F - INTERNAL RISK CONTROL ANDMANAGEMENT SYSTEMS
RELATION TO THE PROCESS OF ISSUING FINANCIAL REPORTS
(
SCIIF)
Describe the mechanisms making up the risk control and management systems in relation to the process of issuing financial reports (SCIIF) on your company.
F.1 The company’s control environment
Report, indicating the main characteristics of at least:
F.1.1. What bodies and/or areas are responsible for: (i) the existence and maintenance of an adequate and effective internal financial reporting control system
(
SCIIF); (ii) its implementation; and (iii) its supervision
The Financial Department is responsible for the design, implementation and overall monitoring of the Group’s Internal Financial Reporting Control
System. This means maintaining the necessary control structure and ensuring it functions effectively and continuously over time. The purpose of the
internal control system is to provide the company with reasonable guarantees that the financial reports generated are reliable.
The entity’s Board of Directors is responsible for overseeing this control structure, in line with the provisions of Article 5 of the Board of Directors
Regulations.
In order to carry out this previously-described supervisory function, the Board of Directors turns to the Audit and Control Committee, which, through its
internal auditing area, is obliged to implement measures and action plans to ensure that this supervisory function is properly carried out, as described in
Article 25 of the Board of Directors Regulations.
F.1.2. If the following elements exist, particularly in relation to the financial report generation process:
Departments and/or mechanisms responsible for: (i) the design and supervision of the organisational structure; (ii) clearly defining the chain of
responsibility and authority with an adequate distribution of tasks and functions; and (iii) ensuring that there are adequate procedures for disseminating it
within the company.
Defining and reviewing the organisational structure of the Group is the responsibility of theManagement Committee; this organisational structure is fully
defined. Significant changes to the organisation chart, when they occur, are approved by the Board of Directors on presentation by the Appointments and
Remuneration Committee. The organisation chart is available to all employees on the Group’s intranet.
All group employees are duly informed both of the chain of hierarchical responsibility and functions; to that end, internal channels of communication are
used, most notably the intranet, managerial meetings and notice boards in each hotel.
In order to fulfil the objectives and responsibilities relating to maintenance and supervision of the Financial Reporting Control process, specific functions
have been defined within the organisational structure, and these apply to those responsible for each process involved with Financial Reporting. The
objectives of these functions are to ensure compliance with the implemented controls, analyse how they function, and provide information about any
changes or incidents that may occur.
On an ascending scale of responsibility, this structure includes the supervisors of each process in the area of control, the directors of each business unit
and the directors of each corporate area directly concerned with the processes related to the internal Financial Reporting Control System. The Finance
Department is entrusted with receiving information form the different individuals responsible for the process and is also responsible for ensuring correct
operation of the internal control system.
Code of conduct, the approval body, the degree of dissemination and instruction, included principles and values (indicating if there are specific mentions of
the transactions register and the generation of financial reports), the body in charge of analysing breaches and proposing corrective actions and penalties.
Responsibility for approving the Code of Conduct rests with the Board of Directors of NHHoteles. The document affects all NH group employees, being
applicable not only to employees and members of the Board of Directors, but also, in certain cases, to customers and suppliers.
On 24May 2011, the Board of Directors approved a new Code of Conduct, which has replaced the previous document that was approved in 2003.
All Group employees have been informed of the Code of Conduct, along with additional training material (“Practical Guide for Employees”, “Frequently
Asked Questions”), by various online and offline means which are permanently available to employees and third parties on the company website. The
Company has established a procedure whereby each employee with an individual email address is sent the new Code of Conduct, and asked to commit
to it. For other employees, there have been periodical communication campaigns. At present, the company website offers an online course for employees,
intended to ensure familiarity with the Code of Conduct.
Any modification of the Code of Conduct must be previously approved by the Board of Directors, and employees and any other people affected must be
notified.
The Code of Conduct contains the following points specifically relating to financial reports and the recording of transactions:
-
Section 3.2.4 c) states that “NHHoteles shall ensure that all records of financial and accounting activity are prepared in an accurate and reliable manner,
co-operating with and facilitating the work of the internal audit, inspection and intervention units and other internal control units, as well as that of
external auditors and competent authorities, in all cases collaborating with the Justice department”.
ANNUAL CORPORATE GOVERNANCE REPORT
42
