To this end, it has a risk management system covering both the risks of internal processes and those related to the environment in which the Company's activities are carried out. The system complies with the ISO 31000 Standard on the principles and guidelines regarding risk management. Additionally, Red Eléctrica has in place two specific systems, one for internal control over financial reporting (based on the US Sarbanes-Oxley) and another for internal control over operational activities (based on the SSAE 16 standard). These systems are subject to periodic internal and external audits.
The most relevant risks to which the Red Eléctrica Group is subject and that are integrated into the risk management system are the following:
- Regulatory: due to the fact that the core activities of the Group are subject to regulation.
- Operational: derived fundamentally from the activities entrusted to it as operator of the Spanish electricity system, including those related to cybersecurity. The critical nature of the functions carried out by Company means that if this type of risk were to occur, it could have widespread social and economic impact.
In addition to the specific risks indicated above, the Red Eléctrica Group faces other risks that are commonly associated to carrying out economic and business activities, and which include:
- Financial and counterparty risks. These are financial risk, market risk and those related to the non-fulfilment of counterparties of their contractual obligations. This risk category also encompasses the following: the increased cost of equipment and raw materials, the increased interest rate and changes in the currency exchange rate, the conditions of access to financial markets and the coverage of claims and accidents.
- Other risks. These are risks arising from the relevance of other businesses conducted by the Red Eléctrica Group. This risk category encompasses risks related to the telecommunications business and which are associated with the management, operation and leasing of dark fibre networks, as well as those risks related to its international business, specifically those activities carried out by the Group through its subsidiaries abroad.
Comprehensive Risk Management Policy
The Board of Directors is responsible for the approval of the comprehensive risk management policy as well as for having full knowledge of the internal control, prevention and information systems and for the regular monitoring of these systems. Twice a year, the Board proceeds to review material risks and the risk control system, independent of the information that it regularly receives from the Audit Committee as part of the monitoring framework the Committee continually performs.
Emerging risks associated with climate
The risks associated with climate change are especially important due to the function of Red Eléctrica de España as a transmission agent and operator of the Spanish electricity system, since the regulatory and technological changes necessary for the energy transition (required to achieve climate targets) pose a series of challenges and uncertainties. Therefore, due to their potential impact on the Company’s business and their probability of occurring in the long term, they have been identified as some of the most relevant emerging risks for the organisation, which has led to a specific methodology being developed and put in place for their identification, prioritisation and financial quantification.
Among the emerging risks associated with climate change, the physical risks associated with the modification of climate parameters that may affect the facilities or services provided by the Group have been assessed, as well as the risks associated with the energy transition. Said risks are linked to the changes that the fight against climate change entail: regulatory, technological, market and reputational. In addition, as set out in the recommendations of the Task Force on Climate-related Financial Disclosures (TCFD), various scenarios have been considered and which are different for physical and transition risks. The most important physical risks are those related to the effect of extreme events (wind) on outdoor facilities (overhead electricity lines) and fires underneath the lines and in the surrounding area of electricity substations. The most relevant transition risks are related to the difficulties in commissioning the infrastructure required to fulfil the objectives of the energy transition. Information on its potential impact on the business and the mitigation measures implemented can be consulted in detail in the Sustainability Report.