This section contains, among other issues, the information required by Article 123-bis, paragraph 2, letter b) of Legislative Decree No. 58 of February 24, 1998 (“CFA”). The company, not having issued shares admitted to trading on regulated markets or on multilateral trading systems, avails of the option under paragraph 5 of Article 123-bis of the CFA to not publish the information required of paragraphs 1 and 2 of Article 123-bis of the law, except for that required by the above-stated paragraph 2, letter b).
The Corporate Governance System of Società per azioni Esercizi Aeroportuali S.E.A. (“SEA” or the “Company”) involves a set of rules which meet applicable legal and regulatory requirements. The Corporate Governance system of the company is based on the traditional administration and control model as per Articles 2380-bis and subsequent of the Civil Code, therefore with two corporate boards appointed by the Shareholders’ Meeting – the Board of Directors, which undertakes the management of the Company, and the Board of Statutory Auditors, which is required to ensure financial control, together with the Shareholders’ Meeting itself, which represents the common interests of Shareholders.
SEA has complied with since June 27, 2001 the Self-Governance Code for listed companies issued by the Corporate Governance Committee of Borsa Italiana S.p.A. (the “Self-Governance Code” or the “Code”). Although compliance with the Code is voluntary, SEA applies a significant portion of the recommendations in order to ensure an effective corporate governance system which appropriately assigns responsibilities and powers and supports a correct balance between management and control.
The Company therefore annually prepares on a voluntary basis the Corporate Governance and ownership structure report, which outlines the Corporate Governance structure adopted by SEA and provides information on the means for the implementation of the recommendations of the Self-Governance Code. The report is available on the website www.seamilano.eu.
The company is not subject to management and co-ordination pursuant to Article 2497 and subsequent of the Italian Civil Code.
The Board of Directors of SEA has set up internally two Committees established under the Self-Governance Code undertaking proposing and consultation functions for the Board of Directors:
- The Control and Risks Committee, to which the Board of Directors of SEA on July 31, 2018 assigned functions regarding the sustainability topics, changing its name to the “Control, Risks and Sustainability Committee”;
- The Remuneration and Appointments Committee.
The Committees comprise non-executive Directors, the majority of whom independent. The prerogatives of the Committees are established by motions of the Board of Directors, based on the recommendations and principles of the Self-Governance Code; at the Committee meetings minutes are prepared and maintained by the Company.
The Shareholders' Meeting is the body that, through its resolutions, expresses the shareholders wishes. The Shareholders’ Meeting approves the most important decisions of the Company, among which, the appointment of the Corporate Boards, the approval of the financial statements, and any changes to the Company By-laws.
The Board of Directors shall have the widest powers of administration over the company: it in particular may carry out any and all acts it deems appropriate for attaining the corporate scope, with the sole exclusion of those attributed by law and the by-laws exclusively to the shareholders’ meeting. The Board of Statutory Auditors is the company’s Control Board. The Board of Statutory Auditors verifies compliance with law and the By-Laws and the principles of correct administration and in particular on the adequacy of the administration and accounting organisation adopted by the Company and on its correct functioning. The accounting control functions are assigned to the Independent Audit Firm appointed by the Shareholders’ Meeting.
The Board of Directors on December 20, 2018 appointed Director Michaela Castelli as its Chairperson, in replacement of the resigning Pietro Modiano. Therefore, at the date of this report, the Board of Directors comprises of 6 members and shall remain in office until the approval of the 2018 Annual Accounts.
The Board of Statutory Auditors in office at the date of the present report was appointed by the Shareholders’ Meeting of May 4, 2016 in accordance with the Company By-laws and remains in office until the approval of the 2018 Annual Accounts.
The Internal Control and Risk Management System is based on the recommendations of the Self-Governance Code and applicable best practice. Therefore, one of the instruments adopted by the company is the Organisation and Control Model as per Legislative Decree 231/01. SEA and its subsidiaries have therefore each drawn up a “Mapping of risks” in order to adopt organisation, management and control models as per Legislative Decree 231/2001 (separately the “Model” and collectively the “Models”), effective and adequate in view of the specific needs of the respective companies and the particular nature of their business, with the principal aim of preventing the offenses set out by the applicable regulation. The Model is constantly updated in line with legislative amendments regarding the introduction of new offenses.
The Corporate Governance System of SEA also involves procedures governing the activities of the various company departments, which are consistently subject to verification and updating in line with regulatory developments and altered operating practices.
Internal Control and Risk Management System
Introduction
The Internal Control and Risk Management System is represented by the set of instruments, rules, procedures and corporate organisational structures to ensure compliance with regulatory provisions, the By-Laws, reliable and accurate financial reporting and the safeguarding of corporate assets in line with the corporate objectives defined by the Board of Directors. The latter is responsible for the internal control and risk management system which, on the basis of information provided to the Chairperson and to the Control, Risks and Sustainability Committee by the departments/bodies responsible for internal control and the management of business risks, establishes the guidelines, verifies their suitability and effective functioning and ensures the identification and correct management of the main business risks.
