The Internal Control and Risk Management System (ICRMS) is a set of tools, organisational structures, regulations and business rules put in place to facilitate the sound management of the Company in line with the business goals set by the Board of Directors. It provides proper means for the identification, measurement, management and monitoring of risks, while also ensuring that information is circulated as appropriate.
ICRMS Actors and the three levels of control
The Eni ICRMS is structured along the following three levels of internal control:
- first level of control: identifies, assesses, manages and monitors the risks for which it is responsible, for which it identifies and implements specific management actions;
- second level of control: monitors the main risks in order to ensure the effectiveness and efficiency of their management; also responsible for monitoring the appropriateness and operation of controls implemented for the main risks. It also provides support to the first level in defining and implementing adequate systems for managing the main risks and the associated controls;
- third level of control: provides independent, objective assurance on the appropriateness and effective operation of the first and second control levels and, more generally, on the Eni ICRMS as a whole.
The structure of the first and second control levels is consistent with the size, complexity, specific risk profile and with the regulatory environment in which each company operates.
The third level of control is exercised by the Internal Audit Unit of Eni SpA, which, on the basis of a centralised model, performs its controls using a risk-based approach to the overall Eni ICRMS, monitoring Eni SpA and the subsidiaries.
09/27/2019 - 10:00 AM
To ensure the integrity, transparency, propriety and effectiveness of its processes, Eni adopts rules for the performance of business activities and the exercise of powers, guaranteeing observance of the general principles of traceability and segregation.
Each component of that system is supplemented by the Company’s Code of Ethics, which identifies the fundamental values, among others, of the formal and substantive legitimacy of the conduct of the members of corporate bodies and all employees, and transparency, also in term of accounting, and the dissemination of a mentality directed at the exercise of control.
Eni is fully aware that investors rely on the full compliance of the corporate bodies, management and employees with the set of rules making up the corporate internal control system.
On July 28, 2010, Eni’s Board of Directors approved the basic guidelines for the New Eni Regulatory System, with the goal of rationalising, supplementing and simplifying Eni’s regulatory system.
On June 23, 2016 Eni’s Board of Directors approved an update of the Fundamental Guidelines to bring the Regulatory System into line with Eni’s current organisational structure, better integrating it with corporate processes and making it easier or the subsidiaries to use.
01/28/2021 - 10:00 AM
Anti-Corruption Compliance Program
We work with loyalty, fairness, transparency, integrity, in full compliance with laws and regulations.
Anti-Corruption regulations and controls
In line with the “zero tolerance” principle expressed in the Code of Ethics, Eni addresses the high risks that the company faces in carrying out its business activities with an articulated system of rules and controls for the prevention of corruption (“Anti-Corruption Compliance Program”). Eni’s Anti-Corruption Compliance Program, developed in accordance with applicable anti-corruption provisions and international conventions, is characterized by its dynamism and constant attention to the evolution of the national and international regulatory landscape and best practices. Eni’s experience in anti-corruption issues evolves also through ongoing participation in international conferences and workshops that help Eni to grow, promote and spread its values (PACI, B20, United Nations Global Compact, Foundation Global Compact Network Italy, ABC Benchmarking Group and OECD).
Current anti-corruption regulations of Eni are outlined in the Anti-Corruption Management System Guidelines that identifies areas at risk of corruption and sets out the general principles to be observed in conducting activities in such areas, as well as specific anti-corruption and bribery tools detailing the applicable regulations for the management of individual business processes at risk of corruption.
Adoption and implementation
The adoption and implementation of the Compliance Program is mandatory for Eni SpA and all its subsidiaries in Italy and abroad, each of which adopt it by resolution of the Board of Directors. Companies or entities in which Eni does not have a controlling interest are also required to comply with the standards set out in the anti-corruption regulations, as well as maintaining an adequate internal control system, in line with the provisions of anti-corruption laws.
The Anti-Corruption Unit
To ensure the effectiveness of Anti-Corruption Compliance Program, a dedicated organisational structure was created, with the task of providing specialised anti-corruption assistance to Eni and its unlisted subsidiaries in Italy and abroad. This Unit is managed directly by the “Integrated Compliance” Function, which in turn reports directly to the Chief Executive Officer of Eni SpA.
