C.1.1 Maximum and minimum number of directors established in the company’s articles of association:

C.1.2 Complete the following table with the members of the Board:

Indicate whether any directors have left the Board of Directors during the period being reported:

C.1.3 Fill in the following tables about the Board members and their corresponding categories:

Executive directors

External directors

INDEPENDENT EXTERNAL DIRECTORS

Indicate if any Director classified as independent receives any payments or benefits from the company or its group other than remuneration for the post of Director, or maintains, or has maintained, a business relationship with the company or any company in the group in the last year, whether in his own name or as a major shareholder, director or senior manager of an entity maintaining, or which has maintained, such a relationship.

NO

If so, include a reasoned statement by the Board as to the reasons why it considers that this director can perform his duties as an independent director.

OTHER EXTERNAL DIRECTORS

Identify the other external directors and state the reasons why they cannot be considered proprietary or independent directors, and their relationship with the company, its directors or shareholders:

Indicate the changes that, as applicable, have occurred to the category of each director during the period:

C.1.4 CFill in the table below with the information relating to the number of female directors in the last 4 financial years, and their type:

C.1.5 Explain the methods adopted, if any, to seek to include a number of women in the Board of Directors which would permit a balanced presence of women and men.

Explanation of the measures

The Board of Directors’ rules define the establishment of a target concerning the less represented gender on the Board of Directors and the guidelines on how to fulfil said target as one of the objectives of the Appointments, Remuneration and Corporate Governance Committee. This target was legally established as 30% women members of the Board of Directors by 2020.

In order to fulfil the aforementioned goal, the Appointments, Remuneration and Corporate Governance Committee shall ensure that the selection procedure does not suffer from any implicit bias that may hamper the selection of female directors and that women that fulfil the professional profile sought are included among the potential candidates.

The policy for selecting directors seeks to prevent discrimination, with meritocracy as the criterion guiding the selection process to identify the best candidates for the Company. However, and notwithstanding the foregoing, each time that there is a vacancy on the Board of Directors, and the corresponding selection process begins, at least one woman must be considered as a candidate until the 30% target is met.

C.1.6 Explain the measures agreed, if any, by the Appointments Committee to ensure that the selection process is not implicitly biased against selecting female Directors, and so that the company deliberately seeks to include women who meet the desired professional profile among potential candidates:

Explanation of measures

During the process of selecting Directors, in compliance with the principles set forth in the Board Regulations, the Appointments, Remuneration and Corporate Governance Committee has ensured women are included who meet the required professional profile in the list of candidates, and has endeavoured to ensure there are no biases inherent in the selection procedure that hinder the selection of female directors.

As mentioned previously, the policy for selecting directors expressly provides for the prevention of discrimination in the candidate selection process and, guided by company interest, meritocracy shall serve as the main selection criterion, with the process seeking to identify the most qualified candidates. However, each time that there is a vacancy on the Board of Directors, and the corresponding selection process begins, at least one woman must be considered as a candidate, notwithstanding the principles of merit and capacity, until the aforementioned 30% target for 2020 is met.

If, despite the measures adopted, if any, there are few or no female Directors, explain the reasons:

Explanation of the reasons

See above section.

C.1.6 bis Explain the conclusions of the appointments committee regarding the verification of compliance with the policy on director selection. In particular, explain how this policy promotes the objective that by 2020 the number of female directors is at least 30% of the total number of members of the board of directors.

Explanation of the conclusions

In 2017, the Appointments, Remuneration and Corporate Governance Committee considered the regulatory fitness and the Recommendations in the Good Governance Code in terms of the policy for selecting directors.

NH Hotel Group firmly believes that diversity in all its facets and at all levels of its professional team is an essential factor for ensuring the Company’s competitiveness and a key element in its corporate governance strategy, promoting the participation and development of women in the organisation, especially in positions of leadership, and, in particular, on the Board of Directors.

In the candidate selection process and, guided by company interest, meritocracy shall serve as the main selection criterion, with the process seeking to identify the most qualified candidates. Consequently, each time that there is a vacancy on the Board of Directors, and the corresponding selection process begins, at least one woman must be considered as a candidate, notwithstanding the principles of merit and capacity, until the aforementioned 30% target for 2020 is met. This company’s goal is to cover any Board vacancy with a new female director, therefore enabling us to increase the female presence on the Board.

In 2017, the Company has continued to work with expert consulting firms that have intensified the recruitment of female directors.

C.1.7 Explain how major shareholders are represented on the Board.

As set out in Article 9 of the Board Regulations, the Board will ensure that the majority group of external Directors includes, on one hand, those proposed by the holders of significant stable holdings in the company capital (proprietary Directors) and, on the other, professionals of recognised prestige who are not associated with the executive team nor with major shareholders (independent Directors).

Proprietary Directors are those that represent or have a shareholding in the Company that is greater than or equal to what is legally considered significant, or that may have been appointed due to their status as shareholders even though their shareholding does not reach the legally established amount.

For the purposes of this definition, it shall be assumed that a director represents a shareholder when:

a) He/she was appointed by virtue of the right to representation.
b) He/she is a director, senior manager, employee or regular service provider of this shareholder, or of companies belonging to its group.
c) The company documentation states that the shareholder accepts that the director has been appointed by it or represents it.
d) He/she is the spouse, or connected by a similar relationship, or related up to the second degree of kinship to a major shareholder.

