The SEA Group pays utmost attention to risk management in its business activities and has adopted specific monitoring and mitigation processes and procedures aimed at guaranteeing airport safety and service quality, protecting tangible and intangible assets of interest to stakeholders and creating value over the long term.
In 2016, in order to support existing measures, management decision-making processes and stakeholder assurance, the SEA Group initiated an Enterprise Risk Management (ERM) project designed to build a model for the identification, classification, measurement, monitoring and homogeneous and transversal assessment of operational risks.
The SEA Risk Model was thus defined as an annual assessment to involve management and area-specific risk specialists and ensure compliance with regulations and applicable reference standards.
This model aims to identify and assess the main business risks and define specific mitigation plans as required. The result of this activity provides the Board of Directors, the Control and Risk Committee and management with an overview of the main risks SEA is exposed to, facilitating mitigation, monitoring and the definition of actions to be implemented rapidly should risk events occur.
On September 21, 2017, the Board of Directors approved the Enterprise Risk Management Policy, which defined an ERM division, under the responsibility of the Chief Financial and Risk Officer, as a second level of risk management control to support corporate structures in the identification and management of business risks, through the development of tools, frameworks and methodologies, and to guarantee periodic reporting to middle and top management on the evolution of the risk profile.
This means that, with the support of risk specialists and the ERM division, corporate and line managements are the primary owners of the identification, assessment and management of the risks for which they are responsible. Top management then periodically reviews the overall company risk profile and opportunely orients the management of the main emerging risks, approving proposed response plans in line with the strategic objectives and corporate risk propensity defined by the Board of Directors. Finally, the Internal Audit teamindependently verifies the effectivenessand effective implementationof the complete risk managementsystem.
The risks to which SEA Group is exposed can be grouped into four main categories: external risks,operational risks, financial risks and legal and compliance risks.
SEA Group operates as an airport manager under a fully regulated regime, however, the Group’s earnings and financial results are significantly influenced by worldwide socio-political, macroeconomic and competitive dynamics.
The following are the main strategic risks that can have particularly significant effects on SEA Group performance.
As for the other airport operators, the future development of activities depends significantly on the strategic choices of airlines, which are dependent also on the global economic-financial performance. Over recent years a significant shift has also taken place in demand, generated by the increased presence of low cost airlines with a consequent increase in terminal competition.
The volume of passenger traffic and cargo in transit at the Linate and Malpensa airports represents a key factor in the results achieved by the Group. Any reduction or interruption to flights by one or more airlines operating out of the airports may result in a reduction in such traffic, with consequent impacts on activities and Group results.
In this context, the restructuring/sale of Alitalia may result in a reduction in flights at the Group’s airports, although SEA expects this risk to be mitigated by the probable redistribution of passenger traffic between airlines operating on the market and the capacity to attract new airlines. Any redistribution of traffic may require a certain period of time, temporarily influencing Group results.
Development of SEA’s regulatory framework and of the airport sector
SEA Group activities, as is the case for all Italian Airport Managers, are subject to a high level of regulation which impacts in particular the allocation of slots, the control of air traffic and the establishment of fees concerning services offered (airport fees, security control fees, fees for the use of common use assets and centralised infrastructure for handling services). Any change to the regulatory framework may impact the Group’s results.
The strategic choices of the operators representing an alternative to air transport, if not coherently integrated into a broader connectivity vision, may pose a threat to the domestic development of traffic at the Milan airports.
In particular, the technological development of fast rail transport has made it possible to reduce travel times from Milan to Rome and Naples, and has made it easier to reach even more distant destinations by rail. The increase in frequency of high-speed trains along these routes may lead to a reduction in air traffic through Linate airport.
Operating and business risks
The operating risk factors are strictly related to the carrying out of airport activities and may impact the shortand long-term performances.
Safety & security
The occurrence of accidents would have consequent impacts on group activity and may also impact passengers, local residents and employees.