In order to preside over possible criticalities, Eni's Anti-Corruption Compliance Program provides for the implementation of an anti-corruption due diligence on counterparties potentially at risk (“due diligence”). During the due diligence the integrity, professional reliability and reputation of the potential counterpart are assessed. Each due diligence must be initiated promptly and, however, must be completed before any commitments are undertaken with the counterparties at risk. This activity is carried out by Eni, acting as Data Controller, in accordance with the provisions laid down in the Regulation (EU) 2016/679 ("GDPR") and the principles of correctness and transparency, purpose, accuracy, minimization, preservation, integrity and security, empowerment and protection of the rights of the person concerned.
Combatting corruption also through training
Conscious that the first element for the development of an effective anti-corruption strategy is a thorough knowledge of available prevention tools, Eni promotes the dissemination of the culture of Compliance within the company through various internal communication initiatives (for example in 2018 through the sitcom "Compliance Tips").
Moreover, Eni through the Anti-Corruption Unit carries out a comprehensive awareness raising and training initiative, through a structured messaging system and a compulsory periodic training program. In particular, an online (“e-learning”) training program, for Eni personnel, classroom-based training sessions (“general anti-corruption workshops”) and “job specific training” for professional areas at specific risk of corruption. In these courses an overview of the anti-corruption laws applicable to Eni is provided along with an explanation of the tools to identify areas of corruption risk and to apply the control activities that Eni has defined in relation to these areas. Moreover, a description of the reporting methodologies, including Whistleblowing, related to any suspected or known violation of anti-corruption laws or of Eni's Anti-Corruption Compliance Program is provided. In order to optimize the identification of the recipients of the various training initiatives, a methodology is used for the systematic segmentation of Eni people on the basis of the level of risk of corruption based on specific risk drivers.
In addition, starting in 2018, the Anti-Corruption Unit started the anti-corruption training program, both online and in the classroom, for some categories of Eni partners. The aim of this program is to raise the third parties awareness on the issue of corruption and in particular on how to recognize corrupt behavior and how to prevent the violation of anti-corruption laws in the context of their professional activity.
Recognition for Eni’s Anti-Corruption Compliance Program
The Anti-Corruption Compliance Program of Eni SpA it is certified in accordance with ISO 37001: 2016 "Antibribery Management Systems".
Eni SpA is the first Italian company to have received this certification in January 2017, for the maintenance of which it is cyclically subjected by the certifying body to surveillance and recertification audits, which from 2017 to 2020 have always concluded with a positive outcome.
04/14/2021 - 10:00 AM
Organisational, management and control Model 231
The discipline of the “administrative liability of legal entities deriving from offences” (Legislative Decree 8 June 2001 no. 231), on which Eni’s Model 231 is based, decrees that companies may be subject to fines or other punishments for offences committed or attempted – in Italy or abroad – in the interest/for the benefit of the company by its representatives, Directors or managers, or one of its financially and functionally autonomous organizational units. This also applies to those with even de facto management and control responsibilities (such as senior managers) and to anyone subject to the direction or supervision of all the people mentioned above.
Eni’s Model 231, of which the Company’s Code of Ethics constitutes a fundamental reference principle, was first adopted by Eni’s Board of Directors in December 2003 - January 2004 and subsequently amended (latest update on 4 June 2020). Simultaneously to the adoption of the Model 231, Eni’s Board of Directors also established a Supervisory Board (“231 Supervisory Body”) to monitor the Model’s effectiveness and adequacy, and to report on its implementation to the top management. The 231 Supervisory Body consists of internal and external members, including the Chairman, all meeting specific requirements. The responsibility for updating Model 231 lies with the Chief Executive Officer, who has already been entrusted with its implementation. The amendments to the document "Model 231 of Eni SpA" must be approved by the Board of Directors after informing the Board of Statutory Auditors. Eni encourages the adoption and effective implementation by all the subsidiaries of adequate systems to prevent the risks of corporate responsibility arising from crime. To this regard, Eni internal regulatory system ensure that all Italian Subsidiaries of Eni adopt, in the management of the activities at risk of corporate liability, control principles and instruments that are consistent with those set out in Model 231.
The representatives designated by Eni SpA in the corporate bodies of the companies in which stakes are held, consortia and joint ventures shall promote the adoption of systems to prevent the risk of corporate responsibility deriving from a crime, consistently with the measures adopted by the companies of the Eni group.