C.1.8 Explain, if applicable, the reasons why proprietary directors have been appointed at the request of shareholders whose holdings are below 3% of share capital:

Indicate whether formal requests for representation on the Board from shareholders whose shareholding is equal to or greater than other shareholders at whose request proprietary directors have been appointed, have not been acted upon. Explain the reasons why they have not been acted on, as applicable:

NO

C.1.9 Indicate whether any director has left their position prior to the completion of their mandate; whether the director has explained their reasons to the Board, and by what means; and, in the event that the written communication was sent to the whole of the Board, explain the reasons given:

C.1.10 Indicate, if applicable, the powers delegated to the Executive Director(s):

C.1.11 IIdentify, if applicable, the members of the Board that hold administrative or management positions in other companies that form part of the group of the listed company:

C.1.12 State, if applicable, the directors of your company that are members of the Board of Directors of other entities listed on official stock exchanges, other than companies in your group, which the company has been notified of:

C.1.13 State, and if applicable explain, if the company has rules on the number of boards that its directors may belong to:

YES

Explanation of the rules

Article 29 of the Regulations of the Board expressly establishes that directors must dedicate the necessary time and effort to performing their duties, and must notify the Appointments and Remuneration Committee of any circumstances that may interfere with the required dedication. Similarly, directors may not belong to more than 10 boards of directors, excluding the Board of NH Hotel Group, S.A. and the boards of holding companies and family companies, without the express authorisation of the Appointments and Remuneration Committee based on the individual circumstances in each case.

C.1.14 Paragraph repealed.

C.1.15 State the overall remuneration of the Board of Directors:

C.1.16 IIdentify members of senior management who are not also Executive Directors, and indicate their total remuneration for the year:

C.1.17 State, if applicable, the identity of Board members who are also members of the Board of Directors of companies of significant shareholders and/or entities in their group:

Provide details, if applicable, of the relevant relationships other than those included in the previous heading, of the members of the Board of Directors with major shareholders and/or in entities of their Group:

C.1.18 State whether there has been any change to the regulations of the Board during the year:

YES

Description of changes

At its meeting of 29 June 2017 and at the proposal of the Chairman of the Board of Directors and the Chairman of the Appointments, Remuneration and Corporate Governance Committee, pursuant to the provision of Article 3 of the Board of Directors’ rules, the Board of Directors approved the amendment of Articles 36.1 and 36.4 of the Rules, so that the executive directors who receive remuneration for the functions they perform under their working or business contract with the Company do not receive any additional remuneration as a Director.

C.1.19 State the procedures for selecting, appointing, re-electing, appraising and removing directors. Name the competent bodies, the procedures to be followed and the criteria used in each procedure.

The directors are appointed by the General Shareholders’ Meeting, or provisionally by the Board of Directors in accordance with the provisions contained in the Capital Companies Act and the company’s articles of association.

Proposals for appointments or the re-election of members of the Board of Directors is the responsibility of the Appointments, Remuneration and Corporate Governance Committee in the case of independent directors and is the responsibility of the Board itself for all other cases. Proposals should always be accompanied by a report from the Board assessing the proposed candidate’s competence, experience and merits, which will be attached to the minutes of the General Shareholders’ Meeting or that of the Board.

Proposals for appointing or re-electing any non-independent Director must also be preceded by a report from the Appointments, Remuneration and Corporate Governance Committee.

The Board of Directors must ensure that the selection process for its members favours diversity in terms of gender, experience and knowledge and does not suffer from implicit biases that may lead to any type of discrimination and, particularly, that it facilitates the selection of female directors.

The Board of Directors will propose or designate people who meet the requirements set out in article 9.3.2 of the Regulation of the Board of Directors to cover the position of independent directors.

In any event, those subject to any incapacity, disqualification, prohibition or conflict of interests set forth in current legislation may not be proposed for appointment as Board members.

All those directly or indirectly holding interests of any type or that have an employment, professional or mercantile relationship, or relations of any other type with competitor companies, shall be considered as incompatible for the position of director, except when the Board of Directors, with a favourable vote of at least 70% of its members, agrees to set aside this condition. The above is without prejudice to any other waiver that, in compliance with current legislation, the General Shareholders’ Meeting had to provide.

C.1.20 Explain how far the annual assessment of the board has led to important changes in its internal organisation, and on the procedures applicable to its activities:

description of changes

The self-assessment carried out annually by the Board of Directors through completion of the corresponding questionnaire has enabled the thoughts of board members to be carried through to a series of action plans.

Below are the specific action plans for each opportunity for improvement which the Board of Directors intends to implement in 2018.

1. Strengthen the presence of the board in long-term issues and strategy.
2. Enhance reporting to the board on the perception of significant third parties and, in particular, customers and investors.
3. Revise the period of time between information supplied to the directors and the meetings.
4. Assess the competencies and capabilities of the Board of Directors and analysis possible areas to strengthen.
5. Agree and revise the training plan for the Board of Directors and, in particular, for new directors.
6. Extend the duration of the Audit Committee meetings.

C.1.20 bis Describe the assessment process and the areas that have been assessed by the Board of Directors aided, as appropriate, by an external consultant, with respect to the diversity of its composition and duties, the functioning and composition of its committees, performance of the Chairman of the Board of Directors and the Chief Executive of the company and the performance and contribution of each director.

The Board of Directors at NH Hotel Group has collaborated with KPMG, an independent, specialist firm, to respond to Recommendation 36 of the Code of Good Governance of Listed Companies of the Spanish National Securities Market Commission.

The survey addressed the following topics:

A) Methodology of Board of Director and Committee meetings
- Board of directors
- Executive commitee
- Audit committee
- Appointments, remuneration and corporate governance committee

B) Corporate governance
- Functioning
- Information
- Roles of the Board
- Information of third parties

C) Strategic planning

D) Opertional and financial supervision
- Time
- Procedures
- Audit committee information
- Risk identification and supervision

C.1.20 b Break down, as appropriate, the business relationship that the consultant or any company within its group maintains with the company or any company in its group.

Not significant, very specific and concrete business relationships.

C.1.21 Indicate cases in which Directors are compelled to resign.

Directors shall step down when the period for which they were appointed comes to an end or when agreed by the General Shareholders’ Meeting based on the powers legally attributed to it.

Article 14.2 of the Regulations of the Board of Directors also stipulates that Directors shall place their office at the disposal of the Board of Directors and tender their resignation in any of the following circumstances:

a) When they are removed from the executive offices with which their appointment as a Director was associated or where the reasons for which they have been appointed are no longer valid. Such a circumstance shall be understood to apply to Proprietary Directors when the entity or business group they represent ceases to hold a significant shareholding in the Company’s share capital or when, in the case of independent Directors, they become an executive of the Company or of any of its subsidiaries.
b) Where they are subject to any incapacity, disqualification, prohibition or conflict of interests established in current legal provisions.
c) Where they are seriously reprimanded by the Appointments, Remuneration and Corporate Governance Committee for failing to comply with any of their obligations as Directors.
d) When their continued presence on the Board may affect the good standing or reputation that the Company enjoys in the market, or put its interests at risk in any other way. In this case, the Director must immediately inform the Board of the facts or procedural difficulties that affect said reputation or risk.