The procedures and organisation subject to the internal control and risk management system is implemented in order to ensure:
- compliance with the laws, regulations, By-Laws and policies;
- the safeguarding of the company’s assets;
- the efficiency and effectiveness of the business processes;
- the reliability of financial disclosure.
Main features of the risk management and internal control systems in relation to the financial reporting process contained in the financial statements and in the half-year report
SEA’s Internal Control System on financial reporting ensures the exchange of data and information with its subsidiary companies and implements its coordination. In particular, this activity is carried out through the dissemination, by the SEA parent company, of regulations on the application of the accounting policies for the preparation of the SEA Group consolidated financial statements and the procedures regulating the drafting of annual and consolidated financial statements and half-year financial statements and reports. The setting of controls occurs at the end of a process carried out by the SEA parent company according to a targeted approach to identify the individual organisational entities’ typical critical issues that could have significant impacts on financial reporting.
Description of the risk management and internal control systems’ main features in relation to the financial reporting process
As regards the financial reporting process, the risk management system should not be considered as distinct from the internal control system. The System is intended to ensure the trustworthiness, accuracy, reliability and timeliness of financial reporting.
The Risk Management and Internal Control System’s monitoring process over financial reporting is divided into the following phases:
- Identification of risks on financial reporting: the activity is carried out with reference to the SEA separate financial statements and the SEA Group consolidated financial statements, taking qualitative and quantitative aspects into account primarily for the selection of the relevant companies to be included in the analysis and, thereafter, of significant transactions.
- Assessment of risks on financial reporting: risks are assessed in terms of the potential qualitative and quantitative impact. Risk assessment is carried out at both the individual company and specific process levels.
- Identification of controls implemented to mitigate previously-identified risks, both at the individual company and process levels.
The governance of the SEA Group Enterprise Risk Management model defines a second level of risk management control in the ERM division, established in January 2018, reporting to the Chief Financial and Risk Officer with the aim of supporting corporate structures in the identification and management of corporate risks and at the same time, to guarantee periodic reporting to top management on the risk profile’s development, based on the principle that the management of risk involves all levels.
This means that, with the support of risk specialists and the ERM division, corporate and line managements are the primary owners of the identification, assessment and management of the risks for which they are responsible. Top management then periodically reviews the overall company risk profile and opportunely orients the management of the main emerging risks, approving proposed response plans in line with the strategic objectives and corporate risk propensity defined by the Board of Directors.
The described Internal Control and Risk Management System’s components are mutually coordinated and interdependent and the System as a whole involves - with different roles and according to a rationale of collaboration and coordination - administrative bodies, supervisory and control bodies, and the company and SEA Group management. The SEA Board of Directors has not appointed an executive director responsible for overseeing the functionality of the internal control and risk management system.
Functions of the Control, Risks and Sustainability Committee
The Committee performs advisory and recommendation functions to the Board of Directors on internal control and risk management. The CRSC identifies business risks and submits them for examination by the Board of Directors, and finally implements the Board’s guidelines through the internal control system’s definition, management and monitoring. The Control, Risks and Sustainability Committee also examines and approves the Annual Audit Plan.
The Committee also fulfils the functions of Related Parties Committee (except for transactions concerning matters that are the exclusive prerogative of the Remuneration and Appointments Committee) and, since July 31, 2018, the sustainability topic functions.
Internal Audit Manager
The audit on the suitability and functionality of the Internal Control and Risk Management System is entrusted to the Internal Audit Department. The Internal Audit Manager reports to the Chairperson and to the Control, Risks and Sustainability Committee; he/she is not responsible for any operational area and does not hierarchically report to any manager responsible for operational areas, including the administration and finance areas. The Internal Audit Manager audits the functionality and suitability of the internal control and risk management system and compliance with internal procedures issued for this purpose. The Internal Audit Manager has autonomy in expenditure and extends his/her activities to all the companies in the SEA Group through specific service contracts. Similarly, the SEA Internal Audit Department reports hierarchically to the Chairman and functionally, to the Board of Directors. The Internal Audit Department is entrusted with auditing the effectiveness, suitability and upkeep of the Organisation and Management Model pursuant to Legislative Decree No. 231/2001, on the instructions of the SEA Supervisory Boards and the subsidiary companies. The Auditing Department was also assigned, with Board of Directors’ motion of February 22, 2018, the responsibility to check the adequacy and effective implementation of SEA’s Corruption Management and Prevention System, certified as per the UNI ISO 37001:2016 standard.
Independent Audit Firm
Deloitte & Touche SpA is the Independent Audit Firm appointed to audit the separate and consolidated annual financial report, to periodically verify corporate accounting practices and to carry out the limited audit of the SEA consolidated half-year financial report. The appointment was conferred by the Shareholders’ Meeting on June 24, 2013 and extended to financial year 2022 by the Shareholders’ Meeting of May 4, 2016. The Board of Statutory Auditors and the Independent Audit Firm regularly exchange information and data in relation to the controls carried out.
