2020 Integrated
Management Report
Financial Statements
1 2 3 4 5 6 7 8 9

Global Management System and Risk Management

Cellnex created a
Global Management System area

A new corporate area named as "Global Management System" was created in 2020, compromising four main pillars: Risk Management, Quality & Certifications, Health & Safety and Sustainability & Environment.

A Management System Committee was created to reinforce the new area. Both the Risk Management and Quality & Certifications pillars are explained in the following sections. The Health & Safety pillar is explained in detail in "Chapter 4. Boosting our talent, being diverse and inclusive" and the Sustainability & Environment one is set out in more detail in "Chapter 6. Growing with a long-term sustainable environmental approach".

As one of its main challenges for 2021, the area will carry out a campaign to raise awareness of the Cellnex’s contribution to the SDGs to communicate the commitments made and the actions taken in this field, which contribute to the achievement of the SDGs. Moreover, the Global Management System area will develop a project to implement a detailed follow-up of the contribution of the different projects to the SDGs.

Cellnex is applying a
three-line defence
to strength the global risk management model

Risk management

At the end of 2019, in accordance with the risk culture in Cellnex and with the commitment to strength the global risk management, the Board of Directors approved the methodology of the three lines of defence risk model. These consist of the following:

  • 1st Line of defence: Operational Management. This concerns all functional areas in Cellnex, both in Corporate and in Business Units, were the management has ownership, responsibility and accountability for assessing, controlling and mitigating risks together with maintaining effective internal controls, as well as reporting to Management.
  • 2nd Line of defence: Global Risk Committee and Quality & Risk Management department. This line of defence facilitates and monitors the implementation of effective risk management practices and assists in defining the target risk exposure and reporting risk information through the organisation. They report to Senior Management.
  • 3rd Line of defence: Internal Audit department. This line of defence provides independent assurance to the Board and Senior Management on how effectively the organisation assesses and manages its risks, validating how the first and second lines operate.

Two initiatives were launched in relation to this commitment to integrated risk management: the creation of the Global Risk Committee and the creation of the Risk Management department to reinforce the tasks of the Lines of Defence.

The objectives of the Global Risk Committee, responsible for the second line of defence, are to deploy the risk management in Cellnex group and validate the risks and action plans defined in each risk map. Its main functions are:

  • Follow-up action plans.
  • Update risk management policies.
  • Unify risk management.
  • Sponsorship in expanding risk management to other areas of the Group.
  • Quarterly meetings to monitor risks, action plans and their coherence
  • Quarterly meetings to monitor risks, action plans and their coherence.
Cellnex approved a new
Global Risk Management Policy
to be applied in all geographical areas

The Risk Management department, created in 2020 as a new corporate area, aims to foster a common risk culture in Cellnex. In this regard, this department creates a global methodology for risk management in Cellnex, guaranteeing coherence through the whole group, created at a global level with the aim of standardising internal processes in the group.

Furthermore, the Global Risk Management Policy was approved in 2020. The Policy establishes the essential principles and commitments in the area of Risk Management within the organisation, their communication to the groups of interest and the progressive integration into all the Cellnex group's operating systems and processes.

The principles and commitments established in this Policy are of general application and must be taken into account in each of the projects, businesses and activities carried out by the company. This Policy is mandatory for all companies controlled by Cellnex Telecom.

The purpose of the Global Risk Management Model is to define the model and common methodology for Global Risk Management in the Cellnex group. It establishes the governance model, roles and responsibilities, risks lifecycle, risks taxonomy and assessment and risks monitoring. The purpose of the Risk Management Blueprint is to define the process of risk management in Cellnex.

The new risk model promotes a global risk culture and deploys the (Three Line of Defence, providing a comprehensive response capacity to current and potential risks of the company, improving decision-making and increasing the resilience of the Cellnex Group
Andres Toribio,
Global Head of Quality & Risk Management Cellnex Telecom

A two-year Global Risk Management Master Plan will be established in 2021 following the transformation of the company’s global risk management model. This Master Plan aims to implement a global and transversal risk management model in Cellnex. The Master Plan must be scalable and industrialisable according to the growth of the company, allowing the three Lines of Defence to be established, as well as the processes of the Global Quality & Risk Management area. The Global Risk Management Master Plan main objectives are to:

  • Integrate the risk and control culture in the business through a 2-year transformation plan.
  • Have a comprehensive response capacity to current and potential risks of the company, thereby improving decision-making.
  • Have a scalable, industrialisable and digital model that allows us to continue growing and adapting to new businesses without losing control of risk.
  • Cover the different types of risk that can impact on any of the areas of the company with an integrated risk governance.
  • Have a digitisation plan to detect, anticipate and mitigate the company's risks, while improving the efficiency of its own management.
  • Follow the most widespread standards, methodologies and best practices in risk management (such as ISOs 31000 and 22301, COSO or Magerit).
Cellnex will implement a
GRC tool

Likewise, one of the most important goals of Risk Management department is to promote a risk culture in all Cellnex group, to which end a risk awareness programme will be launched in 2021 to integrate risk management and control in business-as-usual actions and in day-to-day decision-making processes throughout all areas in Cellnex.

