RISK MANAGEMENT SYSTEM
COMPANY GOALS
(strategici and recurring)
GROUP RISK ASSESSMENT
Guided by the Enterprise Risk Management
Enterprise Risks (TOP DOWN)
Process Risks (BOTTOM UP)
Cybersecurity
Health & Safety
Fraud Management
Environment
Compliance
Privacy
Management systems
Monitoring Law 262/05
Other areas
Control areas

Enabling factors in the model

Chart-round-4 S T R A T E G I C o b j e c t i v e s R E C U R R I N G o b j e c t i v e s ( S t a k e h o l d e r & A s s e t s )

Terna is exposed to operational risks linked both to technical aspects of its work and to external factors, like authorisation processes and local opposition, which can cause delays and obstacles to projects. The health and safety of Terna’s people and of the workers of companies involved on construction sites are a particular priority, with measures in place aimed at preventing all such risks. Additional factors exposing the Group to operational risks concern the management of the Italian national transmission grid, as well as the reliability of the ICT infrastructure which is essential to guarantee operational continuity. Finally, the Group invests in strengthening its human capital, aiming to attract and reward the highly specialised technical skills which are becoming increasingly strategic and in-demand.

The legal risks faced by Terna consist of the potential negative consequences of failure to uphold its contractual obligations in relation to the activities carried out by the Group. These risks may result in sanctions or legal disputes caused by non-fulfilment of contractual clauses. Should such risks materialise, the Group could suffer financial, economic and/or reputational losses.

The risk of non-compliance refers to the possibility of Terna breaching laws or regulations, with potential criminal, civil, tax-related, administrative, economic or reputational repercussions. In order to effectively manage this type of risk, Terna has strengthened its governance with the adoption of a Compliance Management System, alongside the other corporate tools already in use (such as the Organisational Model pursuant to Italian Legislative Decree 231/01, the Trade Compliance Policy, the Model pursuant to Italian Law 262/05, or the Tax Control Framework).

The European context in which the Group operates is affected by the rapid acceleration of the energy transition, which is putting the production capacity of the main suppliers under pressure. Increased investments by European grid operators can generate critical issues like production delocalisation, a shortage of specialised resources, and production capacity saturation in certain sectors, resulting in the risk of delays or additional costs in the completion of projects. To overcome these challenges, Terna takes a proactive approach to risk management, based on careful planning, diversification of suppliers (where possible), and constant monitoring of the market.

The increase in extreme weather events linked with climate change represents a growing threat to Terna’s electrical infrastructure, potentially compromising the continuity and quality of the service. In response to these risks, Terna has developed a Resilience Plan involving significant investments in strengthening the grid. In addition to natural risks, Terna is also exposed to human threats such as cyberattacks, heightened by geopolitical instability. These events can cause interruptions to the system and data loss, as well as tarnish the company’s reputation. For this reason, Terna adopts strict technological, procedural and organisational controls in order to ensure maximum safety levels and to mitigate the risk.

Terna operates in a regulatory context shaped by its government concession and by the provisions of the Italian Regulatory Authority for Energy, Networks and Environment (ARERA). This structure exposes the Group to regulatory risks which can impact its revenues, therefore requiring careful, strategic risk management. Moreover, Terna must contend with economic-financial factors such as commodity price volatility, affected by international geopolitical tensions, and interest rate fluctuations, which can impact operating costs, investments and debt management. For this reason, the Group takes a flexible approach that aims to ensure long-term sustainability and resilience.

Risk categories

Risk categories IN I T I AL INFOR M AL ES T ABLISHED A D V ANCED Maturity Risk Management L OW A VER A GE HIGH CR I TICAL S ev erity (*)

(*) Severity: resulting from (Impact) x (Probability)

Legend
  • Low risk
  • Average risk
  • High risk
  • Critical risk