and management, operating in observance of procedures and performing line control activities

MANAGER RESPONSIBLE FOR PREPARING THE COMPANY’S FINANCIAL REPORTS
Responsible for setting up and maintaining the Financial Information Internal Control System

RISK & COMPLIANCE - ERM
Defines the methodology for risk evaluation and prioritisation and coordinates management of the periodical Risk Assessment procedure

SUPERVISORY BODY
Responsible, with powers of initiative and intervention, for the functioning of the Organisational, Management and Control model (MOG 231), relying on the collaboration of the Ethics and Sustainability Committee for the profiles of common interest

INTERNAL AUDIT
Carries out independent audits on the operations and suitability of the IARMS, using an audit plan (risk-based) approved by the BoD and monitors the execution of the action plans issued following the audits performed

Function Risk & Compliance

RISK & COMPLIANCE DEPARTMENT

Identify, describe and measure the main risk factors, that might jeopardise the achievement of the Group’s strategic objectives
Propose policies for the management of risks inherent in corporate business
Identify and acquire the most suitable forms of insurance cover for insurable risks
Avoid the risk of corporate business non-compliance with relevant legislation

Manager Responsible

The Manager Responsible for preparing the company’s financial reports (the "Manager Responsible") pursuant to Italian Law 265/05 is in charge of setting up and maintaining the system of internal control financial ireporting and issuing an appropriate certification together with the Chief Executive Officer. The system of internal control over financial reporting is subject to a specific Regulation approved by the Board of Directors and supported by the Management and Control Model in accordance with Law 262/05.

The three levels of the SCIGR

Risk management is a cross-cutting process, widespread responsibilities that involve all company levels.

First Level

Conducted by those
responsible for the
operating activities where the risk lies.

First level controls are intended to ensure business processes are correctly carried out in order to prevent risks via appropriate mitigation actions.

Second Level

Conducted by corporate
structures, with the aim of ensuring that the first level, checks are
adequate and operational

Second level controls comprise ongoing monitoring to assess the effectiveness of controls defined for the performance of business operations.

Third level

Independent checks
conducted by the Audit
function to verify the adequacy and operation of the SCIGR

Third level controls are entrusted to the Internal Audit Department and consist of independent assessments regarding the design and running of the internal control system and the monitoring of improvement plans defined management.

Summary of the governance of risk management

Graphical representation of the risk control and management system in Acea Group