The Internal Control and Risk Management System (ICRMS) is a set of tools, organisational structures, regulations and business rules put in place to facilitate the sound management of the Company in line with the business goals set by the Board of Directors. It provides proper means for the identification, measurement, management and monitoring of risks, while also ensuring that information is circulated as appropriate.
Products and Services
Eni for you
Our energy at your service.
For your business
Energy solutions for large and small businesses.
ICRMS Actors and the three levels of control
The Eni ICRMS is structured along the following three levels of internal control:
- first level of control: identifies, assesses, manages and monitors the risks for which it is responsible, for which it identifies and implements specific management actions;
- second level of control: monitors the main risks in order to ensure the effectiveness and efficiency of their management; also responsible for monitoring the appropriateness and operation of controls implemented for the main risks. It also provides support to the first level in defining and implementing adequate systems for managing the main risks and the associated controls;
- third level of control: provides independent, objective assurance on the appropriateness and effective operation of the first and second control levels and, more generally, on the Eni ICRMS as a whole.
The structure of the first and second control levels is consistent with the size, complexity, specific risk profile and with the regulatory environment in which each company operates.
The third level of control is exercised by the Internal Audit Unit of Eni SpA, which, on the basis of a centralised model, performs its controls using a risk-based approach to the overall Eni ICRMS, monitoring Eni SpA and the subsidiaries.
22/05/2023 - 10:00 AM
To ensure the integrity, transparency, propriety and effectiveness of its processes, Eni adopts rules for the performance of business activities and the exercise of powers, guaranteeing observance of the general principles of traceability and segregation.
Each component of that system is supplemented by the Company’s Code of Ethics, which identifies the fundamental values, among others, of the formal and substantive legitimacy of the conduct of the members of corporate bodies and all employees, and transparency, also in term of accounting, and the dissemination of a mentality directed at the exercise of control.
Eni is fully aware that investors rely on the full compliance of the corporate bodies, management and employees with the set of rules making up the corporate internal control system.
On July 28, 2010, Eni’s Board of Directors approved the basic guidelines for the New Eni Regulatory System, with the goal of rationalising, supplementing and simplifying Eni’s regulatory system.
On June 23, 2016 Eni’s Board of Directors approved an update of the Fundamental Guidelines to bring the Regulatory System into line with Eni’s current organisational structure, better integrating it with corporate processes and making it easier or the subsidiaries to use.
23/01/2023 - 10:00 AM
Anti-Corruption Compliance Program
In line with the values expressed in its Code of Ethics, Eni firmly condemns any form of corruption, which, besides being an illegal practice, represents an enormous barrier to sustainable development, distorts fair competition and destroys the reputation of companies.
Anti-Corruption regulations and controls
In line with the “zero tolerance” principle expressed in the Code of Ethics, Eni addresses the risks that the company faces in carrying out its business activities with an articulated system of rules and controls for the prevention of corruption and also instrumental to the prevention of money laundering in the context of the non-financial activities of Eni SpA and its subsidiaries (“Anti-Corruption Compliance Program”). Eni’s Anti-Corruption Compliance Program, developed in accordance with applicable anti-corruption provisions and international conventions, is characterized by its dynamism and constant attention to the evolution of the national and international regulatory landscape and best practices. Eni’s experience in anti-corruption and money laundering issues evolves also through ongoing participation in international conferences and workshops that help Eni to grow, promote and spread its values (PACI, B20, United Nations Global Compact, Foundation Global Compact Network Italy, O&G Compliance Attorney Group and OECD).
Current anti-corruption regulations of Eni are outlined in the Anti-Corruption Management System Guidelines (hereafter “MSG”) that identifies areas at risk of corruption and money laundering and sets out the general principles to be observed in conducting activities in such areas, as well as specific anti-corruption and bribery tools detailing the applicable regulations for the management of individual business processes at risk of corruption and money laundering.