Finally, a Global Risk Compliance (GRC) tool will be implemented in 2021. A GRC tool adds value to the Integrated Risk Management, Internal Control and Internal Audit system, and to its Compliance and Governance, taking Cellnex to a leadership position. This tool will provide users with multiple features that allow monitoring of the necessary tasks to carry out a simple and user-friendly Risk Management, Internal Control and Internal Audit. The tool is adaptable to the needs and requirements of all Cellnex stakeholders, facilitating decision making through reliable data and dynamic and interactive visualisation. The digitalisation of the model has a high impact on all stakeholders, internally and externally, and allows streamlined integration of the model from Corporate to Business Units.

Below, there is a list with the main risks that may affect the activities of the Cellnex group and the achievement of its objectives. In this regard, one of the main challenges of the future Global Risk Management Master Plan is to carry out a global risk assessment by 2023, including non-financial risks, especially climate-related financial risks, and human rights-related risks. Cellnex worked in this regard in 2020 considering this kind of non-financial risks as operational risks of its activity and also updating the risks and opportunities arising from climate change, following the recommendations of the "Task Force on Climate-related Financial Disclosures (TCFD)". For detailed information, see Chapter 6. Growing with a long-term sustainable environmental approach.

Strategic risks

I)  Risks related to the environment in which the Group operates and risks stemming from the specific nature of its businesses.
II)  Risks of increasing competition.
III)  The Group’s status as a “significant market power” (“SMP”) operator in the digital terrestrial television (“DTT”) market in Spain imposes certain detrimental obligations on it compared to its competitors.
IV)  Industry trends and technological developments may require the Group to continue investing in asset class-businesses adjacent to telecommunication towers, such as fibre, edge computing and small cells.
V)  Spectrum may not be secured in the future, which would prevent or impair the plans of the Group or limit the need for the Group’s services and products.
VI)  Risk related to a substantial portion of the revenue of the Group is derived from a small number of customers.
VII)  Risk of infrastructure sharing.
VIII)  Risk of non-execution the entire committed perimeter.
IX)  The expansion or development of the Group's businesses, including through acquisitions or other growth opportunities, involve a number of risks and uncertainties that could adversely affect operating results or disrupt operations.
X)  Risks inherent to the businesses acquired and the Group’s international expansion.
XI)  Risk related to the non-control of certain subsidiaries.
XII)   Risks related to execution of Cellnex's acquisition strategy.
XIII)   Regulatory and other similar risks.
XIV)   Litigation.
XV)   Risk related to the Company’s significant shareholder’s interests may differ from those of the Company.


Operational risks

XVI)   Risks related to the industry and the business in which the Group operates.
XVII)   Risk of not developing the strategic sustainability plan.
XVIII)   Risks related to maintaining the rights over land where the Group’s infrastructures are located.
XIX)   Failure to attract and retain high quality personnel could negatively affect the Group’s ability to operate its business.
XX)   The Group relies on third parties for key equipment and services, and their failure to properly maintain these assets could adversely affect the quality of its services.

Financial risks

XXI)   Financial information.
XXII)   Expected contracted revenue (backlog).
XXIII)   Foreign currency risks.
XXIV)   Interest rate risk.
XXV)   Credit risk.
XXVI)   Liquidity risks.
XXVII)   Inflation risk.
XXVIII)   Risk related to the Group's indebtedness.
XXIX)   The Company cannot assure that it will be able to implement its Dividend Policy or to pay dividends (and even if able, that the Company would do so).

Compliance risks

XXX)   Fraud and compliance risks.
XXXI)   Risk associated with significant agreements signed by the Group that could be modified due to change of control clauses.

For detailed information, see Annex 2. Risks.

Integrated Management System

The Management System Department was set up in 2020 to foster the attainment of Cellnex’s strategic objectives in line with European Standards and contribute to achieving the Sustainable Development Goals. In this regard, we are currently defining the Integrated Management System Model which will integrate several systems, such as the Information Security Management System (ISMS).