C.1.22 Paragraph repealed.

C.1.23 Are reinforced majorities other than those applicable by law required for any type of decision?:

YES

If so, describe the differences.

Description of the differences

For the appointment of Directors with direct or indirect interests of any type in, or an employment, professional, commercial or any other relationship with competitor companies, a vote in favour by 70% of the Board members is required (Article 11.3 of the Board regulations).

C.1.24 Explain if there are any specific requirements, other than those relating to Directors, to be appointed Chairman of the Board of Directors.

NO

C.1.25 Indicate whether the Chairman has the casting vote:

YES

Matters for which there is a casting vote

Resolutions will be passed by absolute majority of the votes of the directors attending the meeting. In the event of a tie, the Chairman, or the Vice-chairman substituting them, shall have the casting vote.

C.1.26 Indicate whether the Articles of Association or the Board Regulations establish any age limit for Directors:

NO

C.1.27 IState whether the articles of association or the Board Regulations establish a limited mandate for Independent Directors, other than as provided for in the legal regulations:

NO

C.1.28 Indicate whether the Articles of Association or the Regulations of the Board of Directors establish specific rules for delegating votes to the Board of Directors, how this should be done, and in particular, the maximum number of delegations any Director may have, and whether there is any limit as to the director category to which votes may be delegated, other than the limitations imposed by law. If so, give a brief summary of these rules

Article 40 of the Articles of Association sets the rules around delegating votes, stating that “Directors shall personally attend Board meetings and, when they are unable to do so in exceptional circumstances, shall ensure that the proxy granted to another member of the Board shall include the relevant instructions insofar as possible.”

Similarly, Article 22 of the Board Regulations in implementing said article adds that “Non-executive directors can only delegate their vote to another non-executive director.”

The Board of Directors has not governed the maximum number of times a Director may delegate their vote.

C.1.29 Indicate the number of meetings that the Board of Directors has held over the year. Also indicate, as applicable, the number of times that the Board has met without its Chairman attending. The calculation of attendance includes representations made with specific instructions.

If the Chairman is an executive director, indicate the number of meetings held with no attendance or representation of any executive director and under the chairmanship of the coordinating director.

State the number of meetings held by the different Board Committees over the year:

C.1.30 State the number of meetings that the Board of Directors has held during the year with the attendance of all of its members. The calculation of non-attendance includes representations made with specific instructions:

C.1.31 State whether the individual and consolidated financial statements that are presented to the Board to be approved are certified in advance:

NO

Identify, as applicable, the person(s) that has/have certified the Company’s individual and consolidated financial statements to be drafted by the Board:

C.1.32 Explain, if applicable, the mechanisms established by the Board of Directors to prevent the individual and consolidated annual accounts it draws up from being submitted to the General Meeting of Shareholders with qualifications in the auditors’ report.

Article 41.2 of the Regulations of the Board establishes that the Board of Directors shall ensure the financial statements are drawn up definitively so that there is no need for auditor qualifications. Nevertheless, when the Board considers that its criteria should remain unchanged, it shall publicly explain the content and scope of the discrepancies.

C.1.33 Is the Secretary of the Board a Director?

NO

If the secretary is not a director, complete the following table:

Name or company name of secretary
MR PEDRO FERRERAS DÍEZ

C.1.34 Paragraph repealed.

C.1.35 State the mechanisms established by the Company, if any, to preserve the independence of external auditors, financial analysts, investment banks and rating agencies.

The Board of Directors has established a stable and professional relationship with the Company’s external accounts auditor through the Audit and Control Committee, strictly respecting its independence. By way of an example, the Audit and Control Committee holds regular meetings with the external auditor without the executive team being present. In this sense, article 25. b) of the Regulations of the Board of Directors expressly establishes that one of its responsibilities is to pass along to the Board of Directors proposals for selecting, appointing, re-electing and substituting external auditors, as well as conditions for their contracting and regularly collecting information from them on the audit plan and its execution, in addition to preserving its independence in exercising its functions.

Furthermore, the Audit and Control Committee is responsible for establishing suitable relationships with auditors or audit firms in order to receive information regarding any issues that may jeopardise their independence, so that these can be examined by the committee, and any other matters related with the process of conducting financial audits, as well as any other communications stipulated in the financial auditing legislation and audit regulations.

Likewise, every year, prior to issuing the audit report, the Audit and Control Committee must also issue a report in which it gives its opinion on the independence of the auditors or auditing firms. This report must always contain an assessment of the additional services referenced in the above paragraph, considered individually and together, that are separate from the legal audit and with regard to their independence and to audit regulations.

C.1.36 State whether the Company has changed its external auditor during the year. If so, please identify the incoming and outgoing auditors:

NO

In the event that there were disagreements with the outgoing auditor, explain the content of the disputes:

C.1.37 State whether the audit firm carries out other work for the company and/or its group other than audit work and if so, state the total fees paid for such work and the percentage this represents of the fees billed to the company and/or its business group:

YES

C.1.38 IState whether the audit report of the financial statements for the previous year included qualifications or reservations. If so, state the reasons given by the Chairman of the Audit Committee to explain the content and scope of these qualifications or reservations.

NO

C.1.39 State the number of consecutive years in which the current audit firm has audited the annual accounts of the Company and/or its group. Also, indicate how many years the current audit firm has been auditing the accounts as a percentage of the total number of years over which the annual accounts have been audited.

C.1.40 Indicate and, if applicable, provide details of whether there is a procedure whereby directors can receive external advice:

YES

Details of the procedure

Article 28 of the Regulations of the Board of Directors expressly states that directors may request the use of legal, accounting or financial advisers, or other experts, paid for by the Company, to help them in the discharge of their duties. Such help must relate to specifically defined and complex problems that arise in the course of their work. The decision to employ such services must be communicated to the Chairman of the Company and implemented through the Secretary of the Board, unless the Board of Directors considers that such services are not necessary or appropriate.