Adoption and implementation
The adoption and implementation of the Compliance Program is mandatory for Eni SpA and all its subsidiaries in Italy and abroad, each of which adopt it by resolution of the Board of Directors. Companies or entities in which Eni does not have a controlling interest are also required to comply with the standards set out in the anti-corruption regulations, as well as maintaining an adequate internal control system, in line with the provisions of anti-corruption laws.
In the case of third parties or transactions presenting higher profiles of corruption and/or money laundering risk, Eni may require to the third parties the adoption/ maintenance and implementation for the entire duration of the contract of a compliance program to manage the activities at risk in line with Eni’s standard.
The Anti-Corruption and Anti-Money Laundering Compliance Function
To ensure the effectiveness of Anti-Corruption Compliance Program, a dedicated organisational structure was created, with the task of providing specialized centralized anti-corruption and anti-money laundering assistance to Eni and its unlisted subsidiaries in Italy and abroad. It is managed directly by the “Integrated Compliance” Function, which in turn reports directly to the Chief Executive Officer of Eni SpA.
In order to preside over possible criticalities, Eni's Anti-Corruption Compliance Program provides for the implementation and the periodic updating of the due diligence on the potential counterparties at risk in order to check the reputational ethics background and the existence of Red Flag both in terms of corruption and money laundering. The due diligence must be initiated promptly and, however, must be completed before any commitments are undertaken with the counterparties at risk. As part of this due diligence activity, the reconstruction of the ownership structure is carried out - according to a risk-based approach - through the identification of all the subjects (natural and legal persons) who hold, directly or indirectly, individually or collectively, shares/quotas of the potential counterparty. Such reconstruction must, as far as possible through the information tools available, aim at identifying 100% of the shareholdings. In any case, the extent of the collection of information relating to the ownership structure may depend on specific circumstances - such as the notoriety of the potential counterparty checked through due diligence, his knowledge gained on the basis of previous relationships, the importance of the transaction, the risk level of the Country in which the operation will be carried out and, in general, the perceived risk level – to be assessed with the support of the Anti-Corruption and Anti-Money Laundering Function.
This activity is carried out by Eni, acting as Data Controller, in accordance with the provisions laid down in the Regulation (EU) 2016/679 ("GDPR") and the principles of correctness and transparency, purpose, accuracy, minimization, preservation, integrity and security, empowerment and protection of the rights of the person concerned.
Combating corruption and money laundering also through training
Conscious that the first element for the development of an effective anti-corruption and money laundering strategy is a knowledge of available prevention tools, Eni promotes the dissemination of the culture of compliance through various internal communication initiatives and a comprehensive awareness raising and training initiative, based on a structured and compulsory periodic training program on anti-corruption and anti-money laundering for all Eni employees. In particular, an online (“e-learning”) training program, classroom-based training sessions (“general anti-corruption workshops”) and “job specific training” for professional areas at specific risk of corruption. In these courses an overview of the anti-corruption and anti-money laundering laws applicable to Eni is provided along with an explanation of the tools to identify areas of corruption and money laundering risk and to apply the control activities that Eni has defined in relation to these areas. Moreover, a description of the reporting methodologies, including whistleblowing, related to any suspected or known violation of anti-corruption and anti- money laundering laws or of Eni's Anti-Corruption Compliance Program is provided.
In order to optimize the identification of the recipients of the various training initiatives, a methodology is used for the systematic segmentation of Eni people on the basis of the level of risk of corruption based on specific risk drivers.
Eni guarantees the communication of the MSG Anti-Corruption to third parties at risk through specific contractual clauses and/or declarations and promotes, as far as is reasonable under the circumstances, training and awareness-raising initiatives dedicated to them.
In particular, starting in 2018, the Anti-Corruption and Anti-Money Laundering Compliance Function started the anti-corruption training program, both online and in the classroom, for some categories of third party at risk. The aim of this program is to raise the third parties awareness on the issue of corruption and in particular on how to recognize corrupt behavior and how to prevent the violation of anti-corruption laws in the context of their professional activity.
Recognition for Eni’s Anti-Corruption Compliance Program
The Anti-Corruption Compliance Program of Eni SpA it is certified in accordance with ISO 37001: 2016 "Antibribery Management Systems".
