Header Background

Risk management GRI - G4: 49, 50

Responsibility for establishing and maintaining an effective internal control and risk management system that is in line with corporate and procedural targets and ensuring that risk management methods correspond to the risk reduction plans defined falls to the director in charge of the internal control and risk management system and those in charge of risk management. Snam’s Board of Directors has identified the Company’s CEO as the director in charge of the internal control and risk management system, performing the duties set forth in the Code of Corporate Governance.

Having heard the opinion of the Control and Risk Committee, the Board of Directors evaluates, at least once a year, the adequacy and effectiveness of the internal control and risk management system with regard to the characteristics of the Company and the Group and the risk profile adopted.

The Control and Risk Committee is tasked with supporting (through appropriate enquiries) the assessments and decisions of the Board of Directors concerning the internal control and risk management system, as well as those relating to the approval of periodic financial reports.

To this end, in 2014 the Control and Risk Committee performed the relevant activities specified in the regulations approved by the Board of Directors. In particular:

  • the analysis, together with the head of the Enterprise Risk Management unit, of activities performed to identify, measure, manage and monitor the company’s main risks;
  • the supervision of activities performed by the Internal Audit unit;
  • periodic meetings with the executive responsible for the preparation of the company’s accounting documents, the head of the Compliance unit, managers of the Independent Auditor and the Watch Structure pursuant to Legislative Decree 231/2001 and (iv) review transactions completed with related parties.

Applying the control system is a primary responsibility of management, as control activities are an integral part of management procedures. Management must therefore foster an atmosphere that is actively orientated towards control and, in particular, oversee “line controls”, which are all the control activities that the individual operating units or companies carry out on their processes.

The Internal Audit area is responsible for independent controls, and it is tasked with verifying that the internal control and risk management system is both operational and adequate, and that it carries out the following duties:

  • preparation of the proposed audit plan based on the reporting of the main company risks;
  • performance of audits and follow-up checks of corrective measures approved by management in relation to shortfalls found;
  • independent monitoring of Company information as required by the Control System;
  • support to control and supervisory bodies of the Group’s companies and activities concerning the award and management of assignments given to the Independent Auditor.

The parent company performed auditing activities in 2014, with a dedicated team of 15 auditors.

  Download XLS (23 kB)










Total number of audits performed




Reports received




of which those concerning the Internal Audit System




of which those involving accounting, auditing, fraud, etc.

of which those involving administrative responsibility pursuant to Legislative Decree 231/2001

of which those concerning violation of the anti-corruption law

of which those involving other subjects (Code of Ethics, mobbing, thefts, security, etc.)




Reports shelved due to lack of proof or because untrue (no.)




Reports ending in corporate disciplinary or managerial action and/or filing with a legal authority




Reports in the process of examination (no.)




Enterprise risk management: development of the model

Snam’s Enterprise Risk Management (ERM) department has been active since April 2013. It is tasked with identifying, measuring and monitoring all corporate risks. Through ERM, Snam has chosen to have a method and model for identifying, assessing, managing and controlling risk that is structured and standardised for all Group companies.

In 2014 four assessment cycles (one each quarter) were performed that differed depending on the severity of risks. Risk mapping led to the identification of 333 risks confirming the Company’s low risk profile.

In addition to ordinary activities to verify and control mapped risks, in 2014 certain activities were carried out to ensure the continual improvement of the model adopted and to support risk managers.

To be specific:

  • Analysis and classification of all causes of risks (over 1,200) to better identify “root causes” and related risk management and/or mitigation measures. The classification was performed by dividing causes into internal and external causes, and then subdividing them into categories (people, processes, legislation, suppliers, etc.) and sub-categories;
  • Preparation of an integrated action plan that groups all measures (over 200) and the related timing to manage and/or mitigate risks;
  • Development of a methodology to identify and measure the positive impact of events (opportunities);
  • The start-up of production of an IT tool that allows the online completion of cyclical transactions to verify risk mapping. The tool will be used starting in 2015.

Administrative liability and prevention of offences GRI – G4: SO3

The Board of Directors has adopted its own organisation, management and control model pursuant to Legislative Decree No. 231 of 8 June 2001 (“Model 231”) to prevent crimes mentioned in the legislation on corporate administrative liability for crimes committed in the interest or to the advantage of the company (Legislative Decree 231/2001), and it has set up a Watch Structure equipped with autonomous powers of initiative and control, in compliance with the law.

