Risk Management

corporate governance

Risk Management is the responsibility of everyone

In order to keep the risk controlled - one of the strategic pillars of the EDP Group - EDP's management bodies carefully monitor the risks inherent in the Group's various activities.

To keep risk under control - one of the strategic pillars of the EDP Group - EDP's management bodies closely monitor the risks inherent in the various activities of the Group.

The Business Management of Risk, which includes a set of identification practices, analysis, evaluation, treatment and reporting of major risks, is part of the management style required by the Group to it's collaborators, along with good international practices of risk governance, in accordance with legal and regulatory requirements, and meeting the expectations and demands of internal and external Group stakeholders.

Organizational Structure

Executive Board of Directors

With regard to risk management, the Executive Board of Directors (EBD) is supported by the Direction of Risk Management (DGR) and by the Risk Committee. There is a matrix structure of functional coordination between the DGR and the Risk Officers of the Business Units that have this structure (the most relevant).

The Executive Board of Directors ensures the approval of risk policies, the definition of monitoring structures and the approval of which risk limits to set.

Risk Committee

The Risk Committee meets regularly under the aegis of the Executive Board of Directors and combines members of the Boards of Directors or representatives of the various Group companies and also by corporate directors, namely the Director of Risk Management.

The Risk Committee shall: monitor significant risks and the risk profile of the EDP Group; approve the model of periodic reports to be submitted by the business units or by the Direction of Risk Management, as well as of other mechanisms for reporting and monitoring EDP risks; approve or decline recommendations on significant risks of the EDP Group and on extraordinary situations in terms of risk for evaluation by EBD; issue recommendations on risk policies, procedures and limits for the EDP Group, for consideration and approval by EBD.

Risk Portal

Under EDP's Corporate Policy for Risk Management it is required that all relevant risks are identified and managed, and that it is clarified in which companies its management is located, as well as the chain of responsibilities involved.

The EDP Risk Portal is the support tool used to carry out risk assessment. This computer application contains all the information on identification, analysis, assessment, mitigation measures and monitoring of relevant risks related to the EDP Group activity. It also allows the transversal dissemination of information across its universe of companies. Thus, it facilitates the Benchmarking of risk, and it's management and control in homologous areas of the group companies, and which allows the sharing of Best Practices.

The EDP Risk Portal, regularly updated by those responsible for the risks, is consulted by authorized collaborators, namely Senior Management, providing expeditious knowledge about the relevant risks of the EDP Group and of each company in each moment, their impact and how the processing of its management and control and the ongoing improvements in this area are functioning.

Types of Risks

The risks to which EDP is exposed to are those typical of the electricity and gas utilities, specifically:

  • Business risks: related to sustainable business growth, particularly in the balance between energy and the environment through the promotion of consumption efficiency, smart network solutions and the decarbonization of electricity generation; and includes the regulatory risk;
  • Market risks: related to prices and volumes of electricity and other commodities, foreign exchange and interest rates;
  • Operational risks: this is the group with the greatest diversity, encompassing everything from equipment and processes to human error, not to mention other issues such as prevention and security and legal and litigation risk;
  • Credit Risk: this group includes the risk of non compliance by customers and counterparts.

EDP Group

The integrated assessment of the risk level of the Group is carried out through a bottom-up analysis model named Cash Flow at Risk, which allows the evaluation of the uncertainty associated to the EBITDA value (or another value, such as FCF - Free Cash Flow at Risk), as well as the effectiveness of the hedging strategies adopted.

In addition, it uses a top-down model based on the evolution of share prices and the prediction of the values of "beta" of each business unit, which aims to determine the risk associated with assets and equity, but also the comparison with other companies in the sector.

Power Management

In this area there is systematic monitoring of the value of "Margin at Risk" of different positions, including fuel, CO2 allowances and electricity, comparing and adjusting it to the established limits. For this purpose, a model called MUR + (Unified Risk Model) is used at the Iberian level.

Commercial Area

EDP assesses the risk of the customer market on liberalized system, in a systematic and integrated manner, by calculating the "Cash Flow at Risk", considering the consumption patterns and the volatility of market prices, and also the closing positions of it's own production in the free market and gas supply contracts. The information obtained is used to define prices and maturities to apply to clients, either in new contracts or in it's renewal, and for hedging of the margin.