6/18/2020 - 10:00 AM
Eni allows anyone to report conduct in violation of the Code of Ethics, any laws regulations, provisions of authorities, internal regulations, Model 231 or Compliance Models for foreign subsidiaries , that may cause damage or prejudice to Eni, even if only to its public image.
The rules governing this area are contained in the document “Whistleblowing reports received, including anonymously, by Eni SpA and by its subsidiaries in Italy and abroad”, which was approved by Eni’s Board of Statutory Auditors in its capacity as the Audit Committee pursuant to the provisions of the SOA.
NOTICE: If you are an Eni customer and wish to report problems of a commercial nature please don’t use the following form. Note that this link should only be used for the above purposes.
Whistleblowing reports may be sent using a dedicated form. click here to send a report.
This channel is considered preferential and suitable for guaranteeing, with IT tools, the confidentiality of the identity of the whistleblower.
09/27/2019 - 10:00 AM
Transactions involving interests of Directors and Statutory Auditors and transactions with related parties
Eni’s Board of Directors approved rules to ensure procedural transparency and probity relating to all transactions in which a director or a statutory auditor has an interest, as well as transactions with related parties.
The rules, which distinguishes the discipline of the transactions due to their relevance, incorporates relevant Consob Regulations, extending them to all transactions carried out by subsidiaries with related parties of Eni with the aim of providing protection, extending also the definition of related party.
The Board of Directors gave a central role to independent directors appointed to the Control and Risk Committee, or to the Compensation Committee in case of operations on remuneration.
In order to ensure the effective monitoring of operations, the CEO is required to present to the Board of Directors and to the Board of Statutory Auditors, bi-monthly and six-monthly, details on the operations carried out during the reporting period. With regard to public disclosure, the relevant provisions of the Consob Regulations have been fully adopted.
The rules were lastly amended on 4 April 2017 in view of further alignment with the relevant benchmarks and best practices in the area, in particular on the small amount thresholds, on the aggregation of small amount transactions and on periodic disclosure to corporate bodies.
09/27/2019 - 10:00 AM
Antitrust Compliance Programme
In order to ensure compliance with antitrust rules, which are included among the rules of law protecting fair competition expressly referenced in the Code of Ethics, Eni has adopted specific measures to raise the awareness of antitrust rules within Eni and its Italian and foreign subsidiaries as well as to ensure adequate safeguards to prevent antitrust infringements.
With a view to continuous improvement, these rules have been subsequently updated and most recently transformed, in April 2017, into the Antitrust Compliance Programme, as formalized in the Management System Guideline Antitrust (Antitrust MSG), which applies to Eni and its subsidiaries. In addition, Eni undertakes to exert its influence in the entities in which it does not hold a controlling interest to have them adopting guidelines similar to those of the Antitrust MSG.
As foreseen in the Antitrust Compliance Programme, a specific unit in the company is responsible for assessing the compliance of business initiatives with antitrust rules – identifying the antitrust risks possibly related to the business initiatives and setting out possible mitigating measures – as well as for periodically conducting analyses of the adequacy of the Antitrust Compliance Programme, taking into account the risks faced and the relevant guidelines and best practices, also with a view to suggest possible improvements.
The same unit also takes care of antitrust training initiatives.
02/14/2020 - 10:00 AM
Market Abuse - Market Information Abuse (Issuers) Procedure
Eni recognizes that information is a strategic asset and as such it must be managed to safeguard the interests of the Company, its shareholders and the market.
The Eni Board of Directors approved the Market Information Abuse (Issuers) Procedure, acting on a proposal from the CEO, with the favorable opinion of the Control and Risk Committee.
The Procedure, updating for the “issuers” Eni’s previous procedure, incorporates the amendments introduced by the European Regulation No. 596/2014/EU of 16 April 2014 and by the related implementing Regulations, as well as by national laws, taking into account the Italian and foreign institutional positions.
The Procedure, in tracing the evolution of “company information” within Eni, regulates the principles of conduct for preserving its confidentiality, in order to ensure that members of the corporate bodies, employees and people working on behalf of Eni respect these principles while performing the duties assigned, as set out also in Eni's Code of Ethics and in the corporate security measures.
