Risk management Eneco Group

Risk management is essential for the realisation of our strategic ambitions. We identify and mitigate the risks that may impede the achievement of our goals, which enhances our chances for success.

The Board of Management is responsible for the risk management of the company as a whole. It has delegated this responsibility to each of the business management teams of the underlying segments. The managers concerned are supported in this responsibility by functions such as safety and compliance ("second line"). The overall coordination lies with the finance department. Internal audit carries out additional audits ("third line") and reports the results to the Board of Management and the Audit Committee.

Risk management framework

The main components of the risk management framework are:

ECRS

The COSO model dating from 2004 is the worldwide standard for Enterprise Risk Management. Therefore, this model has been selected as the basis for Eneco’s internal risk management and control system, which goes by the name Eneco Control & Risk System (ECRS). The first version of the ECRS was introduced in 2005. Each year, the ECRS is adapted to keep up with the latest developments with respect to risks, business developments and external influences.

The Eneco Control and Risk System (ECRS) consists of a risk assessment methodology, a set of control measures and a methodology that management can use to determine the effectiveness of the control measures (see In Control statement).

Financial control framework

Eneco applies a financial control framework that defines the main financial restrictions on the strategy. These restrictions include minimum requirements for the ratios for solvency and cash flow in relation to net debt, using a credit rating of around A (Standard and Poor's) as the guideline.

Stress tests

Eneco applies stress tests to its financial forecasts to include the impact of risks in the evaluation of the financial robustness of the strategy. In addition to obtaining insight into the possible effects of these risks, measures are defined to control the risks.

Audit Risk Committee

Each management level has its own Audit Risk Committee: at Board of Management level and at segment level (senior management teams). The risk assessments and the status of control measures and mitigating activities are discussed periodically by these ARCs. The Audit Committee of the Supervisory Board monitors the adequate functioning of the risk management activities as a whole.