Eni SpA is the first Italian company to have received this certification in January 2017, for the maintenance of which it is annually subjected by the certifying body to surveillance (twice every three years) and recertification audits (once every three years), which have always concluded with a positive outcome.
Privacy Information Notice on Due Diligence process
Privacy Information Notice on Outbound Hospitality
24/03/2023 - 10:00 AM
The discipline of the “administrative liability of legal entities deriving from offences” (Legislative Decree 8 June 2001 no. 231), on which Eni’s Model 231 is based, provides that companies may be subject to fines or other punishments for offences committed or attempted – in Italy or abroad – in the interest/for the benefit of the company by its representatives, Directors or managers, or one of its financially and functionally autonomous organizational units. This also applies to those with even de facto management and control responsibilities (such as senior managers) and to anyone subject to the direction or supervision of all the people mentioned above.
Since 2004, Eni’s Board of Directors has adopted and constantly update its own 231 Model.
Eni’s Model 231 consists of a “general section” containing the architectural and governance principles of the organizational model and a "special section" that identifies the company processes, Sensitive Activities (business activities which may entail the risk of committing crimes underlying corporate liability) and the relative control standards set up to oversee them.
When the Model 231 was adopted, the relative 231 Supervisory Body was established to monitor the Model’s effectiveness and adequacy, and to report on its implementation to the top management. The responsibility for updating Model 231 lies with the Chief Executive Officer, who has already been entrusted with its implementation. The amendments to the general section follow different procedures according to the chapter to be modified.
Eni encourages the adoption and the effective implementation by all the subsidiaries of adequate systems to prevent the risks of corporate responsibility arising from crime. To this regard, Eni internal regulatory system ensure that all Italian subsidiaries of Eni adopt, in the management of the activities at risk of corporate liability, control principles and instruments that are consistent with those set out in Model 231.
The representatives designated by Eni in the corporate bodies of the companies or entities where Eni does not have a controlling interest shall promote the adoption of systems to prevent the risk of corporate responsibility deriving from a crime, consistently with the measures adopted by Eni.
Model 231: general standards of transparency
Model 231 - and for foreign Subsidiaries the Compliance Model - are based on the following general standards of transparency, which both Eni and Eni's Subsidiaries, in Italy and abroad, and third parties are required to comply with, in accordance with the wording set out in appropriate contractual clauses/statements:
- Segregation of duties: there must be a segregation between who performs, who controls, and who authorises activities, namely a separation of duties and responsibilities so as to avoid any concentration of incompatible activities with the same person and the creation of risk conditions regarding the reliability of the information and correctness in performing such activities;
- Regulations: there must be company regulations and formalised procedures providing at least the general reference principles for governing the Sensitive Activity (principles of conduct, roles, responsibilities, activities, operating modalities and controls relating to the management of the Sensitive Activity);
- Powers of signature and authorization: with regard to the people assigned to manage Sensitive Activities, there must be formalised rules for exercising the signing powers and internal powers of authorisation that are appropriate to guarantee that these powers are assigned in coherence with the tasks, roles and responsibilities defined by the company organisation chart and the organisational documentation;
- Traceability: the persons, functions involved and/or the computer information systems used must ensure the identification and reconstruction of the sources, the information elements and the controls performed in support of formulating and implementing the Company decisions and the ways of management of the financial resources.
21/07/2022 - 10:00 AM
Transactions involving interests of Directors and Statutory Auditors and transactions with related parties
Eni’s Board of Directors approved rules to ensure procedural transparency and probity relating to all transactions in which a director or a statutory auditor has an interest, as well as transactions with related parties.
The rules, which distinguishes the discipline of the transactions due to their relevance, incorporates relevant Consob Regulations, extending them to all transactions carried out by subsidiaries with related parties of Eni with the aim of providing protection, extending also the definition of related party.
The Board of Directors gave a central role to independent directors appointed to the Control and Risk Committee, or to the Remuneration Committee in case of transactions on remunerations.