Supervisory Board as per Legislative Decree 231/2001
The Supervisory Board, appointed by the Board of Directors and in office at December 31, 2018, is composed of three members: two external independent members - Alberto Mattioli (appointed on May 4, 2016) and Giovanni Maria Garegnani (appointed on January 25, 2018) and the Auditing Department Manager - Ahmed Laroussi (appointed on May 4, 2016). The non-executive member of the Board of Directors, Michaela Castelli, appointed on May 25, 2017, resigned on December 20, 2018, as becoming Chairperson of the Board of Directors.
On February 8, 2018, the Board of Directors appointed Giovanni Maria Garegnani as Chairperson.
The Supervisory Board regularly reports to the Board of Directors on the Model’s effectiveness, its suitability and upkeep. It sends a written report to the Board of Directors every six months on the 231 Model’s implementation status and, in particular, on controls and audits performed and on any critical issues that emerged.
The Supervisory Board has autonomous powers of initiative, control and expenditure.
Organisation, Management and Control Model pursuant to Legislative Decree 231/2001
SEA has adopted an Organisation and Management Model pursuant to Legislative Decree 231/2001 – which lays down the "Rules on the administrative liability of legal persons, companies and associations, including those without legal status" (the "Decree") to prevent the offences envisaged by the Decree. The Model is, therefore, adopted in compliance with the Decree’s provisions. The Model was adopted by the SEA Board of Directors by motion of December 18, 2003 and more recently amended and supplemented by the motion of the Board of Directors of June 28, 2018. The Model was therefore updated in line with the offences set out in the Decree. The Model consists of a “General Section”, a "Special Section” and individual “Components”. SEA’s subsidiary companies have adopted their own Organisation and Management Model pursuant to Legislative Decree 231/2001.
Related Parties Transactions Policy
The company has adopted a Related Parties Transactions Policy (the “RPT Policy”), in effect since February 2, 2015. The Policy was updated by Board of Directors’ motion of February 22, 2018.
The RPT Policy is also available on the company’s website www.seamilano.eu.
In assessing the substantial and procedural correctness of transactions with related parties, the Board of Directors is assisted by the Related Parties Committee which is identical to the Control, Risks and Sustainability Committee or the Remuneration and Appointments Committee, depending on the matters dealt with from time to time.
Code of Conduct
The applicable Code of Conduct, approved by the Board of Directors on December 17, 2015 and updated on December 11, 2018, is an integral part of the Organisation and Management Model pursuant to Legislative Decree 231/2001.
The Code of Conduct forms part of the broader "Ethics System" adopted by the Board and defines the framework of the reference values and principles which the SEA Group proposes to adopt in the corporate decision-making process.
The main duties of the Ethics Committee, composed of a member of the SEA Board of Directors and the "Human Resources and Organisation", "Legal and Corporate Affairs" and "Audit" departmental managers, is to promote the Code of Conduct’s dissemination and to monitor compliance thereof.
Anti-Corruption Focal Point
With effect from January 31, 2014, the company identified an anti-corruption focal point in the person of the Legal & Corporate Affairs Director who is also a member of the Ethics Committee.
The anti-corruption focal point deals with any communication on corruption, including toward third parties; the role, prerogatives and responsibilities are therefore not comparable with those provided for by applicable legislation in relation to the Anti-Corruption Manager (namely, the person in charge pursuant to Law 190/2012).
Management system for the prevention of corruption (UNI ISO 37001:2016 certified)
SEA, confirming its commitment to the prevention and combatting of illegal practices, has adopted a System for the Prevention of Corruption, approved by the Board of Directors on February 22, 2018, which integrates, using an organic framework, existing company corruption prevention and combatting tools.
SEA’s Management System for the Prevention of Corruption was certified on March 8, 2018 according to the UNI ISO 37001:2016 “Anti-bribery Management System” standard.
Diversity policies
Article 123(bis), paragraph 2 of Legislative Decree No. 58/1998 sets the obligation to describe the Company's policies on the composition of the administrative, management and governing bodies, taking into account aspects such as age, gender, professional and educational background. For cases where no policy has been adopted, there is a requirement to explain this decision. SEA’s By-Laws, in compliance with the legislative provisions, comprehensively cover gender diversity within the Board of Directors and Board of Statutory Auditors; in relation to aspects such as age and training, the Board of Directors on February 22, 2018 decided to introduce assessments concerning the adoption or otherwise of a diversity policy also for these aspects.
Following these assessments, the Board of Directors on February 1, 2019 recommended to the incoming Board of Directors, to be appointed by the Shareholders’ Meeting which will approve the 2018 Annual Accounts, consideration of the matter and motions thereon, also in view of the above-mentioned assessments.