- defines the principles of conduct for internal management and external communication of “corporate information” and, in particular, of “inside information”, including those directly affecting Eni, as recommended also by the Italian Corporate Governance Code, retracing the prohibitions on abuse and unlawful communication of inside information and related sanctions;
- describes the information and authorization flows, identifying roles and responsibilities related to the qualification of information as "inside information”, and, subsequently, for the preparation of press releases, so that the inside information is communicated to the public as soon as possible or is exceptionally activated the delay procedure subsisting the conditions of law; the Procedure also defines the rules for acquiring from the subsidiaries the data and information necessary to provide adequate and timely information to the public;
- as recommended by Consob (the Italian Commission for Companies and Stock Exchange), regulates the monitoring of the evolution of information until it becomes “Eni inside information”, starting from the mapping of the types of relevant information and identifying the safeguards for the segregation and confidentiality of information (including "Relevant Information List" and " Insider List");
- regulates general behavioral obligations on transactions involving Eni securities (in particular, "Managers' Transactions" and "Blocking Period").
09/27/2019 - 10:00 AM
Eni’s management of whistleblowing reports
Eni is equipped with Aa system for handling whistleblowing reports, including the anonymous ones reports or otherwise, that operates for all Group companies in Italy and abroad.
We ensure the proper management, analysis and handling of whistleblowing episodesreports received, also anonymous, by Eni and by its subsidiaries, both in Italy and abroad. The results of checks made by the Internal Audit function on cases are presented to internal inter-functional bodies, the Board of Statutory Auditors, the Supervisory Board and the top management of both Eni SpA each of the non-listed subsidiaries involved.
Analysis and management of whistleblowing reports
In compliance with the provision of the 2002 Sarbanes-Oxley Act, the company’s Organisational, Management and Control Model, pursuant to Italian Legislative Decree. n. 231 of 2001, and internal anti-corruption regulations, we have adopted a system for the management of whistleblowing reports that enables us to manage whistleblowing reports received, including anonymously, by Eni SpA and by its subsidiaries in Italy and abroad.
We guarantee the management, analysis and handling of whistleblowing reports that are sent by or transmitted form anyone, stakeholders, Eni’s People (Eni personnel and anyone, physical or legal persons, who operate in Italy and abroad for achieving Eni’s objectives, each within the scope of their own functions and responsibilities) or other third parties, also when confidential or anonymous. Eni consider a whistleblowing report any communications concerning behaviours that relate to Eni's People in violation of the Code of Ethics, any laws regulations, provisions of authorities, internal regulations, Model 231 or Compliance Models for foreign subsidiaries, that may cause damage or prejudice to Eni, even if only to its public image. These include cases of fraud, against the company assets and/or in financial reporting, illegitimate behaviour pursuant to Italian Legislative Decree. n. 231 of 2001 and/or in violations of an intentional and/or fraudolent nature of Model 231 or the Compliance Models for foreign subsidiaries, possible corruptions or violations of anti-corruption regulatory instruments. The outcome of the investigation carried out by the Internal Audit function on the reported facts are presented to internal inter-functional bodies dedicated to manage whistleblowing reports, the Board of Statutory Auditors, the Supervisory Board and for whistleblowing reports within their area of responsibility to Eni SpA’s Watch Structure and top management and to the top management and the control and supervisory bodies of each subsidiaries involved.
The company guarantees the strict confidentiality on the persons and facts reported and anonymity of whistleblowers to ensure that they are not subject to any form of retaliation.
Whistleblowing reports may be sent using a dedicated form, click here to send a report.
This channel is considered preferential and suitable for guaranteeing, with IT tools, the confidentiality of the identity of the whistleblower.
Management of whistleblowing Reports and respect for human rights
With regard to whistleblowing reports, in 2019 investigations were completed on 74 files1, 202 of which included human rights aspects, mainly concerning potential impacts on workers’ rights.
Among these, 26 assertions were checked: for 7 of them the facts reported were confirmed, at least in part, and corrective action was taken to mitigate and/or minimise their impacts, including: i) actions on the Internal Control and Risk Management System, relating to the implementation and strengthening of existing controls, and training activities for employees; ii) actions against suppliers and iii) actions against employees, including disciplinary measures, in accordance with Model 231, and the collective employment agreement and other applicable national laws.
At the end of the year 15 files were still open, 8 of which referred to human rights aspects, in particular potential impacts on workers’ rights.
1) Whistleblowing file: this is a document summarising the investigations carried out on the Whistleblowing report(s) (which may contain one or more detailed and verifiable assertions) including the summary of the investigation carried out, the results of such investigation and any identified action plan.
2) All relating to companies consolidated on a line-by-line basis