1. Governance
  2. Enterprise risk management
  3. Approach

APPROACH

    1. Philosophy & Mission

      1. The assessment and prevention of the risks that could affect the Group’s values and objectives have always been an integral part of the innovative spirit and professional excellence upon which Pirelli’s historical identity was founded.

    1. Pillars

      1. In line with its mission, Pirelli Enterprise Risk Management is based on the following macro pillars:


    1. Risk model

      1. Pirelli Enterprise Risk Management model is embedded in three key phases of the decision making process:

        • strategic planning (medium/long term);
        • operational planning (annual and periodical);
        • new investment projects/businesses.

        It is worthwhile noting that the Enterprise Risk Management model goes beyond these three phases by assessing operational as well as reputational and Environmental, Social and Governance (ESG) risks that-if not correctly managed- may negatively affect strategic tangible and intangible assets.


    1. Risk analysis in strategic planning

      1. The risk and opportunity assessment embraces the medium/long term planning process.

        The methodology adopted is structured into three macro-phases:

        (i) identification of key risk and opportunity events;

        (ii) risk assessment;

        (iii) risk management.

        Not only does the Risk Management Managerial Committee approve the risk assessment methodology, but also the key metrics to measure risks and opportunities, in particular:

        • the economic impact to measure risks and opportunities (EBIT and Cash Flow);
        • the probability scales;

        The process of assessing key risk areas and their potential impact on strategic objectives (key value drivers) is guided by the Business Units, supported by the Regions. Central functions, such as Finance or Purchasing, coordinate the risk assessment on areas that are centrally monitored (raw materials and exchange rates).

        Statistical inference methods are applied to evaluate risk events that are significant for Pirelli and to build potential alternative scenarios to the one considered when the industrial plan was defined. This is performed in order to evaluate the "strength" of the strategic plan assumptions. Quantitative metrics to measure impact and probability allow the aggregation of each risk and opportunity into an overall Group risk exposure (EBIT and Cash Flow @ Risk through Montecarlo Simulation). The Risk Management Managerial Committee assures that the following aspects are defined in relation to the so-called EBIT@risk and CashFlow@risk:

        • Risk exposure target level on priority risks;
        • Mitigation plans and "management" policies to maintain the levels of exposure within the "target" limits.

        When approving the strategic plan, the Board of Directors takes into account the overall Group risk exposure and verifies that the resulting economic and financial volatility falls within the defined tolerance threshold.

    1. Risk analysis on budget and periodical reforecasting

      1. The high volatility in the key economic and financial variables (raw materials price, exchange rates, market trends, pricing/mix evolution) has entailed supplementing the "traditional" reporting tools with a periodical measurement of expected EBIT and Cash Flow volatility considering risks and opportunities that may produce a significant change in the Group targets. The EBIT@risk and CashFlow@risk review is subject to a periodical report to the Top Management and supports it in proactively identifying market trends and a possible "realignment" of strategic actions.

    1. Risk analysis in new investment projects/business

      1. Pirelli risk model supports the decision-making process relating to investment initiatives. The “risk dimension” has been fully embedded in the traditional set of data related to investment projects, in particular, the ERM department provides the following information:

        • a detailed analysis of the economic, political, safety and operational risk of the country where the investment is intended to be made;
        • the estimated of the "risk adjusted" cash profiles generated by the investment and the degree of volatility of the Net Present Value (NPV@risk) taking into account events that are able to lead to significant changes to the business plan results.

        The inclusion of the risk variable in the analysis of investment projects and the possibility of comparing them with the expected returns, contribute to:

        • enhance further the Top Management's awareness and guide the risk management strategies;
        • lead a comparative evaluation of the investment initiatives.