Most recently, on 30 July 2013, the Board of Directors approved the new text of Model 231, which was updated with regard to the new crimes of “private corruption”, “undue inducement to give or promise benefits” and “employment of third-country citizens whose stay is illegal”, and to the changes to Snam’s organisational and corporate structure.

Model 231 is an organic set of principles, rules and provisions concerning, inter alia, the management and control of each corporate process. Its aim is to protect the Company from any conduct that may incur its administrative liability, pursuant to Legislative Decree 231/2001, in relation to crimes or attempted crimes committed in the interest or to the advantage of the Company by persons holding a “senior” position within the entity or by those who are subject to the oversight or control of such persons.

A multi-functional “Team 231” was formed to identify and carry out the activities necessary for updating the Company and Subsidiaries’ Model 231 by incorporating new legislative developments within the scope of application of Legislative Decree 231 of 8 June 2001.

The Subsidiaries have also adopted a Model 231 commensurate with their own specific nature, appointing their own Watch Structure to monitor the implementation and effective application of the model.

With a view to the continual improvement of the control system, and in light of the importance of making those inside and outside the Company aware of the content of Model 231, Snam has developed a specific training programme for all its employees in order to ensure that Model 231 is applied effectively. As well as being an important tool for making management and other employees aware of how to prevent the crimes mentioned in Legislative Decree 231/2001, this training activity encourages all staff members to play an active role in Snam’s system of ethics and values.

Model 231 can be viewed on the Company’s website (http://www.snam.it/en/Governance/Administrative_responsability/index.html).

Supervisory Body and Code of Ethics GRI – G4: 57,58

The Watch Structure comprises the Head of Internal Auditor, the Head of Management of Legal and Notarial Suppliers and Support Processes, and three external members, one of whom chairs the body, who are experts in legal and corporate affairs as well as in business organisation and economics.

Among other things, the Watch Structure oversees the effectiveness of Model 231 and the monitoring of how it is implemented and updated. It examines Model 231’s suitability in terms of preventing unlawful conduct and manages the relevant flows of information with the various corporate departments and the watch structures of the Subsidiaries. The Watch Structure also acts as the Code of Ethics Supervisor.

In performing its tasks, the Watch Structure has unlimited access to corporate information for investigation, analysis and control activities. Any Company department, employee and/or member of Company bodies is subject to a disclosure obligation in the event of any request by the Watch Structure, and in the event of significant events or circumstances, for the performance of the activities falling within the field of competence of the Watch Structure.


Snam has been combating corruption for several years, expressly prohibiting “corrupt practices, illegitimate favours, collusion and requests for personal or career-related benefits for oneself or others, either directly and/or through third parties” in its Code of Ethics.

From January to December 2014 Snam monitored the Group’s anti-corruption compliance programme. The implementation of this initiative, which is an integral part of the anti-corruption compliance programme, was managed in collaboration with a leading law firm which carried out a direct, ongoing audit of the implementation and application of the anti-corruption procedures required by the compliance programme including through meetings with the key officers of Snam and its subsidiaries. This analysis confirmed that the anti-corruption compliance programme was highly “appropriate” and “effective”, reflected the provisions of applicable regulations and international guidance and best practices, and was consistent with the most sophisticated compliance programmes adopted by major Italian and international companies.

In June 2014 Snam voluntarily submitted to the Assessment on Transparency in Reporting on Anti-Corruption (“TRAC”) by Transparency International Italia, an international non-governmental organisation engaged in the fight against corruption. This assessment led to an analysis that covered, among other things, the tools Snam makes available to the public through the website www.snam.it, including the Code of Ethics, Anti-Corruption Procedure, financial reports and the Sustainability Report. Transparency International Italy assigned the maximum score to Snam for its proactive approach and transparency in the management and reporting of programmes and anti-corruption activities. In fact, Snam achieved a score of 100% on both sections of the evaluation applicable to it (“Anti-Corruption Programme” and “Organisational Transparency”). Transparency International Italia indicated that the Anti-Corruption Procedure was an example of “absolute excellence”.

to pagetop