41
F - INTERNAL RISK CONTROL AND MANAGEMENT SYSTEMS IN
RELATION TO THE FINANCIAL REPORTING PROCESS (SCIIF)
Describe the mechanisms making up the risk control and management systems in relation to the process of issuing financial reports (SCIIF) on your
company.
F.1 The company’s control environment
Report, indicating the main characteristics of at least:
F.1.1 What bodies and/or areas are responsible for: (i) the existence and maintenance of an appropriate and effective financial reporting system;
(ii) its implementation; (iii) its supervision.
The Financial Department is responsible for the design, implementation and overall monitoring of the Group’s Internal Financial Reporting
Control System. This means maintaining the necessary control structure and ensuring it functions effectively and continuously over time. The
purpose of the internal control system is to provide the company with reasonable guarantees that the financial reports generated are reliable.
The company’s Board of Directors is responsible for overseeing this control structure, in line with the provisions of Article 5 of the Board
Regulations.
In order to carry out the oversight function described above, the Board of Directors turns to the Audit and Control Committee, which is obliged,
through its internal auditing function, to supervise the process of drawing up and submitting regulatory financial information, as described in
Article 25 of the Regulations of the Board of Directors.
F.2.2 If the following elements exist, particularly in relation to the financial report generation process:
Departments and/or mechanisms responsible for: (i) designing and reviewing the organisational structure; (ii) clearly defining areas of
responsibility and authority, with a suitable distribution of tasks and functions; and (iii) the existence of sufficient procedures for these to be
properly disseminated within the entity
Defining and reviewing the organisational structure of the Group is the responsibility of the Management Committee. Significant changes to the
organisation chart, i.e., those affecting senior management, are approved by the Board of Directors, after approval by the Appointments and
Remuneration Committee. The organisation chart is available to all employees on the Group’s intranet.
The lines of both hierarchical and operational responsibility are duly communicated to all the Group’s employees, using internal Group
communication channels, particularly the intranet, management meetings and the notice boards in place in each hotel.
In order to fulfil the objectives and responsibilities relating to maintenance and supervision of the Financial Reporting Control process, specific
functions have been defined which apply to those responsible for each process involved with Financial Reporting, in order to ensure compliance
with the implemented controls, analyse how well they function, and report any changes or incidents that may occur.
On an ascending scale of responsibility, this structure includes the supervisors of each process in the area of control, the directors of each
business unit and the directors of each corporate area directly concerned with the processes related to the internal Financial Reporting Control
System. The Finance Department is entrusted with receiving information from the different individuals responsible for the process and is also
responsible for ensuring correct operation of the internal control system.
Code of conduct, the approval body, the degree of dissemination and instruction, included principles and values (indicating if there are specific
mentions of the transactions register and the generation of financial reports), the body in charge of analysing breaches and proposing corrective
actions and penalties.
NH has had a Code of Conduct since 2006, which was last revised in 2011. Responsibility for approving the Code of Conduct rests with the
NH Board of Directors. This document affects all NH group employees, being applicable not only to employees and members of the Board of
Directors, but also, in certain cases, to customers and suppliers.
The Code of Conduct summarises the professional conduct expected of NH employees. NH is committed to acting with integrity, honesty,
respect and professionalism while performing its activities. NH is committed to complying with the laws and regulations in the countries and
jurisdictions in which it operates. These include laws and regulations on health and safety, discrimination, taxation, data privacy, competition,
and commitment to the environment. The key areas covered by the Code are:
• Commitment to employees
• Commitment to suppliers
• Commitment to customers
• Commitment to shareholders
• Commitment to communities and society
• Commitment to the Group’s assets, knowledge and resources
• Obligations regarding fraudulent or unethical practices
• Commitment to the stock market
• Commitment to competitors
Also, in October 2014 the Audit and Control Committee approved creation of the Compliance Committee, consisting of Board members and
SVPs, which is empowered to supervise compliance with the group’s Internal Conduct Regulations for employees who deal with the group’s
Stock market, Code of Conduct, Criminal Risk Prevention Model and Conflict of Interest Procedure activities. This body is chaired by the General
Secretary and reports to the Audit and Control Committee.
ANNUAL CORPORATE GOVERNANCE REPORT