In order to monitor, mitigate and identify response plans in case of emergencies, the Safety Management System continued its activities, consolidating and improving the results obtained in previous years. The guideline principles of the SEA airport Safety policy have remained unaltered in their consistency and suitability:
- guarantee design and construction conformity and maintenance of flight infrastructure and plant and equipment satisfying the highest sector standards;
- ensure a review of operating processes to achieve the highest compliance possible with national and international regulations concerning Safety;
- monitor the maintenance of safety standards for all operators and external parties of any type within the airport sites;
- guarantee ongoing and appropriate training of personnel, with priority for operational staff, placing particular focus on the requirements and the consequentactions for an improved level of Safety;
- guarantee education and communication, so that allevents which may affect Safety are flagged throughthe filling out of a Ground Safety Report.
Ground Safety Report e Safety Key Performance Indicators
As in previous years, in 2017 the safety events highlighted during the year were appraised and classified, based on the rules defined and communicated also with other operators at the periodic meetings of the Safety Committee.
The main event indicators, as per guidelines for aeronautical events classification, did not highlight any particular criticality in terms of maintaining good levels of aeronautical safety.
Activity and Service Interruptions
Group activities may be interrupted through: strikes by personnel, by those of the airlines, of personnel dedicated to air traffic control services and of the public emergency service operators; the incorrect and non-punctual provision of services by third parties adverse weather conditions (snow, fog etc.).
Natural events, such as lightning and overload short circuits may, for example, cause electrical blackouts with the consequent shutdown of information systems, affecting displays and leading to departure delays.
Corporate procedures have been readied to optimize the management of such events. In addition, risk transfer actions have been activated where possible, through opportune insurance plans.
Any bankruptcy or operational difficulties of individual or difficult-to-replace suppliers may have an impact on the Group in operational and economic-financial terms.
In order to minimize exposure to such risk, the company is implementing a structured supplier qualification and performance monitoring system.
The reaching of Group objectives depends on internal resources and relations with employees.
The non-ethical or inappropriate behaviour of employees may have legal and financial consequences on company activities. The body of procedures, also in compliance with the 231 Model adopted by the Group, the Ethics Code (now the Conduct Code), training and in-house education on these issues, together with the talent development plans and the ongoing cooperation and dialogue with the trade unions, support an organisation which minimises the risks related to human resource management.
The increasing aggressiveness and pervasiveness of cyber attacks on a global level and new Digital Transformation technology initiatives involving the SEA Group may, by their particularly critical nature, increase the risk of vulnerability of airport information and technology systems.
SEA pays great attention to the protection of its IT systems and telecommunications infrastructure from unauthorized access and cyber attacks that may cause the temporary suspension or hindering of operational services. Periodic vulnerability assessments and penetration testing are performed on systems using the most advanced technologies and methodologies, and a dedicated information security division has been established within the ICT Department.
Activities are underway for obtaining ISO 27001 certification and a Cyber Risk framework is being defined to monitor all corporate technical and conduct requirements.
The management of financial risks is carried out by the Parent Company which identifies, evaluates and implements actions to prevent and limit the consequences of the occurrence of the above-stated risk factors.
The credit risks represent the exposure of the SEA Group to potential losses deriving from the non-compliance of obligations by trading and financial partners.
This risk is primarily of an economic/financial nature, or rather the possibility of the default of a counterparty, and also factors of a technical/commercial or administrative/legal nature.
For the SEA Group the credit risk exposure is largely related to the deterioration of a financial nature of the principle airline companies which incur on the one hand the effects of the seasonality related to aviation operations, and on the other consequences of geopolitical events which impact upon the air transport sector (wars, epidemics, atmospheric events, rise in oil prices and economic/financial crises).
In order to control this risk, the SEA Group has implemented procedures and actions to monitor the expected cash flows and recovery actions.
In accordance with the internal policy on receivables the client is required to provide guarantees: this typically relates to bank guarantees issued by primary credit institutions or deposit guarantees.
In relation to the payment terms applied for the majority of the clients, credit terms are largely concentrated within 30 days from the relative invoicing.
Trade receivables are reported in the financial statements net of doubtful debt provisions, which are prudently made based on the underlying disputes at the balancesheet date. The doubtful debt provision necessary to adjust the nominal value to the realisable value is determined analysing all receivables and utilising all available information on the debtor. The SEA Group, against overdue receivables, receivables in dispute, or for which there is a legal or administrative procedure, utilises the same write-down percentages.
