This chapter contains the information required by art. 123-bis, paragraph 2, letter b), of Legislative Decree no. 58 of February 24, 1998 (Consolidated Finance Act “TUF”). Since the Company has not issued shares eligible for trading on regulated markets or in multilateral trading systems, it availed of the option contained in paragraph 5, art. 123-bis of the TUF to omit publication of the information as per paragraphs 1 and 2 of art. 123-bis , except that required by the aforesaid paragraph 2, letter b).
The Corporate Governance the joint stock Company Esercizi Aeroportuali S.E.A. (“SEA” or the "Company”) consists of a set of rules in line with the laws and regulations applicable to it. The corporate governance system of the company is based on the traditional administration and control model as per Articles 2380-bis and subsequent of the Italian Civil Code, therefore with two corporate boards appointed by the Shareholders’ Meeting – the Board of Directors, which undertakes the management of the Company, and the Board of Statutory Auditors, which is required to ensure financial control, together with the Shareholders’ Meeting itself, which represents the common interests of shareholders.
Since June 27, 2001 SEA has complied with the Self-Governance Code for listed companies issued by the Committee for Corporate Governance of Borsa Italiana S.p.A. (the “Self-Governance Code” or the “Code”). Although adherence to the Code is voluntary, SEA applies most of the recommendations contained in it, in order to implement an effective corporate governance system that appropriately allocates responsibilities and powers and promotes a correct balance between management and control.
For this purpose the Company prepares a corporate governance report on an annual basis along with the ownership structure which describes the corporate governance system adopted by SEA and provides information of the procedures for implementing the recommendations of the Self-Governance Code; the report is available on the website www.seamilano.eu.
The company is not subject to management and co-ordination pursuant to Article 2497 and subsequent of the Italian Civil Code.
The Board of Directors of SEA SpA has set up internally two Committees required by the Self-Governance Code undertaking proposing and consultation vis-a-vis the administrative body (i.e. the Control and Risks Committee and the Remuneration and Appointments Committee). The Committees comprise non-executive Directors. The prerogatives of the Committees are established by motions of the Board of Directors, based on the recommendations and principles of the Self-Governance Code; at the Committee meetings minutes are prepared and maintained by the Company.
The Shareholders' Meeting is the body that, through its resolutions, expresses the shareholders wishes. The Shareholders’ Meetings approves the most important decisions of the Company, among which, the appointment of the Corporate Boards, the approval of the financial statements, and any changes to the Company By-laws.
The Board of Directors is invested with the broadest powers for managing the Company: it has the right to perform all acts it deems opportune for implementing and achieving the business purposes, except those which by law and the by-laws are reserved for the Shareholders' Meeting. The Board of Statutory Auditors is the Company's control body. The Board of Statutory Auditors in office at the date of the present report was appointed by the Shareholders’ Meeting of May 4, 2016 in accordance with the Company By-laws and remains in office until the approval of the financial statements at December 31, 2018. The Board of Statutory Auditors monitors compliance with the law and the By-Laws, compliance with correct administration principles and, in particular, the adequacy of the organisation, administrative and accounting structure of the Company and its correct operation. Auditing functions are assigned to an independent Audit Firm by the Shareholders' Meeting.
The internal control and risk management system is based on the recommendations of the Self-Governance Code and applicable best practices; one of the instruments adopted by the Company for this purpose is the Organisational and Management Model pursuant to Legislative Decree 231/01. SEA and its subsidiaries have each prepared their own "Ask mapping" aimed at adopting their organisational, management and control models pursuant to Legislative Decree 231/2001 (individually, the "Model" and the "Models" collectively), effective and adequate to the specific company situation and nature of the business of each one, whose main purpose if to prevent the crimes contained in the reference laws. The Model is constantly updated based on changes in legislation with introduction of new crimes included in the legislation.
SEA's Corporate Governance system is also composed of procedures which govern the activities of the various company functions, also constantly verified and updated in line with the evolution of the regulatory context and changes in operating practices.
The share capital totals Euro 27,500,000.00 entirely paid in - divided into 250,000,000 shares - with a nominal value of Euro 0.11 each. The shares are registered and indivisible. The shares are not traded on regulated markets. The Company did not hold treasury shares as of December 31, 2016 and the share capital is divided as described in the paragraph "Share capital structure”.