In order to ensure the effective monitoring of operations, the CEO is required to present to the Board of Directors and to the Board of Statutory Auditors, bi-monthly and six-monthly, details on the operations carried out during the reporting period. With regard to public disclosure, the relevant provisions of the Consob Regulations have been fully adopted.
The rules were lastly amended on 27 May 2021, mainly in order to adapt it to Consob Resolution No. 21624/2020, also with reference to the definition of “related party” and to the other definitions functional to the application of the discipline, to ensure alignment with the international accounting standards in force at the time. A reference to the new sanctioning discipline has been envisaged and the evidence deriving from the application experience has been incorporated.
Management System Guideline
Information document related parties and art 71 issuers reg. disposal shareholding of Snam
02/05/2023 - 15:00 PM
Antitrust Compliance Programme
In order to ensure compliance with antitrust rules, which are included among the rules of law protecting fair competition expressly referenced in the Code of Ethics, Eni has adopted specific measures to raise the awareness of antitrust rules within Eni and its Italian and foreign subsidiaries as well as to ensure adequate safeguards to prevent antitrust infringements.
With a view to continuous improvement, these rules have been subsequently updated and most recently transformed, in April 2017, into the Antitrust Compliance Programme, as formalized in the Management System Guideline Antitrust (Antitrust MSG), which applies to Eni and its subsidiaries. In addition, Eni undertakes to exert its influence in the entities in which it does not hold a controlling interest to have them adopting guidelines similar to those of the Antitrust MSG.
As foreseen in the Antitrust Compliance Programme, a specific unit in the company is responsible for assessing the compliance of business initiatives with antitrust rules – identifying the antitrust risks possibly related to the business initiatives and setting out possible mitigating measures – as well as for periodically conducting analyses of the adequacy of the Antitrust Compliance Programme, taking into account the risks faced and the relevant guidelines and best practices, also with a view to suggest possible improvements.
The same unit also takes care of antitrust training initiatives.
02/14/2020 - 10:00 AM
Market Abuse - Market Information Abuse (Issuers) Procedure
Eni recognizes that information is a strategic asset and as such it must be managed to safeguard the interests of the Company, its shareholders and the market.
The Eni Board of Directors approved the Market Information Abuse (Issuers) Procedure, acting on a proposal from the CEO, with the favourable opinion of the Control and Risk Committee.
The Procedure, updating for the “issuers” Eni’s previous procedure, incorporates the amendments introduced by the European Regulation No. 596/2014/EU of 16 April 2014 and by the related implementing Regulations, as well as by national laws, taking into account the Italian and foreign institutional positions.
The Procedure, in tracing the evolution of “company information” within Eni, regulates the principles of conduct for preserving its confidentiality, in order to ensure that members of the corporate bodies, employees and people working on behalf of Eni respect these principles while performing the duties assigned, as set out also in Eni's Code of Ethics and in the corporate security measures.
- defines the principles of conduct for internal management and external communication of “corporate information” and, in particular, of “inside information”, including those directly affecting Eni, as recommended also by the Italian Corporate Governance Code, retracing the prohibitions on abuse and unlawful communication of inside information and related sanctions;
- describes the information and authorization flows, identifying roles and responsibilities related to the qualification of information as "inside information”, and, subsequently, for the preparation of press releases, so that the inside information is communicated to the public as soon as possible or is exceptionally activated the delay procedure subsisting the conditions of law; the Procedure also defines the rules for acquiring from the subsidiaries the data and information necessary to provide adequate and timely information to the public;
- as recommended by Consob (the Italian Commission for Companies and Stock Exchange), regulates the monitoring of the evolution of information until it becomes “Eni inside information”, starting from the mapping of the types of relevant information and identifying the safeguards for the segregation and confidentiality of information (including "Relevant Information List" and " Insider List");
- regulates general behavioral obligations on transactions involving Eni securities (in particular, "Managers' Transactions" and "Blocking Period").
09/27/2019 - 10:00 AM