C.1.41 Indicate and, if applicable, provide details of whether there is a procedure whereby Directors can have the information necessary to prepare for meetings of the management bodies with sufficient time:

YES

Details of procedures

According to article 21 of the Regulations of the Board, the announcement of the meeting, which will be published at least three days before the date of the meeting, will include a preview of the likely agenda for the meeting and will be accompanied by the necessary written information that is available.

Furthermore, article 27 of the aforementioned Regulations indicates that Directors must diligently inform themselves of the Company’s progress, and to that end, collect any necessary or pertinent information in order to correctly perform their duty. To this end, the Board has been assigned the broadest possible powers to gain information about any aspect of the Company; to examine its books, registers and documents and any other information concerning its operations. Said right to information is also extended to the various subsidiary companies that are included in the consolidated group, insofar as it is necessary for the Director to correctly perform their functions as referred to in article 6 of said Regulations.

With the aim of not disturbing the Company’s normal management, the exercise of the right to information will be channelled through the Chairman or Secretary of the Board of Directors, who will respond to requests from Directors by directly providing him/her the information or putting them in touch with the appropriate people in the suitable level of the organisation. With the aim of being assisted in the exercise of their functions, the Directors may obtain the necessary consulting from the Company to perform their functions. In special circumstances, they may even request that the Company hire legal, accounting or financial consultants or other experts. Such help must relate to specifically defined and complex problems that arise in the course of their work. The decision to employ such services must be communicated to the Chairman of the Company and implemented through the Secretary of the Board, unless the Board of Directors considers that such services are not necessary or appropriate.

C.1.42 State and, if applicable, provide details on whether the company has established rules that require directors to report and, as applicable, resign in those cases where the company’s credibility and reputation may be harmed.

YES

Explain the rules

The Regulations of the Board includes a mechanism to oblige the Directors to provide immediate notification of all legal proceedings in which they may be adversely affected.

In this way, article 14.2.d) of the Regulations of the Board of Directors of NH Hotel Group, S.A., expressly establishes that Directors shall place their office at the disposal of the Board of Directors and tender their resignation when their continued presence on the Board may affect the good standing or reputation that the Company enjoys in the market, or put its interests at risk in any other way. In this case, the Director must immediately inform the Board of the facts or procedural difficulties that affect said reputation or risk.

It also establishes that in all events, those subject to any incapacity, disqualification, prohibition or conflict of interests set forth in current legislation may not be proposed for appointment as Board members.

C.1.43 State whether any member of the Board of Directors has notified the Company that they have been prosecuted or issued with a summons for oral proceedings in relation to the offences indicated in Article 213 of the Spanish Capital Companies Act:

YES

State whether the Board of Directors has studied the case. If so, give a reasoned explanation of the decision as to whether or not the Director should continue in his or her post, or if applicable, describe the actions taken by the Board of Directors up to the date of this report, or those it intends to take.

YES

C.1.44 List the significant agreements signed by the company and that come into force, are modified or are terminated in the case of a change in control of the company resulting from a take-over bid, and their effects.

The NH Hotel Group has signed several financing contracts that contain a clause establishing their early maturity in the event of circumstances giving rise to a change in control of NH Hotel Group, S.A. In addition, NH Hotel Group, S.A. issued convertible bonds on 8 November 2013, as well as guaranteed senior bonds dated 23 September 2016 and 4 April 2017, which include certain consequences in the event of a change in control of the Issuer, such as the possibility of NH Hotel Group, S.A. being required to repurchase the senior bonds or adjust the conversion price for convertible bonds.

In addition, there are hotel management contracts signed by Group subsidiaries in which Grupo Inversor Hesperia, S.A. (Gihsa) can exercise, in accordance with the terms of a Framework Agreement signed by the Company, the power to resolve all such contracts in the event of a change of control of NH Hotel Group, S.A. If such power is exercised, Gihsa must pay the Company, as a precondition for the resolution by change of control to take effect, amounts as specified in the Agreement Framework in compensation for the effects derived from the resolution of hotel management contracts.

Finally, the change of control following a public takeover bid could have different effects on other leasing and hotel management agreements signed by the Company.

C.1.45 Identify, in aggregate form, and indicate in detail the agreements between the company and its directors, managers or employees providing compensation, guarantee or protection in the event of their resignation or wrongful dismissal, or upon conclusion of the contractual relationship due to a take-over bid or other transactions.

Indicate whether these contracts must be communicated to, and/or approved by the governing bodies of the company or its group:

C.2.1 List all the committees of the Board of Directors, their members and the proportion of Executive, Proprietary, Independent and other external Directors thereon:

EXECUTIVE COMMITTEE

Explain the functions of this committee, describe its organisational and working procedures and rules and summarise its most important activities during the financial year.

The Executive Committee shall comprise at least three but no more than nine directors, appointed by the Board of Directors.

En In terms of the qualitative composition of the Executive Committee, the Board shall ensure that the different types of director represented will be similar to that of the main Board and its secretary will be the secretary of the Board. The Chairman of the Executive Committee shall be chosen by the body itself from the Directors that comprise it. The Chairman of the Executive Committee may be a director other than the Chairman of the Board of Directors. The Chairman of the Executive Committee shall alternate turns presiding the General Shareholders’ Meeting with the Chairman of the Board of Directors.

In all events, the valid appointment or re-election of members of the Executive Committee shall require the favourable vote of at least two thirds of the members of the Board of Directors.

Given its delegated powers, the Executive Committee will resolve all those issues not reserved for the exclusive competency of the plenary Board of Directors by law or the Articles of Association, reporting to the Board.

The Executive Committee will provide prior examination of those issues submitted to the plenary Board of Directors which have not been previously examined or proposed by the Appointments, .Remuneration and Corporate Governance Committee or the Audit and Control Committee

The Executive Committee has the mission of providing perspective and a broad vision both to the Board of Directors and the executive team, providing their experience in the preparation of relevant materials, training and guidance on matters that are key to the Company’s future, thereby facilitating the Board of Directors’ decision-making process in the matters of their competence.