Internal Control and Risk Management System
The Internal control and risk management system is represented by all of the instruments, rules, procedures and company organisational structures aimed at ensure compliance with legal and by-law requirements, reliable and accurate financial disclosures and protection of the company's assets in line with the company objectives established by the Board of Directors. The Board is responsible for the internal control and risk management system which, based on information provided by the functions/bodies assigned with company internal control and risk management to the Chairman and the Control and Risks Committee, establishes the guidelines, checks their adequacy and actual operation and ensure the identification and correct management of the main company risks.
The procedures and organisation subject to the internal control and risk management system is implemented in order to ensure:
- compliance with laws, regulations, the by-Laws and policy;
- the safeguarding of the company’s assets;
- the efficiency and effectiveness of the business processes;
- the reliability of financial disclosure.
One of the tools implemented in order to reach the objectives of the Internal Control and Risk Management System is the Organisational and Management Model pursuant to Legislative Decree 231/01.
Main characteristics of the internal control and risk management systems in relation to the financial disclosure process contained in the financial statements and half year report.
The Internal control system on SEA's financial disclosures ensures the exchange of data and information with its subsidiaries, implementing its coordination. Specifically, this activity is performed through the distribution, by the parent company SEA, of the laws governing application of the reference accounting standards for the purposes of preparing the SEA Group's consolidated financial statements and the procedures which govern the preparation of the yearly financial statements and consolidated financial statements as well as reports and half year report. Controls are established downstream from a process conducted by the parent company SEA according to an approach aimed at identifying the critical issues typical of the single organisational entities, which could have significant effects on financial disclosures.
Main characteristics of the internal control and risk management systems in relation to the financial disclosure process
The risk management system must not be considered separately from the internal control system in relation to the financial disclosure process. The System is aimed at ensuring the reliability, accuracy, dependability and timeliness of financial disclosures.
The monitoring process for the Internal control and risk management system on financial disclosures is structured in the following phases:
- identification of the risks on financial disclosures: the activity is performed for the separate financial statements of SEA and the consolidated financial statements of the SEA Group, taking into consideration quality and quantity aspects first related to selection of the significant companies to include in the analysis and then the significant transactions.
- Assessment of the risks on financial disclosures: the risks are assessed in terms of potential quality and quantity impact. The risk assessment is conducted at both individual company level and specific process level.
- Identification of controls implemented to mitigate previously identified risks both at individual company and process level.
- The SEA Group started an Enterprise Risk Management (ERM) programme in 2016 aimed at building a model to uniformly and thoroughly identify, classify, measure and assess the risks correlated with the performance of the company's business, as well as to continuously monitor the same, to back management's strategic choices and decisions and provide assurance for reference stakeholders. Thus a SEA risk model was established and an initial risk assessment conducted which involved management and which was completed with the identification and assessment of the main company risks and of the existing risk management systems.
The next phases of the project will involve definition of the ERM framework through representation of the company's Risk Appetite compared to the identified risks, definition of rules, instruments and procedures for risk measurement, control, monitoring and reporting.
The components of the Internal control and risk management system described above are coordinated and interdependent on each other and the System, in its entirety, involves - with different roles and based on collaboration and coordination logic - the administrative bodies, supervisory and control bodies and management of the Company and SEA Group. SEA's Board of Directors has not appointed an executive direction assigned to supervise the operations of the internal control and risk management system.
Functions of the Control and Risks Committee
The Committee provides consultation and proposals for the Board of Directors related to internal control and risk management issues. The CRC identifies the company risk and submits them to the Board of Directors for review and it implements the Board's guidelines through the definition, management and monitoring of the internal control system. The Control and Risks Committee also examines and approves the Annual Audit Plan.
The Committee also performs the functions of Related Parties Committee (with the exception of operations related to subjects reserved solely for the Remuneration and Appointments Committee).
