Risk Governance Model
The EDP Group adopts a widely recognized risk governance model based on the three lines of defences, which can be, in certain situations, supplemented by a fourth line through external audit and regulatory supervision . Each line of defence has defined entities and forums at Corporate, Platform, and Regional levels to ensure coordination, avoid overlaps, and promote collaboration.
Risk management is embodied by the Risk Business Enablement Function (Risk), encompassed by overarching Centres of Excellence (CoE) and Platform Business Partners (BP), ensuring fluid articulation and communication throughout EDP regarding the main sources of exposure and risk mitigation measures. Additionally, Regional focal points are also defined to ensure an overarching perspective of the risk of each region and serve as a link to the Region organization.
Moreover, the group has several Risk Committees, where top management and relevant specialists meet to examine, discuss, and advise on key risk exposures for the group, their limits and mitigation actions.
The risk management strategy encompasses structured support for articulating and analysing risk‑return trade‑offs, including the organisation’s risk appetite, to inform key management decisions. It also involves the periodic review and update of the Risk Appetite Statement, which is formally approved and disclosed in the Annual Integrated Report, as well as the regular revision of specific risk management policies to ensure their continued adequacy and alignment with the organisation’s strategic objectives.
Download the PDF below for a detailed description of EDP Group’s competent bodies, their respective responsibilities, and the Risk Committees.
