Internal control, risk management and compliance

Roles and competencies of the organisation

Iren S.p.A. has adopted an Internal Control and Risk Management System (ICRMS) to manage and monitor major business risks in order to contribute to the sustainable success of the entire Group.  


The Board of Directors defines the guidelines of the ICRMS in accordance with the company's strategies and annually assesses its adequacy and effectiveness. The Board of Directors defines the principles concerning the coordination and the flow of information among the parties involved in the Internal Control and Risk Management System with the aim of maximising the effectiveness of the system itself, reducing the duplication of activities and ensuring the successful performance of the duties of the control body.


The organisation of the Internal Control and Risk Management System involves the following figures and the respective competencies:


  • the Board of Directors plays a role in guiding and assessing the adequacy of the system;
  • the Directors in charge of establishing and maintaining the ICRMS, i.e., the Chair, Deputy Chair, and Chief Executive Officer, each with reference to the area to which their respective delegated authority pertains; 
  • the Control, Risk and Sustainability Committee (CRSC) set up within the board of directors, with the task of supporting the Board of Directors’ assessments and decisions relating to the ICRMS through adequate investigation activities and relating to the approval of periodical financial and non-financial reports.
  • the Head of the Internal Audit function, who is in charge of verifying that the ICRMS is functional, adequate and consistent with the guidelines defined by the Board of Directors;
  • the Board of Statutory Auditors monitors the effectiveness of the Internal Control and Risk Management System;
  • the Supervisory Board, appointed by the Board of Directors pursuant to and in accordance with Legislative Decree 231/2001;
  • the other corporate functions involved in the Internal Control and Risk Management System (such as the Risk Management Department and the functions dealing with legal and non-compliance risk), which are articulated in relation to the Iren Group’s size, sector, complexity and risk profile, among which, in particular, the Risk Management Director.

Internal control system

The Internal Control System plays a central role in the company's organisation, contributing to the adoption of informed decisions consistent with risk appetite. Learn more about the three levels of control and download the Corporate Governance Code.

Risk Management

The Enterprise Risk Management model is one of the main elements of the Internal Control and Risk Management System (ICRMS). Learn more about the model, activities, the role of the Risk Management Department, and find out what the different types of risk are.

Fiscal strategy

The fiscal strategy defines the goals and the approach adopted by the Group and the holding company in managing the tax variable for the uniform management of the Group's fiscal aspects. The Fiscal Strategy document is approved and issued by Iren's Board of Directors and is aimed at stating the principles of conduct in fiscal matters.


Related Party Transactions 

The full procedure and disclosure documents published over the years.

Market abuse

Consulta i documenti relativi all'abuso di informazioni privilegiate e manipolazione del mercato.

Model 231 and Corporate Administrative Responsibility

The Company has adopted an Organisation, Management and Control Model, by a resolution of the Board of Directors, which formalises, in a nutshell, the set of measures aimed at preventing the crimes set forth in Legislative Decree 231/2001, as part of the activities identified as sensitive to the potential risk of the commission of an offense referred to in that decree.