Corporate Risk Management

The Corporate Risk Management division of Neoenergia is coordinated by the Risk Management Superintendence, connected to the Financial Management, and is oriented by the guidelines that follow:


  • Achieve strategic objectives with controlled volatility;
  • Provide the maximum level of security and guarantees to shareholders;
  • Protect the results, image and reputation of the Group, respecting the Code of Ethics, internal regulations and the Law;
  • Protect the interests of shareholders, clients and other stakeholders;
  • Ensure corporate stability and financial strength in a sustainable manner over time.


The Neoenergia Corporate Risk Management General Policy defines the principles, guidelines and structure for risk management. This Policy unfolds and is complemented by the Group’s corporate and business risk policies, all approved by the Board of Directors..

Integrated risk control and management system

The Integrated Risk Control and Management system supported by the Risk Committee and based on the definition and setting of roles and responsibilities and on procedures, methodologies and support tools appropriate to the different stages and activities of the model, which include:


a) Continuous identification of the relevant risks and threats, considering their possible impact on corporate objectives and results;

b) Analysis of these risks, in each one of the businesses and corporate functions, and in a consolidated form in the Group;

c) Measurement and control of risks following consistent procedures and standards common to all businesses;

d) Analysis of the risks associated with new investments, as an essential element in decision making, assessing their risk-return;

e) Maintenance of an internal control system for compliance with policies, guidelines and limits, through appropriate procedures and systems, including contingency plans necessary to mitigate the impact of risk materialization;

f) Continuous assessment of the suitability and efficiency of the application of a system of best practices and recommendations regarding risks for its possible incorporation in the management model;

g) Audit of the integrated model of risk control and management by the Internal Audit Supervisory team; and

h) Corporate risk management is complemented by the Company’s Corporate Governance structure, which includes the divisions responsible for Compliance, Internal Controls and Auditing. These divisions, together with the Corporate Risk Management and the business and corporate management, complement and strengthen the risk management framework.


In addition to Neoenergia’s Corporate Risk Management General Policy, we present the corporate Risk Policies and those specific to Business:


  • Financial Risk Policy
  • Credit Risk Policy
  • Operational Risk Policy for Market Transactions
  • Energy Market Risk Policy
  • Insurance Policy
  • Purchasing Policy
  • Investiment Policy
  • Information Technology Policy
  • Cybersecurity policy
  • Reputational Risk Policy
  • Treasury Stock Policy
  • Occupational Health and Safety Policy
  • Liberalized Business Risk Policy
  • Renewables Business Risk Policy
  • Network Business Risk Policy