In a context characterised by a high level of operational and regulatory complexity and the need to compete more and more efficiently in the reference markets, risk management and the related control systems take on a central role in the decision-making processes, with a view to creating long-term value to the benefit not only of the shareholders, but also in consideration of the interests of the other stakeholders of relevance to the company.
The Poste Italiane’s Internal Control and Risk Management System (SCIGR) is a combination of tools, procedures, rules and organisational structures, designed to ensure that the business is managed in a way that is sound, fair and consistent with the corporate objectives, and to pursue sustainable success, through an adequate definitions of players, duties and responsibilities of the various corporate bodies and control functions as well as through the identification, measurement, management and monitoring of the main risks, and through the structuring of adequate reporting lines to expedite the flow of information.
This system is a fundamental element of Poste Italiane’s corporate governance system, as it enables the Board of Directors to guide the Company in its pursuit of long-term value creation, defining the nature and level of risk compatible with its strategic objectives, and including in its assessments all elements that may be relevant to sustainable success. In particular, in line with the main leading practices that place particular emphasis on the integration of sustainability into strategies, risk management and remuneration policies, Poste Italiane’s SCIGR aims to contribute to the Company’s sustainable success by defining ESG roles and responsibilities, information flows between the players involved in the internal control system and towards corporate bodies, and the methods of managing the related risks. Moreover, in order to achieve this objective, the Company has decided to promote dialogue with the relevant stakeholders (Multistakeholder Forum153), in order to ensure a constant exchange of views on business strategies and their implementation.
In line with statutory requirements and the related best practices, the SCIGR consists of three levels of control and involves a range of actors within the organisation. The first-level control units identify, assess, manage, and monitor those risks for which they are responsible, and in respect of which they identify and implement specific actions aimed at ensuring operational compliance. The second-level control units, whose role consists primarily of defining risk management models and carrying out monitoring activities, play a key role in the integration and overall functioning of the Internal Control and Risk Management System. The third-level controls, managed at Poste Italiane by the Internal Auditing function, provide independent assurance on the adequacy and effective operation of the first and second levels of control and, in general, on the SCIGR.
