Risk and Opportunity Management

INVESTORS

Risk and Opportunity Management

Managing risks and opportunities to create value

Overview

Overview

Prysmian’s value creation policy has always been based on effective risk and opportunity management. Since 2012, by adopting the provisions on risk management introduced by the Corporate Governance Code for Listed Companies (Corporate Governance Code) of Borsa Italiana, Prysmian has taken the opportunity to strengthen its governance model and implement an evolving risk management system that promotes proactive management of risks and opportunities using a structured and systematic tool to support the main business decision-making processes.

In fact, this Enterprise Risk Management (ERM) model, developed in line with internationally recognised models and best practices, such as those promoted by the Committee of Sponsoring Organizations of the Treadway Commission (COSO) and the ISO 31000 standard, enables the Board of Directors and managers to make informed assessments of risk scenarios that could jeopardise the achievement of strategic objectives. It also allows to adopt additional tools able to anticipate, mitigate and manage significant exposures and to pursue opportunities in line with the Group’s risk appetite, defined as the type and extent of risk that Prysmian is able and willing to assume.

The risk and opportunity management process involves the Group’s key business/function managers, allowing the most significant risk factors to be identified, assessed and managed, including sustainability and climate-related issues. This results in an integrated and multi-disciplinary company-wide risk management process aimed at ensuring long-term value creation for shareholders and stakeholders.

ERM in practice

The Group Chief Risk and Compliance Officer, tasked with managing the ERM system, is responsible for ensuring, together with top management, that the main risks and opportunities for Prysmian and its subsidiaries are promptly identified, assessed, managed and monitored over time.

After reporting to an internal risk management committee consisting of the Group’s top managers, the Group Chief Risk and Compliance Officer periodically meets the Control and Risks Committee — made up of non-executive members of the Board of Directors — to provide updates on the outcomes of the analyses conducted and actions taken, as well as about any developments in the Group’s ERM process.

Prysmian’s risk appetite

Prysmian’s risk appetite is determined through a process that defines the types and extent of risk that the Company is able and willing to assume in pursuing its strategic objectives.

Identifying risks and setting a clear risk appetite level are essential to achieving an effective ERM framework.

Prysmian has not set a single risk appetite statement, but rather applies different risk appetite levels based on the range of its activities, and may choose to accept different degrees of risk in different areas (e.g., zero tolerance for compliance and HSE related matters or Low risk appetite for Cyber risk (see Data asset & Integrity).

Risk and opportunity governance

Risk and opportunity governance Managing risks and opportunities is an essential part of Prysmian’s culture and fosters greater confidence in achieving strategic objectives and making the business sustainable, together with creating value for all employees, shareholders and stakeholders.

Developing, implementing and promoting a risk and opportunity control and management assurance platform is based on the integration of different levels of control:

Prysmian’s risk and opportunity culture

Prysmian has adopted strategies to promote an effective risk and opportunity culture throughout the organisation:

regular risk and opportunity management education for all Board members (e.g., the Risk Management & Compliance function regularly updates the Control and Risks Committee about the progress made by the Group’s ERM process and by the various risk management activities);
training focused on risk and opportunity management principles for the whole organisation (e.g., e-learning training through an internal platform);
integration of risk and opportunity criteria into the development of products and services (e.g., product and process development procedure including risk analysis);
financial incentives that incorporate risk management metrics (e.g., the Prysmian People Performance (P3) programme and the Prysmian People Performance Potential (P4) programme evaluate the problem solving dimension also considering skills such as the risk analysis competence).

Risk and opportunity identification

Prysmian’s ERM extends to all types of potentially significant risks and opportunities for the Group, as outlined in its Risk Model — shown in the figure below —, which classifies the internal and external risks of Prysmian’s business model based on five categories:

Risk and opportunity assessment

The top managers involved in the ERM process are required to use a clearly defined, common method to measure and assess specific risk events in terms of impact, probability of occurrence and adequacy of the existing level of risk management, meaning:

economic-financial impact on expected EBITDA or cash flows, net of any insurance coverage and countermeasures in place, and/or qualitative impact on reputation and/or on operational efficiency/continuity and sustainability, measured on a scale from “minor” (1) to “very high” (4);
probability that a particular event may occur, measured on a scale from “remote” (1) to “probable” (4);
level of control, meaning the maturity and efficiency of existing risk management systems and processes, measured on a scale from “adequate” (green) to “inadequate/non-existent” (red).

Analysing the results

The overall assessment must also take into account the future risk evolution, i.e., the possibility that exposure increases, remains constant or decreases over the period considered.

The outcome of the risk assessment is then represented on a 4x4 heatmap, which, by combining the variables in question, provides a clear overview of the most significant risk events.

In particular, sustainability and climate related risks and opportunities have also been assessed and reported, taking into account the Group’s latest update of its materiality matrix for the purposes of the Non-Financial Statement. Further details are available in the specific section of the Sustainability Report.

Risk and opportunity management

The overview of the Group’s risks and opportunities allows the Board of Directors and Top Management to evaluate the Group’s risk appetite and identify the risk and opportunity management strategies to adopt, by assessing and prioritising the types of risk for which it is deemed necessary to implement, improve or optimise mitigation actions and those for which it is sufficient to monitor the exposure over time.