Internal Audit function manager
Auditing of the adequacy and operation of the Internal control and risk management system is assigned to the Group's Audit Department. The Manager of the Auditing function refers to the Chairman and the Control and Risks Committee; he is not manager of any operating area and does not report to any operating area manager, including the administration and finance areas. The Auditing Manager verifies the operation and adequacy of the internal control and risk management system and compliance with the internal procedures issued for such purpose. The Auditing Manager has spending autonomy and extends his activity to all SEA Group companies. Likewise, SEA's Auditing Department reports hierarchically to the Chairman and functionally to the Board of Directors and Control and Risks Committee. The Auditing Department is assigned with auditing the effectiveness, adequacy and maintenance of the Organisational and Management Model pursuant to Legislative Decree no. 231/2001 on behalf of the supervisory bodies of SEA and its subsidiaries.
Independent Audit Firm
The Independent Audit firm appointed to audit the separate annual report and consolidated report, periodically audit the regular keeping of accounting records and limited review of SEA's consolidated half year report is Deloitte & Touche S.p.A.. This assignment was conferred by the Shareholders' Meeting on June 24, 2013 and extended until 2022 by the Shareholders' Meeting of May 4, 2016. The Board of Statutory Auditors and Independent Audit Firm periodically exchange information and data on the audits they perform.
Supervisory Body pursuant to Legislative Decree 231/2001
The Supervisory Body in office at the date of this Report was appointed by the Board of Directors' meeting on May 4, 2016 and is composed of four members (two external independent members, Luigi Ferrara – Chairman - and Alberto Mattioli, Director of the Auditing function, Ahmed Laroussi, and a non-executive member of the Board of Directors, Arabella Caporello(1)).
The Supervisory Body periodically reports to the Board of Directors on the effectiveness, adequacy and maintenance of the Model and sends the Board a written report annually on the implementation status of Model 231 and, specifically on the controls and audits performed as well as any critical issued that emerged.
The Supervisory Body has autonomous initiative powers as well as spending powers.
Organisation, management and control model as per Legislative Decree 231/2001
SEA has adopted an Organisational and management model pursuant to Legislative Decree 231/2001 - the legislative decree containing “provisions governing the administrative responsibility of legal entities, companies and associations including without legal status” (the "Decree") (the "Model") to prevent commission of the crimes contained in the Decree. The Model is thus adopted in compliance with the provisions of the Decree. The Model was adopted by the Board of Directors of SEA with motion of December 18, 2003 and subsequently amended and supplemented, latterly through Board of Directors motion of October 29, 2015. The Model comprises a "General Part" and a "Special Part". The corporate boards of SEA subsidiaries have adopted their own Organisational and Management Model pursuant to Legislative Decree 231/2001.
Transactions with Related Parties Procedure
The Board of Directors at the meetings of December 18, 2014 and January 29, 2015 approved the “Related Party Transactions Procedure” (the “RPT Procedure”), in force since February 2, 2015.
The RPT Procedure is also available on the company’s website www.seamilano.eu.
The Board of Directors, in assessing the substantial and procedural correctness of the transactions with related parties, is assisted by the Related Parties Committee which is represented, according to the issues dealt with, by the Control and Risks Committee or the Remuneration and Appointments Committee.
Code of Conduct
The Code of Conduct currently in effect was approved by the Board of Directors' meeting of December 17, 2015 and is an integral part of the Organisational and Management Model pursuant to Legislative Decree 231/2001.
The Code of Conduct is part of the wider "Ethical System" adopted by the Board of Directors and provides a reference framework of values and principles that the SEA Group intends to adopt in its decision making process.
The main tasks of the Ethics Committee, made up of a SEA director and by the heads of the "Human Resources and Organisation", "Legal and Corporate Affairs" and "Auditing" departments, are the circulation and supervision of compliance with the Ethics Code.
Anti-Corruption Contact Person
The Company identified, with effect from January 31, 2014, an Anti-Corruption contact person, in the person of the Head of Legal and Corporate Affairs, also a member of the Ethics Committee.
The anti-corruption contact person is exclusively assigned with the task of handing anti-corruption communications, as established pursuant to Law 190/2012, including vis-à-vis third parties; the role, the prerogatives and responsibilities of the anti-corruption contact person are therefore not similar to those contained in the reference laws for the Anti-Corruption Manager (i.e. the manager pursuant to Law 190/2012).
(1) The Director Arabella Caporello resigned from office on September 15, 2016