Organisational model and management of activities
Corporate and organisational structure
Snam’s corporate governance system – a set of planning, management and control rules and methodologies necessary for the Company to function – was identified by the Board of Directors:
- in compliance with the regulations to which the Company is subject as a listed issuer;
- in accordance with the Corporate Governance Code;
- in line with the national and international best practices against which the Company compares itself.
This system is based on some key principles, such as a correct and transparent choice of management of business operations ensured also through the identification of information flows between the corporate bodies and an efficient definition of the system for internal control and risk management.
Snam manages and coordinates its subsidiaries and has adopted Corporate Governance Guidelines that define, amongst others, the principles, contents, tools and operating procedures of strategic guidelines given by Snam in line with its corporate governance system and the characteristics of its organisational structure, at the same time taking due account of the legal autonomy and principles of correct corporate and entrepreneurial management of the subsidiaries.
The organisation of Snam is divided into four business units and staff functions, designed with a view to simplifying processes, efficiency and continuous improvement. The business units are focused respectively:
- on development, regulatory and commercial activities;
- on the management of Italian subsidiaries;
- on the management of foreign holdings;
- on the development of technical services focused on distinctive skills and know-how aimed at operators in the gas sector.
Manner of conducting activities
We manage our business in accordance with the Corporate System Framework, the organisational and procedural system applied across all Group companies in Italy and abroad, created to ensure that the system of rules governing the business is clear, simple and organic. The system is inspired by the Code of Ethics51 and is based on management policies, described in the following chapters, based on the principles enunciated by the United Nations Universal Declaration of Human Rights, the fundamental ILO Conventions and the OECD Guidelines for Multinational Enterprises. The main policies52 referred to in the document are:
- the Sustainable Development Policy;
- the Health, Safety, Environment and Quality Policy;
- the Stakeholder Engagement Policy;
- the Human Rights Policy;
- the Policy for the management of philanthropic activities and social initiatives;
- the Social Supply Chain Policy;
- the Enterprise Risk Management Guidelines;
- the Policy statement contained in the Anti-Corruption Guidelines.
Furthermore, Snam adheres to the UN Global Compact, the most important international sustainable development initiative, which aims to promote and disseminate ten global ethical principles concerning human rights, environmental protection, workers’ rights and anti-corruption.
In order to successfully implement this system, managerial actions need to be based on the allocation of specific objectives to each position of responsibility and on the transparent assessment of results. This would enable continual improvements in the effectiveness and efficiency of corporate processes.
Internal Control and Risk Management System
The Internal Control and Risk Management System (“ICRMS”) consists of the rules, procedures and organisational structures aimed at allowing for the identification, measurement, management and monitoring of the main risks, including those of the topics pursuant to Art. 3, paragraph 1 of Italian Legislative Decree 254/2016 (environmental, social and staff-related topics, as well as respect for human rights and the fight against active and passive corruption).
Snam adopted and undertakes to promote and maintain an adequate Internal Control and Risk Management System. This system is integrated into the organisational, management and accounting structure and, in general, into the corporate governance of Snam and is based on the Corporate Governance Code which Snam complies with, taking as references the national and international models and best practices.
The guiding principles on which the SCIGR is based are defined in the Code of Ethics:
- the separation of activities between persons responsible for authorisation, executive or control procedures;
- the existence of suitable corporate provisions for providing the general reference principles for the regulation of corporate processes and activities;
- the existence of formal rules for the exercise of signatory powers and internal authorisation powers;
- traceability (guaranteed through the adoption of information systems that can identify and reconstruct sources, information and checks carried out in support of the formation and implementation of the Company’s decisions and financial resource management procedures).
The ICRMS is made subject to verification and update over time, so as to ensure that it is always suitable for monitoring the main risk areas of the business. In this context, and also in order to execute the provisions of the Code of Corporate Governance, Snam has adopted an ERM (Enterprise Risk Management) system.
