Risk domains: in consideration of the materiality analysis on sustainability issues, the Enterprise Risk Management System identifies and manages non-financial risks related to the following areas: social; employees; environmental; governance and compliance; human rights.

The ENAV Group employs an Enterprise Risk Management System through which it monitors and manages risks, in terms of threats and vulnerabilities, in relation to approximately twenty different financial and non-financial domains.

Periodic risk assessment activities make it possible to assess risk exposure both in qualitative and quantitative terms, to define specific propensity and tolerance thresholds and, as a result, to draw up the related remedial actions.

Enterprise Risk Management complies with the guidelines on the Internal Audit and Risk Management System (SCIGR) and is assisted by the Risk Control and Related Parties Committee.

The various organisational, operational and internal standards are accompanied by a constant commitment to spreading the culture of risk and risk-based management throughout the various levels of the company.

The main non-financial risks are reported below. The manner in which they are managed will be discussed in more detail in the sections addressing those specific risks.

Risks associated with air navigation services

The Group is constantly committed to guaranteeing the highest level of security in the services it offers by systematic management of safety (flight safety) and security (information security and physical security) and through the continuous development of innovative technology and infrastructure. In the provision of air navigation services, ENAV is subject to requirements to ensure safety and security. The international, European and national standards governing safety and security require the Company to establish standards and objectives to mitigate the risk associated with breaches of security and to take measures to restore safety levels.

In view of the foregoing and taking account of the fact that impacts that can be generated by the occurrence of risk events associated with the provision of air navigation services also affect the image and the reputation of the ENAV Group, all the necessary actions for achieving and maintaining the intrinsic level of risk inherent in the nature of the services we provide, in other words the level of risk that cannot be mitigated further through preventive actions, must be considered as a priority.

Furthermore, through its services, which are characterised by the application of the most innovative operating concepts, ENAV aims to meet airlines needs in terms of flight affordability (punctuality, fuel economy, etc.), cultivating the relationships through its Customer Relationship Management Unit.

Risks associated with personnel

For the ENAV Group, human and organisational capital are one of the key factors for maintaining levels of excellence, in terms of safety, operational capacity and environmental impact, in the provision of regulated and unregulated services, and serve as strategic assets in cementing the Group’s status a top performer at international level.

Therefore, the Group’s priority is to ensure that, over time, its human resources are always appropriate in relation to the internal operating model. This translates into a commitment to ensure that the skills of operational and non-operational personnel are constantly aligned with the operating models adopted, in order to guarantee the achievement of institutional and business objectives. The new leadership model is defined with specific reference to the assessment and development of resources, the cultivation of talent and the involvement and alignment of personnel.

Workplace health and safety is managed at Group level in compliance with the requirements set out in Legislative Decree 81/2008 as amended, through organisational5 and procedural safeguards (e.g. the operational control activities envisioned within ENAV’s and Techno Sky’s certified6 SGSSL management systems) that make it possible to adequately manage all the potential risks to which the Group’s employees are exposed (e.g. depending on the type of working activity, risks may include noise, electromagnetic fields, ionizing radiation, fire, working at high elevations and work-related stress).

Another aspect covered by workplace health and safety relates to travel security, or the management of the professional and security risks of ENAV personnel working abroad. This risk is managed both in relation to security awareness for personnel working abroad, and in relation to workplace health and safety (job responsibilities, medical and epidemiological aspects). The ENAV Group mitigates the risk of trade union disputes through a dedicated labor relations department. In particular, all the necessary measures for mitigating the impact of any strikes are adopted, based mainly on regulatory and legislative instruments and with the coordination with external stakeholders.

Risks associated with environmental protection

The non-industrial nature of the Group means that the environmental protection controls are mainly focused on the management of special waste, electromagnetic pollution and radiogenic sources, with a systemic management approach that looks beyond regulatory compliance. Environmental principles are also taken into account in the supply chain through organisational and operational controls (e.g. assessments of the services provided by suppliers, requiring that the principles of ENAV’s code of ethics be adopted by suppliers, etc.).

Risks associated with governance and compliance issues

ENAV constantly monitors developments in the regulatory framework in order to ensure timely and effective compliance with the legislative and regulatory framework, adopting best practices in this field and adjusting responsibilities, processes and organizational, governance and control systems as necessary.

The current national and international regulatory landscape offers a particularly complex picture accompanied by a constant and rapid increase in regulation, requiring investments in resources and processes in order to monitor relevant issues. This context envisages a series of obligations and requirements for the directors and managers of companies, including those deriving from Legislative Decree 231/01 on corporate administrative liability, Legislative Decree 81/08 on workplace health and safety, Law 262/05 on the protection of savings and the regulation of financial markets, Legislative Decree 152/06 on the definition of the system of powers of attorney and the delegation of functions in environmental matters, Regulation (EU) 2016/679 on data protection, Legislative Decree 254/16 on the disclosure of non-financial information, the regulations governing market abuse introduced with Legislative Decree 107/18 amending the Consolidated Law (Legislative Decree 58/98), Legislative Decree 50/16 on public contracts for works, supplies and services, with regard to the adoption and implementation of an anti-bribery management system.

ENAV constantly monitors developments in the regulatory framework in order to ensure timely and effective compliance with the legislative and regulatory framework, adopting best practices in this field and adjusting responsibilities, processes and organizational, governance and control systems as necessary.

The Group maintains a collaborative dialogue with national and European institutions and with the governing and regulatory bodies of the sector. In particular, the Group has identified the risk of corruption among those to which it is exposed, both in relation to the operating context in which it operates at national level, and in relation to business development initiatives in foreign countries.

The Board of Directors approved the “Code of Conduct for the prevention of corruption” (the Anti-Corruption Code). The implementation of this Code is obligatory both for ENAV and for all the companies it controls and is part of a structured internal body of law consisting of policies, procedures, guidelines and regulations that govern the individual reference areas in more detail and to which internal personnel must comply.

Risks associated with safeguarding human rights

Given the nature of the activities carried out by the Group, there are no particularly significant risks relating to human rights violations, as defined in the United Nations’ Universal Declaration of Human Rights of 1948. However, there are other risks which fall within the broader definition of human rights and are typically inherent in business activity (managed according to regulatory requirements or dedicated initiatives). Such risks may concern discrimination in the workplace (addressed under the initiatives of the Equal Opportunities Committee) and the violation of the right to privacy and worker safety of the worker. However, much attention is paid to compliance with social criteria in the supply chain and in commercial operations, in consideration of the international activities in which the Group is engaged.

A single Group unit was created to handle HSE issues. 
2 In conformity with BS OHSAS 18001:2007.