41
E - RISK CONTROL AND MANAGEMENT SYSTEMS
E.1 Explain the scope of the company´s Risk Management System, including tax risks
The NH Hotel Group risk management system is applicable to all the companies over which NH has effective control.
NH’s risk management system aims to identify events that may negatively affect achievement of the objectives of the company’s strategic plan,
providing the maximum level of assurance to shareholders and stakeholders and protecting the group’s revenue and reputation.
The model set up to manage risks is based on the ERM (Enterprise Risk Management) methodology and includes a set of methodologies, procedures
and support tools which enable NH to:
1. Identify the most significant risks that could affect achievement of strategic objectives.
2. Analyse, measure and assess such risks depending on their probability of occurrence along with their impact, which is assessed from a financial
and reputational point of view.
3. Prioritise such risks.
4. Identify measures to mitigate such risks based on the group’s risk appetite. This is firmed up by defining risk managers and setting up action plans
agreed by the Management Committee.
5. Monitor mitigation measures set up for the main risks.
6. Periodically update risks and their assessment.
Such methodologies and procedures are also used in relation to tax risk management.
For these purposes, it is worth note that NH Hotel Group’s Board of Directors, in the 2015 financial year, approved its Corporate Tax Strategy, a
regulatory framework falling within the Group’s Corporate Governance System and which has the fundamental aim of setting the values, principles
and rules that must govern the Group’s activities in tax matters, whether for the people who are a part of it or those who are associated with it.
This Strategy includes a specific procedure for tax management and control and supervision of the Group’s internal information and tax control
systems.
E.2 Identify the company bodies responsible for creating and implementing the Risk Management System, including tax
risks.
Board of Directors
The entity’s Board of Directors is responsible for overseeing the risk management system, in line with the provisions of Article 5 of the Regulation
of the Board of Directors, including tax risks.
Audit and Control Committee
As regulated by paragraph 3 of article 25 b) of the Regulation of the company’s Board of Directors, the Audit and Control Committee supports
the Board of Directors in supervising the effectiveness of the Company’s internal control, internal audit, if appropriate, and the risk management
systems, including tax risks, in addition to discussing significant weaknesses in the internal control system detected during audit with the auditors
of accounts or audit firms.
Management Committee
The Management Committee meets weekly and is made up of the Chief Officers or heads of general management for each area. The Management
Committee’s duties include, amongst others, risk management and control based on the risk appetite. Tax risk control falls to the Finance department.
Furthermore, NH has the following committees:
Revenue Committee:
In charge of monitoring revenue and defining such action plans as needed to achieve objectives.
Assets Committee:
Reviews space optimisation in the hotels, rent renegotiations and the exit plan. Expansion Committee: In charge of scrutinising
investment opportunities and managing risks associated with investment portfolio management.
Investment Committee:
In charge of monitoring and controlling risks related to hotel refurbishment and re-branding projects.
Comité de Inversiones:
Encargado del seguimiento y control de los riesgos relacionados con los proyectos de reforma y reposicionamiento en
hoteles.
Finance Department
The Finance Department is the department responsible for establishing the design, implementation and comprehensive monitoring of the Group’s
internal Financial Reporting control system. The Corporate Tax Department forms part of the Finance Department and is responsible for designing,
implementing and monitoring the Group’s Tax Risk Management.
Strategy Department
The Strategy Department is in charge of overseeing all strategic initiatives using Key Performance Indicators (KPIs).
Risk and Compliance Function
The Risk and Compliance function, which is part of the Internal Audit department, is in charge of drawing up the Corporate Risk Map and overseeing
the action plans agreed with each risk manager and their association with strategic objectives.
ANNUAL CORPORATE GOVERNANCE REPORT