Cellnex's organisational model is based on an Integrated Management System that provides a framework for:

  • Carrying out a systematic approach in the implementation of processes, guaranteeing their effectiveness.
  • Establishing an operation that ensures the quality of the services provided.
  • Guaranteeing that the activity is carried out in compliance with the requirements of the environmental, occupational health and safety and information security reference standards, as well as the legislation in force.

Likewise, Cellnex has common guidelines in terms of Quality, Health and Safety and Environment, as well as a self-assessment method to make possible:

  • The adaptation of the Business Units recently incorporated to the Group to this Management System.
  • A quick evaluation of the degree of maturity of the system in each of the Business Units.

Therefore, an Integrated Management System and Certifications:

  • Allows new business opportunities.
  • Facilitates implementation of Cellnex’s Industrial Model.
  • Enables Continuous Improvement through Integrated Management System for customer satisfaction.
Cellnex created a
Certifications catalogue tool
to keep a track of the certification status of each country

As part of the Management System, the Certifications catalogue for Cellnex is a tool that allows the company to know the exact status of all Business Units in terms of Certifications.

Taking into account the objectives described above, the gap analysis and roadmap will aim to standardise the Integrated Management System throughout the Group while providing support during the certification processes in accordance with the reference standards.

In the comparative analysis of the selected reference standards it has identified common points and particularities of the reference standards (ISO 9001, 14001 y 45001) and has compiled and analysed the existing documentation in the organisation to comply with the requirements of the reference standards, both at corporate level and in the Business Units. The resulting matrix collects the instruments and level of compliance of each Business Unit with respect to the minimum requirements demanded by the reference standards.

To continue improving the Management of the Integrated Management System in all its Business Units, Cellnex has defined a project to prepare an Implementation Guide for Cellnex's Integrated Management System, making it possible to:

  • Cover the gaps detected in each country.
  • Incorporate the best practices identified at the Group level.
  • Advance towards the standardisation and globalisation of the Integrated Management System.
Work is being done to consolidate the
Integrated Management System
in each new Cellnex’s acquisition

In this regard, we would underline that the integration of the Integrated Management Systems will be carried out as part of the integration process of On Tower UK in 2021. Prior to its incorporation, On Tower UK had an Integrated Management System, certified by the ISO 9001, 14001 and 45001 standards, which must now be reviewed and adapted to the Cellnex Telecom Management System.

With a view to incorporating On Tower UK into Cellnex’s Integrated Management System existing documentation has been analysed to identify weaknesses that will need to be worked on during integration, along with the strengths and best practices to be considered by Cellnex as part of its continuous improvement process.

Here, the Quality & Certifications department will be focused on deploying global certifications in non-certified countries (ISO 9001, 14001, 45001, etc.) in the period 2021-2023. The main benefits of having global certifications in Cellnex are:

  • Maintaining and the renewing of certifications is more efficient because it’s a single certification for all companies and Business Units.
  • From a cost perspective, it’s more cost-effective to manage global certifications rather than local ones, identifying synergies and removing redundancies.

The approach followed by the Quality & Certifications department is to create a global Integrated Management System in Quality (ISO 9001) for all the Business Units as a baseline on which to build ISO 14001 and ISO 45001, paying attention to continuous improvement and best practices in all Cellnex group.

In short, Cellnex maintained the Information Security Management System (ISO 27001) certification during 2020 at global certification level, consolidating the Management System of its first global certification as the Cellnex group.

At local level, and following corporate guidelines, the areas responsible for the management system in the Business Units have successfully renewed and obtained new certifications. Among these are the local certifications for Energy (ISO 50001) and Service Management (ISO 20000-1) in Spain, the Quality certification (ISO 9001) in the Netherlands, the Quality, Environment and Health & Safety certification (ISO 9001, 14001 and 45001) in the UK and obtaining the integrated certification of Corporate Sustainability (EASI) in Italy.

Also, Cellnex has been working on the certification of Corporate Social Responsibility (SA8000). This international standard certifies companies and organisations in the development of socially responsible practices, focusing on the social impact of the activity and the conditions in which their employees, partners and suppliers work. The SA8000 Standard is based on internationally recognised standards of decent work, including the Universal Declaration of Human Rights, ILO conventions, and national laws. SA8000 applies a management-systems approach to social performance and emphasizes continual improvement -not checklist-style auditing. The elements of the Standard are:

Cellnex approved a
Global Quality Policy
to be applied in all geographies

Quality and continuous improvement

The service provided by Cellnex is focused on meeting the needs and demands of their customers, by adding value throughout the whole lifecycle of services, and by providing support infrastructures and Telecommunications services to Operators, Broadcasters, Public Administrative Bodies and Corporations, promoting satisfaction and the fulfilment of all the stakeholders’ requirements.

