Operating risks
Ownership of storage concessions
The risk linked to maintenance of the ownership of the storage concessions is attributable by Snam to the business in which the subsidiary Stogit operates on the basis of concessions issued by the Ministry of Economic Development. Eight of the ten concessions (Alfonsine, Brugherio, Cortemaggiore, Minerbio, Ripalta, Sabbioncello, Sergnano and Settala) expired on 31 December 2016 and can be renewed no more than twice for a duration of ten years each time. With regard to these concessions, Stogit submitted – within the statutory terms -– the extension request to the Ministry of Economic Development and the proceedings are currently pending before the Ministry. Pending said proceedings, the Company’s activities, as provided for by the reference regulations, will continue until the completion of the authorisation procedures in progress envisaged by the original authorisation, which will be extended automatically on expiry until said completion. One concession (Fiume Treste) will expire in June 2022 and has already been renewed for the first ten-year extension period in 2011, and another concession (Bordolano) will expire in November 2031 and can be extended for a further ten years45.
If Snam is unable to retain ownership of one or more of its concessions or if, at the time of the renewal, the concessions are awarded under terms less favourable than the current ones, there may be negative effects on the Company’s operations, results, balance sheet and cash flow.
Malfunction and unexpected service interruption
Operating risks consist mainly of the malfunctioning and unforeseen interruption of the service determined by accidental events, including accidents, breakdowns or malfunctions of equipment or control systems, reduced output of plants, and extraordinary events such as explosions, fires, landslides or other similar events outside of Snam’s control. Such events could result in a reduction in revenue and could also cause significant damage to people, with potential compensation obligations. Although Snam has taken out specific insurance policies to cover some of these risks, the related insurance cover could be insufficient to meet all the losses incurred, compensation obligations or cost increases.
Delays in the progress of infrastructure implementation programs
There is also the concrete possibility that Snam could incur delays in the progress of infrastructure construction programmes as a result of several unknowns linked to operating, economic, regulatory, authorisation and competition factors, regardless of its intentions. Snam is therefore unable to guarantee that the projects to upgrade and extend its network will be started, be completed or lead to the expected benefits in terms of tariffs. Additionally, the development projects may require greater investments or longer timeframes than those originally planned, affecting Snam’s financial position and results.
Investment projects may be stopped or delayed due to difficulties in obtaining environmental and/or administrative authorisations or to opposition from political forces or other organisations, or may be influenced by changes in the price of equipment, materials and workforce, by changes in the political or regulatory framework during construction, or by the inability to obtain financing at an acceptable interest rate. Such delays could have negative effects on the Snam Group’s operations, results, balance sheet and cash flow. In addition, changes in the prices of goods, equipment, materials and workforce could have an impact on Snam’s financial results.
Environmental risks
Snam and the sites in which it operates are subject to laws and regulations relating to pollution, environmental protection, and the use and disposal of hazardous substances and waste. These laws and regulations expose Snam to potential costs and liabilities related to the operation and its assets. The costs of possible environmental remediation obligations are subject to uncertainty regarding the extent of contamination, appropriate corrective actions and shared responsibility and are therefore difficult to estimate.
In relation to the new global climate agreements (COP21 in Paris 2015, COP22 in Marrakech in 2017), aimed at encouraging the transition towards a more sustainable economy that favours zero emission energy sources, it may envisage regulatory and legislative risk related to the possible implementation of increasingly stringent regulations at European and national level.
Snam cannot predict if and how environmental regulations and laws may over time become more binding and cannot provide assurance that future costs to ensure compliance with environmental legislation will not increase or that these costs can be recovered within the mechanisms tariffs or the applicable regulation. Substantial increases in costs related to environmental compliance and other aspects related to it and the costs of possible sanctions could negatively impact the business, operating results and financial and reputational aspects.
Employees and staff in key roles
Snam's ability to operate its business effectively depends on the skills and performance of its personnel. Loss of “key” personnel or inability to attract, train or retain qualified personnel (in particular for technical positions where the availability of appropriately qualified personnel may be limited), or situations in which the ability to implement long-term business strategy is negatively influenced due to significant disputes with employees, could have an adverse effect on the business, financial conditions and operating results.
Risk linked to foreign holdings
The foreign companies owned by Snam may be subject to regulatory/legislative risk, under conditions of social and economic political instability, to a market risk, cyber security, credit and financial risk and other risks typical of the business of the transmission and storage of natural gas highlighted for Snam, such as to adversely affect their activities, economic results and the equity and financial situation. This can have negative impacts for Snam on the contribution towards the profits generated by such investments.
Risks connected with future acquisitions/equity investments
Each investment made as part of joint ventures and each future investment in Italian or foreign companies may entail an increase in the complexity of Snam Group operations and there can be no guarantee that such investments will correctly integrate in terms of quality standards, policies and procedures, consistently with the rest of Snam’s operations. The integration process can be costly and require additional investment.
Failure to integrate the investment made can have a negative impact on business, operating results and financial aspects.
Cyber security
Snam carries out its activities through a complex technological architecture relying on an integrated model of processes and solutions capable of promoting the efficient management of the entire country's gas system. The development of the business and recourse to innovative solutions capable of continuous improvement, however, requires increasing attention to be focused on aspects of cybersecurity.
For this reason Snam has developed its own cybersecurity strategy based on a framework defined in accordance with standard principles on the subject and focusing constant attention on Italian and European regulatory developments, especially as far as the world of critical infrastructures and essential services is concerned. First and foremost, this strategy involves adapting one's own processes to the provisions of standards ISO/IEC 27001 (Information Security Management Systems) and ISO 22301 (Business Continuity Management Systems) and the formal certification of conformity to the listed standards.
Alongside this and in accordance with technological developments, solutions aimed at protecting the Company from cyber threats and malware are assessed and, where deemed appropriate, implemented. More specifically, Snam has defined a model of cybersecurity incident management aimed at preventing and, when necessary, ensuring timely remediation in the event of events that could damage the confidentiality and integrity of the information processed and the IT systems used. At the base of the activity is a Security Incident Response Team which, using technologies that allow collecting and correlating all the security events recorded on the entire perimeter of the company's IT infrastructure, has the task of monitoring all the anomalous situations from which negative impacts may result for the company and to activate, where necessary, escalation plans suitable to guarantee the involvement of the various operating structures.
With reference to the management of information in support of the business processes, it is considered appropriate to stress that the company owns the asset (fibre) used for the transmission of data to and from the territory; this results in intrinsically greater security thanks to the lack of dependency on the service provided by third parties and the possibility of making exclusive use of the communication channel.
Lastly, as part of cyber incident management (preventive and reactive), information-sharing with national and European institutions and peers is used in order to improve the capacity and speed of response following various possible negative events.
A great deal of attention is also paid to increasing awareness and specialist training of personnel, in order to facilitate the identification of weak signals and raising consciousness about risks of a cyber nature that could occur during the course of normal work activities.
45 The Stogit concessions issued before the coming into force of Italian Legislative Decree no. 164/2000 can be extended by the Ministry of Economic Development up to twice for a term of ten years each time, in accordance with Art. 1, paragraph 61 of Italian Law no. 239/2004. Pursuant to art. 34, paragraph 18 of Italian Decree Law no. 179/2012, converted by Italian Law no. 221/2012, the duration of the only Stogit concession issued after the coming into force of Italian Legislative Decree no. 164/2000 (Bordolano) is thirty years with the possibility of an extension for another ten years.