The executive committee may apply said function to matters such as:

1. Investments and financing
2. Strategy for acquisitions and identifying possible objectives
3. Business model
4. Cost structure
5. Long-term vision in asset management; and
6. Group structure

The Executive Committee will meet as many times as it is convened by its Chairman, and its Secretary and Deputy Secretary will be those who perform the identical positions on the Board of Directors. The Executive Committee shall be validly convened when half plus one of its members with a right to vote are present or represented at the meeting.

Resolutions shall be passed by a majority of the directors at the meeting with the right to vote (in person or by proxy), with the Chairman holding the casting vote in the event of a tie

Furthermore, non-member Directors may attend Executive Committee meetings on a one-off basis, when invited by the Chairman of the Committee.

The Executive Committee shall notify the Board of Directors of the matters discussed and the decisions made at its meetings.

State whether the composition of the delegate or executive committee reflects the participation on the Board of different categories of directors:

NO

If not, explain the composition of the delegate or Executive Committee

LThe Executive Committee is composed of one Executive Director, three Proprietary Directors and one Independent Director. Although the Secretary and Deputy Secretary of the Executive Committee serve in the same positions on the Board of Directors, the composition of the Executive Committee is not the same as the Board in terms of the different categories of Directors.

AUDIT AND CONTROL COMMITTEE

Explain the functions of this committee, describe its organisational and working procedures and rules and summarise its most important activities during the financial year.

The Audit and Control Committee shall comprise a minimum of three and a maximum of six directors, appointed by the Board of Directors. All members sitting on said Committee shall be External Directors, the majority of whom, at least, must be independent directors, and one of whom must be designated by taking into consideration their knowledge and experience in accounting, auditing, or both.

The Chairman of the Audit Committee must be appointed from among its independent members. The Chairman must also be replaced every four years; previous chairmen may be re-elected one year after their previous mandate has ended.

The Audit Committee will have at least the following responsibilities:

1. Report to the General Meeting of Shareholders on any matters broached within the sphere of its competence.

2. Supervise the effectiveness of the company’s internal control, internal auditing, where applicable, and risk-management (including tax risk) systems, as well as discussing with auditors or audit companies any significant weaknesses in the internal control system identified during audits.

3. Oversee the process of drawing up and submitting regulated financial reporting.

4. EPass along to the Board of Directors proposals for selecting, appointing, re-electing and substituting external auditors, as well as conditions for their contracting and regularly collecting information from them on the audit plan and its execution, in addition to preserving its independence in exercising its functions.

5. Establish suitable relationships with auditors or audit firms in order to receive information regarding any issues that may jeopardise their independence, so that these can be examined by the committee, and any other matters related with the process of conducting financial audits, as well as any other communications stipulated in the financial auditing legislation and audit regulations. In any event, it must receive written confirmation on an annual basis from the auditors or auditing firms of their independence from the Company or entities related to it either directly or indirectly, as well as information on any additional service of any kind provided to such entities and the corresponding fees received by the aforementioned auditors or by persons related to them in accordance with the provisions set forth in legislation regarding auditing.

6. Issue, once a year and prior to the release of the auditor’s report on the financial statements, a report expressing an opinion on the independence of the auditors or audit firms. This report must always contain an assessment of the additional services referenced in the above paragraph, considered individually and together, that are separate from the legal audit and with regard to their independence and to audit regulations.

7. Provide previous information for the Board of Directors on all matters established by law, the articles of association and in the Regulation of the Board, and, in particular on:

a. The financial information which the company must periodically publish;
b. The creation or acquisition of any equity investments in special purpose vehicles and companies registered in tax havens; and
c. Related party operations.

8. Safeguard the independence and effectiveness of the internal audit area; propose the selection, appointment, re-election and removal of the manager of the internal audit service; propose the budget for this service; receive periodic information about its activities; and verify that senior management takes into account the conclusions and recommendations of its reports.

9. Set up and oversee a mechanism that allows employees confidentially and anonymously to report any breaches of the Code of Conduct.

10. Supervise compliance and internal codes of conduct, as well as the rules of corporate governance.

The Audit and Control Committee will meet at least once every quarter and as many times as may be necessary, after being called by the Chairperson on their own initiative or upon the request of two of the Committee or the Board of Directors. The Audit and Control Committee may require any of the Company’s employees or managers, including the Company’s Accounts Auditor, to attend its meetings.

La Comisión de Auditoría y Control podrá requerir la asistencia a sus sesiones de cualquier empleado o directivo de la sociedad, así como del Auditor de Cuentas de la Compañía.

Through its Chairman, the Audit and Control Committee will give the board an account of its activities and work done, either at the meetings scheduled for the purpose or at the very next meeting when the Chairman of the Audit and Control Committee deems it necessary. The minutes of its meetings will be available to any member of the board that requests them.

Non-member Directors may attend Audit and Control Committee meetings on a one-off basis, when invited by the Chairman of the Committee.

Identify the director appointed as member of the audit committee taking into account their knowledge and experience of accountancy, auditing, or both, and report on how many years the chairman of this committee has held the post.

APPOINTMENTS, REMUNERATION AND CORPORATE GOVERNANCE COMMITTEE

Explain the functions of this committee, describe its organisational and working procedures and rules and summarise its most important activities during the financial year.

The Appointments, Remuneration and Corporate Governance Committee shall comprise a minimum of three and maximum of six Directors and shall be exclusively non-executive directors appointed by the Board of Directors, two of whom, at least, must be Independent Directors. The Chairman of the Committee shall be chosen by the Independent Directors that comprise it.

