Risk Management

We have a comprehensive risk management system in place in order to facilitate compliance with the company's strategies and objectives. This system ensures that the risks that could affect them are identified, analysed, assessed, managed, and controlled systematically. All this with uniform criteria and within the level of acceptable risk approved by the Board of Directors.

At Redeia, we conduct sensitivity analyses to monitor the possible evolution of key variables that could impact the fulfilment of the strategic plan, including financial aspects (interest rates or inflation) as well as operational considerations. The management system conforms to the ISO 31000 standard on the principles and guidelines for risk management. Besides, it is ongoing and comprehensive in nature.

blank
Management and control: organisational structure and responsibilities

blank

icono flecha

At Redeia, there is also a comprehensive Risk Management Policy and a Comprehensive Risk Management and Control Procedure based on the Comprehensive Risk Management Framework (COSO ERM).


Comprehensive Risk Management Policy

The Board of Directors is responsible for approving the Comprehensive Risk Management Policy, as well as for the review and regular monitoring of internal control, prevention, and information systems. Twice a year, the Board reviews the risk control system and relevant risks, in addition to the regular information received from the Audit Committee as part of its ongoing monitoring.

Check our Comprehensive Risk Management Policy - PDF, 211 KB

Emerging Risks

Redeia's Risk Management System also analyses risks considered to be emerging, i.e. either new risks whose origin differs from the risks traditionally managed or those already existing and identified but which, in the medium or long term, may undergo very significant changes due to their scope or a considerable change in their consequences. These risks are estimated to have potential impacts on the organisation. However, due to their nature, they are difficult to predict, estimate, and assess, which means that their time frame is uncertain.

The main difference from emerging risks lies in the process of identifying, evaluating, and measuring these risks due to their nature. The impacts of emerging risks are challenging to estimate and quantify, therefore, it is not considered a measurement process in terms of probability and impact. Furthermore, a time frame for emerging risks is considered beyond that used for measuring traditional risks or beyond the time frame of the current strategic plan.

Risks associated with climate change

Risks associated with climate change comprise both physical risks related to changes in climate parameters (which could directly affect the facilities or the services rendered by Redeia) and transition risks (related to changes stemming from the fight against climate change: regulatory, technological, market, and reputational aspects).

In 2018, Redeia started implementing the recommendations of the Task Force on Climate-Related Financial Disclosures (TCFD) to enhance the management of risks related to climate change. Since then, significant steps have been taken for the development and improvement of this implementation. For example, reviewing the governance model and developing a specific methodology for its identification, prioritisation, and economic quantification. All this considering different scenarios and time frames, methodology reviews, or expanding the analysis to businesses in Latin America and telecommunications.

Tax risks

Our Comprehensive Risk Management System includes relevant tax risks and mechanisms for their mitigation, control, and management.

Find out more about them in our Tax Transparency section

Risk culture

Awareness, training and sensitization are fundamental elements for the development of a risk culture that adapts to the needs and responsibilities of Redeia's functional areas and affected areas.

The company strengthens the risk culture through the continuous development of dissemination, awareness and training actions on the relevance and strategic nature of the Integrated Risk Management System for the members of the organization, among which the following stand out:

  • Inclusion of risk criteria in the development of products and services. Before entering a tender, a risk analysis is performed by Redeia in order to determine whether it is appropriate to proceed with the tendering process.
  • Specific training in relevant areas such as occupational risk prevention, environmental, human rights, cybersecurity, ethics and compliance.
  • Organization of forums aimed at specific groups of the organization with a special involvement in risk management.
  • Publication of informative news on the corporate website and on the intranet.
  • Specific sessions for members of the management body on risk management where both financial and non-financial risks are analyzed.

Redeia provides the company's professionals with the necessary tools to manage possible risk situations in the development of their functions and responsibilities, as well as the appropriate means to communicate any issue related to risks.