Risk Management

Electricity market risk management

With its Resolution no. 115/08 (“TIMM”) regarding the monitoring of the Wholesale Energy and Ancillary Services Markets, the Authority for Electricity and Gas defined the general principles and criteria of market monitoring for the companies Terna, GME and GSE, calling for each of these companies to establish a specific monitoring office.
Electricity Market Risk Management is Terna’s monitoring unit, which is responsible for the TIMM data warehouse and sees to the acquisition, organisation and storage of data in order to monitor the volumes and indicators related to the Ancillary Services Market.
This is of particular importance to the Company in that, as part of Terna’s incentives established by the Authority’s Resolution no. 206/08 regarding the procurement of resources for the Ancillary Services Market, the effective performance of key activities in monitoring this market are a requirement for receiving a portion of such incentives.

Electrical system risk management

Terna is responsible for coordinating the functioning of the entire electrical system, although the Company only directly manages the part that concerns the transmission grid. Therefore, the proper functioning of the connected systems and the conduct outside of Terna represents an additional threat that could undermine the success of the Company’s mission.
This is a component of operational risk that must be monitored and for which mitigating actions must be taken, actions which generally work towards limiting external events, such as malfunctions or failures to comply with the Grid Code. At times, systems with certain innovative characteristics, such as wind farms, or other events that have not been foreseen require analyses and studies that may lead to changes or additions to said Code. These activities are conducted by the Electrical System Risk Management Unit in addition to managing the operational risks deriving from external vulnerabilities, for which preventive action in the form of controls and other actions based on the outcome of monitoring electrical system events is of great importance.

Fraud Management

In 2009, the Fraud Management Unit implemented a series of projects aimed at preventing and managing corporate fraud and took all steps necessary to discourage such fraud and to limit its effects. In order to monitor processes on an ongoing basis, as well as to be able to verify and manage any reports of possible fraud, the Company has introduced custom management systems and new SAP transactions aimed at reducing the risk of fraud and has defined specific procedures for a number of critical processes designed to prevent such illegal conduct. In that regard, the first protocol of understanding signed with the tax police (Guardia di Finanza) with the goal of averting criminal acts in the management of strategic areas, such as the electricity market and renewable energy resources, is of particular importance.
In addition to its efforts to prevent and manage fraud, the Fraud Management Unit conducted:

  • activities to support the Company’s other units, such as in the analysis and assessment of counterparties, so as to limit the risks deriving from transactions with others;
  • compliance activities focusing on cooperating with and supporting the Company’s management and its various offices, aimed at ensuring compliance with laws, regulations, procedures, codes of conduct, and best practices, as well as at reducing and/or preventing the risk of sanctions and safeguarding the Company’s image.

Organisational Model under Legislative Decree no. 231 of June 8, 2001

The Company Security Department (RM/FRM), in collaboration with the Legal and Corporate Affairs Department, is engaged in implementing and updating the Organisational Model under Legislative Decree no. 231.
In 2009, following final approval of the bill to ratify and execute the Council of Europe Convention on cybercrime, Terna S.p.A. both updated and implemented its Organisational Model, introducing Special Section H concerning cybercrime, and drafted specific security policies aimed at reducing the risk of the commission of such computer-related crimes.