The Appointments, Remuneration and Corporate Governance Committee will have at least the following responsibilities:

1. EEvaluate the skills, knowledge and experience necessary on the Board of Directors. For these purposes, it shall define the abilities and functions required by candidates to cover each vacancy, and assess the time and dedication required to correctly carry out their functions.
2. Establish a representation goal for the less represented sex on the Board of Directors and create guidelines for how to achieve said goal.
3. Pass along to the Board of Directors proposals for appointments of Independent Directors for their designation by co-opting or for their submission to the decision of the General Shareholders’ Meeting, as well as proposals for the re-election or removal of said Directors by the General Shareholders’ Meeting.
4. Inform the Board of proposals for appointments of remaining Directors for their designation by co-opting or for their submission to the decision of the General Shareholders’ Meeting, as well as proposals for their re-election or removal by the General Shareholders’ Meeting.
5. Provide notification of proposals for appointing or removing senior management and the basic conditions of their contracts.
6. Examine or organise the Chairman of the Board’s and the chief executive’s succession and, if appropriate, bring proposals before the Board so that such successions are effected in an orderly fashion.
7. Propose to the Board of Directors the remuneration policy for the Directors and general managers or for those who perform functions of upper management that are directly dependent upon the Board, the Executive Committees or Chief Executives, as well as individual remuneration and other contractual conditions for executive directors, ensuring their compliance.
8. Supervise and monitor compliance with corporate governance rules and with the corporate social responsibility policy and plan, proposing any necessary Reports to the Board.
9. Periodically evaluate the suitability of the corporate governance system, with the aim of ensuring that it fulfils its mission of promoting the company’s interests.

The Board of Directors shall be informed of all the tasks carried out by the Appointments, Remuneration and Corporate Governance Committee during its first meeting, and in all events the corresponding documentation shall be made available to the Board so that it can take these actions into consideration when performing its duties.

The Appointments, Remuneration and Corporate Governance Committee shall meet as often as considered necessary by its Chairman, or when requested by two of its members or the Board of Directors.

Furthermore, non-member Directors may attend Appointments, Remuneration and Corporate Governance Committee meetings on a one-off basis, when invited by the Chairman of the Committee.

C.2.2 Fill in the table below with the information relating to the number of female directors on Board of Directors’ committees in the last four financial years:

C.2.3 Paragraph repealed.

C.2.4 Paragraph repealed.

C.2.5 Indicate, as applicable, the existence of regulations governing the committees attached to the Board, where they are available for consultation and any amendments that have been made to them during the year. Also state whether an annual report on the activities of each committee has been voluntarily drafted.

The Company Articles of Association (Articles 45 - 48), and the Regulations of the Board of Directors (Articles 23 - 26) comprehensively cover all regulations relating to the Board’s Committees. The aforementioned internal regulations of the Company are available on the company website (www.nh-hotels.es), in the section “Information for Shareholders” - “Corporate Governance”. Said website also includes all information regarding the composition of each Committee.

The Audit and Control Committee and the Appointments, Remuneration and Corporate Governance Committee annually issue a report on the activities they have carried out during the financial year.

C.2.6 Paragraph repealed.

What bodies and/or areas are responsible for: (i) the existence and maintenance of an appropriate and effective financial reporting system; (ii) its implementation; (iii) its supervision.

Amongst others, the Board of Directors has the powers to determine the risk management and control policy as well as the internal information and control systems as stated in section 3 of article 5 of its governing rules. Likewise, the Board of Directors is responsible for an suitable and effective Internal Control System regarding the Group’s Financial Information which aims to provide the Group with a reasonable assurance as to the reliability of the financial information produced and published on the financial markets.

The Group’s Finance Management is responsible for the design, implementation and proper working of the SCIIF. During 2017, the transition of the SCIIF definition and custody functions from Internal Audit to the Internal Control Department, within Finance Management, were finalised to comply with the three lines of defence of the COSO framework.

The Audit and Control Committee is responsible for monitoring the effectiveness of internal control in accordance with section b) of article 25 of the Board of Directors’ governing rules. This responsibility is in turn delegated to the Internal Audit Department.

F.1.2 If the following elements exist, particularly in relation to the financial report generation process:

• Departments and/or mechanisms responsible for: (i) designing and reviewing the organisational structure; (ii) clearly defining areas of responsibility and authority, with a suitable distribution of tasks and functions; and (iii) the existence of sufficient procedures for these to be properly disseminated within the entity.

Defining and reviewing the organisational structure of the Group is the responsibility of the Management Committee.

Significant changes to the organisation chart, i.e., those affecting Senior Management, are approved by the Board of Directors, after being proposed by the Appointments and Remuneration Committee. The organisation chart is available to all employees on both the Group’s intranet and its website.

Both the hierarchical and functional lines of responsibility are duly communicated to all Group employees. The internal communication channels are used for this, amongst which we highlight the intranet, executive meetings and information boards in each hotel.

In order to fulfil the objectives and responsibilities relating to maintenance and supervision of the Financial Reporting Control process, specific functions have been defined which apply to those responsible for each process involved with Financial Reporting, in order to ensure compliance with the implemented controls, analyse how well they function, and report any changes or incidents that may occur.

On an ascending scale of responsibility, this structure includes the supervisors of each process in the area of control, the directors of each business unit and the directors of each corporate area directly concerned with the processes related to the internal Financial Reporting Control System.

Within Finance Management, the Internal Control Department is entrusted with receiving information from the different individuals responsible for the process and is also responsible for ensuring correct operation of the Internal Control System.

• Code of conduct, the approval body, the degree of dissemination and instruction, included principles and values (indicating if there are specific mentions of the transactions register and the generation of financial reports), the body in charge of analysing breaches and proposing corrective actions and penalties.

The NH Group has had a Code of Conduct since 2006, whose last review was approved in June 2015. Responsibility for approving the Code of Conduct rests with the NH Group’s Board of Directors. This document affects all NH Group employees, and applies not only to employees, managers and members of the Board of Directors, but also, in certain cases, to other stakeholders, such as customers, suppliers, competitors, shareholders and the communities in which NH runs its hotels.