The market risk to which the SEA Group is exposed comprises all types of risks directly and indirectly related to market prices. In 2017, the market risks to which the SEA Group were subject were:
- Interest rate risk
The SEA Group is exposed to the risk of changes in interest rates in relation to the necessity to finance its operating activities and the use of available liquidity. The changes in interest rates may impact positively or negatively on the results of the SEA Group, modifying the costs and returns on financial and investment operations.
The SEA Group manages this risk through an appropriate mixture between fixed and variable rate loans, with the objective to mitigate the economic effect of the volatility of the interest rates.
Variable interest loans expose the SEA Group to a risk originating from the volatility of the interest rates (cash flow risk). Relating to this risk, for the purposes of the relative hedging, the SEA Group makes recourse to derivative contracts, which converts the variable rate to a fixed rate or limits the fluctuations in variable rates over a range, in this manner reducing the risk originating from the volatility of the rates.
We highlight that these derivative contracts, underwritten exclusively for the purposes of hedging market rate volatility, are recorded through the cashflow hedge method.
At December 31, 2017 the gross financial debt of the SEA Group was comprised of medium/long-term loans (medium/long term portions of loans) and short-term loans (exclusively the medium/long-term portion of loans maturing within 12 months. At this date SEA did not make recourse toshort-term debt).
The SEA Group, with the exception of the currency risk related to the commodity risk, is subject to a low currency fluctuation risk as, although operating in an international environment, the transactions are principally in Euro. Therefore, the SEA Group does not consider it necessary to implement specific hedging against this risk as the amounts in currencies other than the Euro are insignificant and the relative receipts and payments generally offset one another.
- Commodity risk
The SEA Group is exposed to price variations, relative exchange style rates and energy commodities (gas and, marginally, electricity). In this respect, it should be noted that the Group’s electricity production is predominantly intended for internal needs (56.7% energy sold), while the heat produced is partly intended for airport uses (73.8%) and partly transferred to third parties (26.2%). The Group mainly procures gas in order to feed the two cogeneration plants for the production of electricity, heat and cooling. The SEA Group, limited to only SEA Energia, is exposed to changes in prices, and the relative currency fluctuations, of the energy commodities utilised i.e. gas. These risks derive from the purchase of the above-mentioned energy commodities, which are principally impacted by fluctuations in the prices of the underlying fuels, denominated in US Dollars. At the SEA Group, these fluctuations are absorbed through formulas and indexing for the pricing structures adopted under the sales contracts.
In 2017, the SEA Group did not undertake any hedging of this risk, although not excluding the possibility in the future.
The liquidity risk for the SEA Group may arise where the financial resources available are not sufficient to meet the financial and commercial commitments within the agreed terms and conditions. The liquidity, cash flows and financial needs of the SEA Group are managed through policies and processes with the objective to minimise the liquidity risk. Specifically, the SEA Group:
- centrally monitors and manages, under the control of the Group Treasury, the financial resources available, in order to ensure an efficient management of these resources, also in forward budgeting terms;
- maintains adequate liquidity in treasury current accounts;
- obtains committed credit lines (revolving and non-revolving), which covers the financial commitments of the Group in the coming 12 months deriving from the investment plan and contractually agreed debt repayments;
- monitors the prospective liquidity position, in relation to the business planning.
Legal and compliance risks
The Group operates in a sector regulated at a national, EU and international level.
A significant part of SEA Group revenues derives from the activities carried out based on the agreement signed between Società per Azioni Esercizi Aeroportuali SEA and ENAC, with duration until May 4, 2041.
The Agreement provides for a series of obligations relating to the management and development of the Milan airport system, in addition to advanced withdrawal in the case of serious non-fulfilment by SEA and dissolution conditions in the case of a delay for more than12 months in the payment of thefee due by SEA, or in the case of adeclaration of bankruptcy by SEA.
The conformity of the processes and procedures to national and international standards leads to the consideration that the risk of non-compliance with the concession rules is remote.
In this regard, European certification for adjustment to EU Regulation 139/2014 establishing the technical requirements and administrative procedures for EU airports was obtained.