    1. Operational risks assessment

      1. The assessment of operational risks forms an integral part of the Enterprise Risk Management activity as a proactive identification and management of such risks minimize negative impacts on strategic assets (both tangible and intangible) as well as unfavorable ramifications on the Group strategy. Thus, at least on an annual basis, the following activities are performed:

        • Annual Operational Risk Assessment (Risk Register): the head of each relevant function, in coordination with ERM, identifies and assesses proactively all risks in terms of likelihood, impact and risk management system maturity. The Group has defined its risk tolerance based on a multidimensional impact scorecard, that allows to evaluate the risk event severity for each risk among those deemed applicable within the following eight:
        • Based on worst case scenario approach the overall exposure evaluation for each risk reflect the most severe impact among the dimensions that has been evaluated. The assessment allows to identify among others the critical risks: those risk events assessed by the Risk Owner above the attention threshold in terms of likelihood of occurrence and potential severity, having a risk management system deemed not optimized. These risks, representing the most critical residual risk exposure, are those having the highest level of priority and for which a specific remediation plan is required in terms of CAPEX and OPEX to lower down the risk exposure below the defined tolerance.


        • Mitigation plan Committee’s approval: for each risk event identified as critical, the head of each relevant function submits a mitigation plan to the Committee for approval. It is up to the Committee to define the overall strategy, balancing benefits and costs related with the implementation of the mitigation plans proposed.
        • Monitoring & Reporting: ERM in coordination with the relevant department periodically assesses the implementation of mitigation plan and any emerging risk that may arise after the annual assessment.

        Examples of those risks emerged as critical, for which the Group has activated a mitigation plan, include:

        • -   Extreme natural events, aggravated by the ongoing climate change, resulting in damage to assets and potential business interruption for which the Group has put in place an investment plan to reduce its exposure (e.g. flood barriers installation to protect and minimize the impact).
        • -   Raw material unavailability, resulting in potential business interruption for which the Group has in place a scouting, compounding and safety stock activities to reduce its exposure and dependency from suppliers.

        Throughout the assessment, for those risk events that could affect the business continuity is also required to the Risk Owner to provide a detailed contingency plan to reduce the potential impacts and tightening the restore time in case of occurrence.

        The Pirelli risk management framework is annually subject to several internal and third-party audits such as for the IATF purpose.

    1. External risks assessment

      1. The analysis of external risks (especially stemming from macroeconomic volatility) is carried out on an ongoing basis with the support scenario analysis - both internal and external - as well as econometric models. These techniques are used by the Enterprise Risk Management to assess potential negative impacts on strategic and operational planning goals.

    1. Climate change risks assessment

      1. Pirelli has introduced the Climate Change Risk Register, strengthening the identification, evaluation, mitigation and monitoring of climate change risks that could affect the Group’s business and objectives.

        The assessment phase follows the ERM framework (i.e. Annual Operational Risk Assessment) and the identified climate change risks and opportunities are fully integrated into multi-disciplinary company-wide risk management processes. Due to the nature of the risks assessed, the metrics have been rescaled into three different time horizons in which the risk event could occur and/or impact the Group. For each risk event assessed, three different evaluations are provided for the equivalent scenarios considered: short-term (whitin 2025), medium-term (2025-30), long-term (2030-50).

        The risk catalog, aligned to the Group sustainability objectives and global leading practices and frameworks (e.g. TCFD, EU Taxonomy), includes both physical and transition risks. In details, the analysis assesses the evolution of possible acute physical, chronic physical, technological, reputational, policy & legal (including current and emerging regulations) and market risks that may affect the company and its value chain, both upstream and downstream.

        The Group exposure to acute physical risks (arising from changes in climate extremes as more frequent and/or intense extreme weather events – e.g. cyclones, storms, floods, droughts) and chronic physical risks (changes in average climate or environmental variables – e.g. increasing mean temperatures, change in precipitation patterns, sea level rise, ecosystem degradation, biodiversity loss, water stress and resource scarcity), is worldwide assessed collecting sites specific data on exposure to these events through time and quantifying the potential economic impacts for the Group (e.g. in terms of EBIT) with quantitative analysis and statistical tools as Montecarlo simulations where applicable.

        Transition risks that could arising from an evolving low carbon economy and climate change challenges (e.g. tightening of carbon pricing schemes, change in consumers behaviors, new technologies and environmental performance) are evaluated through dedicated assessment with each risk owner and stakeholder involved.

Last revised: 15 Nov 2023