The Code of Conduct summarises the professional conduct expected of all employees at centres operating under NH Group’s brands (hereinafter, NH Group employees), who are committed to acting with integrity, honesty, respect and professionalism in the performance of their work. The NH Group is committed to complying with the laws and regulations in the countries and jurisdictions in which it operates. These include laws and regulations on health and safety, discrimination, taxation, data privacy, competition, anti-corruption, prevention of money laundering and commitment to the environment. The key areas covered by the Code are:

- Commitment to people
- Commitment to customers
- Commitment from suppliers
- Commitment to competitors
- Commitment to shareholders
- Commitment to communities and society
- Commitment to the Group's assets, knowledge and resources
- Obligations regarding fraudulent or unethical practices
- Commitment to stock market

Since 2014, NH Group has driven the creation of the Compliance function, the scope of which applies to the following key areas:

• Internal Code of Conduct: Sets out minimum standards to be respected in relation to the purchase and sale of securities and privileged and confidential information and its processing.
• Conflict of Interests Procedure: Establishes the rules to be followed in situations where there is a conflict of interests between the Company, or any of the companies making up the Group, and the direct or indirect personal interests of the Directors or persons subject to the conflict of interests rules.
• Code of Conduct: Intends to establish the main values and rules which should govern the conduct and actions of each of the employees and executives of the Group, as well as the members of the governing bodies of the companies that form part of the Group.
• Criminal Risk Prevention Model: Describes the crime prevention and management principles in place at NH Group and defines the structure and operation of the control and monitoring bodies set up within the Company, systematising existing controls for the purpose of preventing and mitigating the risk of crimes being committed in the Company’s various areas.

Compliance committee
NH Hotel Group set up the Compliance Committee in 2014, comprising members of the Management Committee and Senior Management. It has the power to oversee compliance with the Group’s Internal Code of Conduct, Conflict of Interests Procedure, Code of Conduct and Criminal Risk Prevention Model.

The Compliance Committee submits a detailed report to the Board’s Audit and Control Committee regarding the activities carried out and has the power to impose disciplinary sanctions on employees in matters within its scope of responsibility.

Compliance office
The Compliance Office is in charge of distributing and overseeing compliance with the Code of Conduct and drawing up the Criminal Risk Prevention Model. The Compliance Office reports directly to the Compliance Committee and is also responsible for managing the confidential Code Complaints Channel and Code of Conduct queries.

The Criminal Risk Prevention Model has been implemented in Spain (Business Unit and Corporate) and Italy, where training was imparted on this topic during 2017.

At the end of 2017 a process to rationalise the Criminal Risk Prevention Matrix in Spain began which aims to provide the company with a more efficient model whilst during the year the Compliance Office has been working on implementing the Criminal Risk Prevention Model in the seven most important countries where Grupo NH operates. This will be completed throughout 2018 with the launch of specific training for each country.

Likewise, Grupo NH has begun the roll-out of an IT tool (SAP GRC) which will help audit and manage the Criminal Risk Prevention Model and allow management of the SCIIF, the risks map and the tax information report.

The Code of Conduct is available for employees on the company intranet, in the app for employees and for third parties on the Group’s website. Through the Human Resources departments of each business unit, the Group has put in place a procedure for requesting all employees to adhere to the code, with training on the Code of Conduct being imparted to Grupo NH’s employees.

At 31 December 2017, use of the Code of Conduct through the online course is at 75.63%. This percentage excludes Hoteles Royal which was carried out in 2016 through the physical signing of the document and reached 98.71% adherence.

The Code of Conduct contains the following points specifically relating to financial reports and the recording of transactions:

The Group has is committed to reporting transparency, construed as the undertaking to release reliable information to the financial markets, as well as to any other kind of markets. Hence, the company’s internal and external financial and economic reporting shall faithfully reflect its economic, financial and equity position in accordance with generally accepted accounting standards.

The Manipulation of Information section stresses that “the individuals responsible must transmit truthful, complete and comprehensible financial reports. Under no circumstances may they knowingly provide incorrect, inexact or inaccurate information. Therefore, individuals responsible shall refrain from:
- Keeping a record of transactions in non-accounting media not recorded in official books.
- Keeping accounts which, referring to the same activity and financial year, hide or fake the company’s true situation.
- Recording expenses, income, assets or liabilities which are non-existent or not in line with reality.
- Noting businesses, acts, transactions or, in general, financial transactions in the compulsory books, or making a note of them with figures other than the true ones.
- Making entries in accounting books, incorrectly indicating their purpose.
- Using false documents.
- Deliberately destroying documents before the end of the legally-required time limit for retaining them.

• Reporting channel for informing the Audit Committee of financial and accounting irregularities, as well as any breaches of the Code of Conduct and irregular activities in the organisation, noting if this is confidential.

Aprocedure has been established for lodging complaints about breaches of the principles enshrined in the Code of Conduct, and this enables employees to provide confidential information about any non-compliance with the principles set out in the Code of Conduct. This procedure ensures transparency, confidentiality and respect throughout all its stages. As mentioned previously, it is managed by the Compliance Office.

The procedure for reporting and dealing with possible non-compliance and reports relating to the Code of Conduct is administered by the Senior Vice President of the Group’s Internal Audit Department, who acts independently and ensures the channel’s confidentiality, giving an account of the most significant incidents over the course the year to the Group’s Audit and Control Committee.

Complaints should preferably be lodged electronically using a channel expressly set up for the purpose and available to all stakeholders (codeofconduct@nh-hotels.com), through which they are forwarded to the Internal Audit Department. In addition, they may be sent by post for the attention of the Senior Vice President of NH Hotel Group, S.A. Internal Audit Department at Santa Engracia 120, 28003 Madrid, Spain.

The Senior Vice President of the Internal Audit Department is responsible for analysing the information presented and requesting the corresponding evidence and reports. All complaints received are submitted to the Compliance Committee and the Audit and Control Committee, upholding the principle of confidentiality guaranteed in the Code of Conduct.

• Programas de formación y actualización periódica para el personal involucrado en la preparación y revisión de la información financiera, así como en la evaluación del SCIIF, que cubran al menos, normas contables, auditoría, control interno y gestión de riesgos.

Regular training and refresher courses on, at least, accounting standards, audits, internal control and risk management for staff involved in preparing and reviewing financial reports and evaluating the reporting system.

Internal training of five employees of the Finance Department with an introductory framework on Internal Control and the SCIIF with the aim of their acquiring the fundamental knowledge to carry out the review of the financial information controls self-assessment made by first line of defence users and reported to Internal Control.