The Board of Directors charges the CEO with giving structure to and maintaining the entire system. The system is divided into three levels, each with different objectives and associated responsibilities.
First Level:
Identification, assessment and monitoring of the relevant risks within the individual Group processes.
This level includes the functions of the Snam Group owners of the individual risks, responsible for their identification, measurement and management, and for the implementation of the necessary controls in the processes pertaining to them.
Second Level:
Monitoring the main risks to ensure they are effectively and efficiently managed and processed, and monitoring the adequacy and functioning of the controls in place to protect against these risks; support for Level One in defining and implementing adequate management systems for the main risks and related controls.
The Group's staff departments responsible for coordinating and managing the main control systems (e.g. Corporate Administrative Responsibility, Corporate Reporting, Anti-Corruption, Antitrust) operate at this level.
Third Level:
Independent and objective assurance of the adequacy and actual operation of the first and second control levels and in general of the overall risk management procedures. Internal Audit operates on the basis of the “Internal audit guidelines”.
The ERM Model, in particular, provides suitable tools for identifying, measuring, managing and monitoring the main risks that could affect the achievement of strategic objectives. The main objectives of ERM are to define a risk assessment model that allows risks to be identified, using standardised, group-wide policies, and then prioritised, to provide consolidated measures to mitigate these risks and to draw up a reporting system.
We use an integrated, dynamic and group-wide method of assessing risk that evaluates the existing management systems in the individual corporate processes, starting with those relating to the prevention of fraud and corruption and health, safety, environment and quality.
In a similar fashion, the ERM model allows for the mapping of opportunities, thereby intending the positive effects of uncertainty on company objectives.
The results of the risk and opportunity assessment and monitoring activities and the related mitigation measures are regularly presented to the Control and Risk and Related Party Transactions Committee, the Board of Statutory Auditors and the Supervisory Body of Snam and its subsidiaries. They are also used by the Internal Audit department to draw up the audit schedules.
Integrated Risk Assurance & Compliance
The Board of Directors has approved the “Integrated Risk Assurance & Compliance” Guidelines, which aim to: (i) integrate into the scope of the ICRMS the level 2 control models and (ii) promote and support conformity with reference legislation and the prevention of crime through a specific Compliance Programme for the prevention of offences (CPPI), in complete compliance with the Code of Ethics.
The Guidelines define the content of the CPPI aligned with the standards of best practice, in full compliance with the Code of Ethics, which defines the values, the standards of conduct and the guiding principles on which the entire ICRMS is based, which Snam recognises, accepts, shares and to which it commits, internally and externally.
The CPPI is implemented and made operative through:
- the Regulatory system;
- the provisions on corporate governance, adopted in compliance with applicable legislation and international best practices;
- the provisions, methods and activities of the models applied by the appointed departments;
- an integrated risk assurance & compliance process.
The following are relevant to the implementation of the CPPI:
- the integrated risk assurance & compliance model;
- the systems: reporting53, rewarding and disciplinary;
- training and communication.
The integrated risk assurance & compliance model aims to improve the perception of the controls by the various owners involved and further enhance the efficiency of the ICRMS through a better coordination and integration of the related flows and interactions between the three control lines, optimising the respective contributions.
This model envisages the use of a computerised Integrated Risk Assurance & Compliance (RACI) platform, which allows for the coordination of risk management activities implemented under the scope of the level 2 control models, maintaining the specific aspects of the methods used in each model 54 and the development of an integrated database (the Risk & Control Register), where the models involved in the Integrated Risk Assurance & Compliance process share a single catalogue of risks and controls. This repository allows for the integrated collection of consistent, complete data and information in support of the decision-making processes of senior management and corporate bodies to whom dedicated reporting flows are addressed.
Organisation, management and auditing model according to Legislative Decree no. 231/2001 (the “Model 231”)
Snam S.p.A.’s Model 231 consists of a set of principles, rules and provisions on, amongst others, the management and control of each business process, the aim of which is to protect the company from any conduct that may entail administrative liability, in accordance with Italian Legislative Decree no. 231 of 2001 in connection with crimes committed or attempted in the interests or to the benefit of the company, by subjects in senior positions within the structure or subjects under their supervision and control.