In this regard, a Global Quality Policy was approved in 2020. This Policy is implemented and developed within an Integrated Management System and is mandatory for all companies under Cellnex Telecom.

A biannual Quality Master Plan will be implemented in 2021 in accordance with the Global Quality Policy. The Master Plan aims to establish Cellnex Telecom's strategic lines of action regarding Quality, thus allowing the development of the essential principles and commitments contained in the policy. These strategic lines should lead to Quality being integrated into the strategy and in corporate action as a crucial element touching on all areas and departments the ultimate objective of which is to achieve higher levels of sustainable development, continuous improvement and business excellence.

The Master Plan has been drawn up as a tool helping to provide coherence to actions in Quality aspects to position Cellnex Telecom as a leading company in this area.

The activities will be articulated around this instrument to be implemented at a later stage. The following steps will be adapted to the monitoring and evaluation. The Plan must be understood as a continually evolving element of management under continuous evaluation.

Customer Care aims to create sustainable value distributed to all stakeholders, a strategic priority and a cross-cutting commitment that must be present in each of the actions performed by Cellnex Telecom.

Cellnex stablished a continuous improvement model to include
best practices
from each geographical area in which Cellnex operates

Furthermore, in 2021 Cellnex will establish a Continuous Improvement Model that will allow the company to centralise all continuous improvement initiatives, giving coherence to all of them from a global perspective.

This global model will apply to all companies in the Cellnex group and will create a global framework to develop continuous improvement in Cellnex, taking into account local adaptation in Business Units. Moreover, best practices from all Business Units will be included in this global continuous improvement model to ensure these initiatives can be rolled out efficiently.

Once the global Continuous Improvement Model is created and approved for the whole Cellnex group, all continuous improvement initiatives should be collected and managed in a coherent way to report the overall impact of their implementation. The impact of these initiatives must be measured through common indicators that allow us to show the global figures of implementing continuous improvement at a global level, as well as from a local perspective.

In this regard, one of the most important goals of the Quality & Certifications department is to promote a quality and continuous improvement culture throughout the Cellnex group. To achieve this objective requires the launch of an awareness-raising programme in these areas to integrate quality and continuous improvement aspects into our day-to-day decision-making process throughout all areas in Cellnex.

Thanks to the quality and continuous improvement culture, the average frequency of network interruptions was of one interruption every 97 days in 2020 in Spain (76 days in 2019) and the average duration of network interruption was 2.0 hours in 2020 (1.9 hours in 2019). Moreover, in Netherlands, there were ten network interruptions in 2020 (two in 2019), and the duration of network interruption ranged from twenty minutes to three days depending on the cause of the interruption. No data is available for the other geographical areas in which Cellnex operates.

Security and availability of the services during COVID-19 pandemic

The policies for the assurance of the service in 2020 have included the carrying out the monitor and operation tasks by the Control Centre remotely without impact on the service. This has made it possible to cope with guarantees, both for services and for people, to the health crisis experienced.

Cellnex has different policies to ensure the availability of services that are developed in all sections of the value chain: engineering or design, supply or deployment, and operation and maintenance.

Regarding to engineering, the policies aimed at ensuring the availability of services are based on the choice of fault-tolerant network architectures, the selection of manufacturers and suppliers of recognised value, selection of products and processes that meet the minimum specifications and the use of redundancies in the most critical elements and sections of the network.

In relation to operation and maintenance, policies to ensure the availability of services include both preventive and corrective aspects. Noteworthy preventive aspects are the use of preventive maintenance protocols to ensure an adequate useful life of the installed equipment and the surveillance of services through supervision systems managed by a control centre.

Likewise, there are contingency plans for specific services and infrastructures that make it possible to guarantee the continuity of certain services in the event of possible far-reaching incidents, within the established limits, such as for DTT head-ends and main distributions.

The control centre manages corrective maintenance actions, always prioritising technical resources to minimise the impact on the business and considering the objective of maximising compliance with the SLAs agreed with the clients. The most outstanding practices are the analysis of repeatability and the associated management of problems, within the processes of continuous improvement, to reduce the future probability of both the volume of interruptions and their down times.

Before starting...

We use our own and third-party cookies for analytical purposes and to show you personalized advertising based on a profile prepared from your browsing habits (for example, pages visited). Click HERE for more information. You can accept all cookies by pressing the "Accept" button or configure or reject their use by pressing the "Configure" button.

ACCEPT AND CONTINUE Configure cookies