The Board of Directors adopted the 231 Model to prevent the offences referred to in the legislation on corporate administrative liability for the offences committed in the interests or for the benefit of the company, and appointed a Supervisory Body having autonomous initiative and control powers, in compliance with the laws and regulations.
The analysis of corporate processes and the comparative analysis of the existing control environment and of the control systems are carried out according to the COSO Framework (last published in May 2013), which is the international reference model for the establishment, update, analysis and assessment of the internal control system.
The subsidiaries have also adopted their own Model 231 commensurate with their own characteristics, appointing their own Watch Structures charged with monitoring that Model 231 is implemented and applied effectively.
In May and June 2018, the documents of the Special Part of the 231 Model of Snam and Subsidiaries were updated in light of:
- legislative changes, which amended and expanded the range of predicate offences mentioned in Legislative Decree 231/2001 and case law developments on this matter, and notably:
- the new formulation of the corruption offences between individuals (article 2635 of the Italian Civil Code);
- “caporalato” (unauthorised gangmaster system) offence, introduced in art. 25 – sexies of Legislative Decree 231/2001;
- the offence of “racism and xenophobia”, introduced by the new article 25 - terdecies of Italian Legislative Decree 231/2001;
- the organisational developments that affected Snam.
Snam developed a specific training programme for all Snam’s staff. This training activity is an important tool to make the Management and the other members of the company aware of the issues concerning corporate ethics, crime prevention pursuant to Legislative Decree 231, and the fight against corruption; it also allowed for a widespread participation of all employees in Snam’s ethics and values system.
Model 231 is available on the Company's website.
Finally, some time ago, as part of its whistleblowing management process55, Snam prepared specific communication channels to which not only Snam, but also its subsidiaries, refer.
In order to guarantee levels of excellence and independence, Snam has entrusted the management of the aforementioned communication channels to an external subject (Ombudsman), which ensures the receipt and analysis of each report applying criteria of maximum confidentiality suitable, among other things, for the protection of the integrity of the persons reported and the effectiveness of the investigations.
Detailed information on the topics discussed in this section can be found in the “Report on Corporate Governance and Ownership Structure 2018”, available on the Company's website.
As regards the ERM Model in particular and the synthetic representation of the main risks Snam generates or is subjected to56 in relation to its activities and related mitigation actions carried out, please refer to the paragraph on “Management of risks and the control system - The Enterprise Risk Management (ERM) process” of the Integrated Report on operations.
The risks generated or suffered are also described in detail in the chapter entitled Risk factors and uncertainty, in the Integrated Report on operations.
51 The Snam Code of Ethics can be consulted on the Company's website.
52 See Article 3, paragraph 1, lett. b of Italian Legislative Decree no. 254 of 30 December 2016. Snam’s policies may be consulted on the company website. The anti-corruption guideline may be consulted on the company website at www.snam.it/export/sites/snam/repository/file/Governance/lineaguida/anticorruzione/snam_anticorruzione_01.pdf .
53 The CPPI is made effective also thanks to the contribution provided by the adoption of a whistleblowing system. The “Anonymous and non-anonymous reports received by Snam and its subsidiaries” Guidelines regulate the process associated with the receipt, analysis and processing of the reports made by any party, including those that are confidential or anonymous.
54 The prerogatives due to the Officer Responsible are in any case preserved, by virtue of Art. 154-bis of the TUF, with reference, amongst others, to the preparation of suitable administrative and accounting procedures for the preparation of the financial statements for the year and of the consolidated financial statements as well as all other financial communications.
55 The Guideline may be consulted on the company website at www.snam.it/en/governance-conduct/business-conduct/whistleblowing/index.html.
56 See Article 3, paragraph 1, lett. C of the Decree no. 254 of 30 December 2016.