Internal training of six employees of the Finance Department’s second line of defence for the management and control of risks through the SAP GRC internal control reporting tool.

Training sessions aimed at first line of defence employees- 14 from the retained function of the European business units and nine from Corporate- with the aim of training in reporting the assessment of the design and self-assessment of SCIIF controls to Internal Control through the SAP GRC internal control reporting tool.

Additionally, the Finance Department attends training courses or conferences on updated accounting standards, consolidation standards and the specific financial reporting applicable to the sector, which are considered especially relevant to its work. We highlight attendance at training sessions during 2017 on IFRS 16, leases; IFRS 9, financial instruments; and IFRS 15, revenue from contracts with customers; Royal Decree-law 18/2017 of 24 November on non-financial information to be disclosed in the consolidated annual accounts and management report; and on the new audit report.

F.2.1 Which are the main characteristics of the risk identification process, including error and fraud, regarding:

• Whether the process exists and is documented.

The goal of the process of assessing financial risks is to establish and maintain an effective process for identifying, analysing and managing the risks relevant to the preparation of Financial Statements.

At NH the risk management process consists of three levels of participation:

• The Board of Directors reviews the Audit and Control Committee’s supervision of risk management policies, processes, personnel and control systems.
• EThe Internal Audit Department, which assumes the risk function, annually leads the updating of the Corporate Risk Map approved by the Board of Directors
• The Chief Officers or acting managers of each area, including the Executive Managing Directors and other professionals directly involved in the risk management process within their area of responsibility.

The types of risk identified in the Internal Control System on Financial Information are classified as follows:

Technological risks
Technological risks relate to the management of information systems to ensure the completeness, availability and reliability of financial information and avoid exposure of the company’s significant assets to potential loss, damage or misuse.

These risks relate to the following areas:

• Access security
• Availability
• Completeness
• Supervision

Accounting risks

These are the risks related to the incorrect accounting record of the transactions and breach of the applicable accounting principles (the International Financial Reporting Standards in the case NH Hotel Group’s consolidated accounts) whereby the consolidated financial statements do not express, in all significant aspects, the true image of the consolidated equity, financial situation, profit and loss and cash flows, with them being able to change or influence the reasonable judgement of a person.

In order to provide reasonable assurance regarding the reliability of the financial information disseminated to the market, the Internal Control area of NH Hotel Group’s Finance Department follows a permanent review and risks identification process which it documents in two interrelated matrices; the risk and control of the financial information matrix and the scope of the SCIIF matrix.

The risk and control of the financial information matrix contains the risks and sub-risks categories in each process and sub-process having a potential impact on the financial information as well as the associated SCIIF controls to mitigate the impact of these risks.

The scope of the SCIIF matrix identifies those headings of the consolidated balance sheet and income statement with a significant associated risk and a potential material impact on the published financial information. Materiality is established according to quantitative criteria, based on the latest consolidated annual accounts, and on qualitative criteria such as the volume and unit amount of transactions, the automation of processes and the integration of systems, the accounting complexity, the degree of estimation and application of judgements and assessments, and the level of criticality based on experience.

Organisational and resource management risks
These risks include problems in the planning, management and monitoring of financial, material and human resources, and difficulties in interdepartmental communications and decision-making, including possible quality problems and other threats in the course of the Group’s activities.

These risks relate to the following areas:
- Budget control
- Credit management
- Receivables management
- Payables management
- Personnel management
- Fraud

Data processing risks
These risks include problems in data processing in information systems, mainly in the following areas:
- Human error
- Completeness of invoicing
- Completeness of master files
- Review

Presentation and process risks These risks can lead to ineffectiveness and inefficiency within the Group structure when drawing up financial reports in terms of quality, time and costs, and include the following aspects:
- Timeless of the information - Compliance with internal standards and policies

Police business environment risks
Business environment risks arise due to external factors which can lead to significant changes in the basis underlying internal control of the objectives of financial reporting and the Group’s strategies. Business environment risks are related to the following matters:
- Failure to comply with commitments undertaken - Tax contingencies

Outsourcing risks
Outsourcing risks arise as a result of the process of transferring part of the administration service to a third party, and are categorised as follows:
- Service Level Agreements.
- Availability
- Personnel Management
- Knowledge Management
- Legal

The risk identification and assessment process is carried out by the Internal Audit Department in collaboration with the Strategy Department and supervised by the Audit and Control Committee as part of its duties.

The risk identification process is documented in the Corporate Risk Manual.

• Whether the process covers all financial reporting assertions (existence and occurrence; completeness; evaluation; presentation, disclosure and comparability; and rights and obligations), whether it is updated and how often.

In order to ensure the reliability of Financial Reporting, when identifying risks and controls, the accounting errors that may arise from the following objectives for financial information are always considered:
• Completeness: balances or transactions that should be recorded but are not.
• Transaction cut-off: those booked in a period other than when they were accrued.
• Accuracy: transactions recorded with errors (amounts, conditions).
• Occurrence/Existence: registered transactions which have not taken place within the period.
• Valuation/Allocation: record of transactions involving incorrect sums due to inadequate valuation calculations.
• Presentation/Classification: classification errors in the various entries of the financial statements.
• CUnderstandability: lack of quality of financial information which makes it difficult to understand for a person with reasonable economics and business knowledge.

With the transition of the SCIIF definition and custody functions to the Internal Control area of the Finance Department, during 2017 a review of the associated risks and controls was carried out, considering the fulfilment of the aforementioned financial information objectives for this.

• The existence of a process for identifying the consolidation perimeter, taking aspects such as the possible existence of complex company structures, and instrumental entities or those with a specific purpose into account.

The Financial Department will consolidate the accounts every month. This process involves the reporting of the sub-consolidated income statement and balance sheet reported by each Business Unit, in accordance with their consolidation perimeter, to the Corporate Finance Department.

Each year, the Corporate Consolidation Department confirms the consolidation perimeters with the finance directors of the business units.

Additionally, throughout the year, the business units report on variations which arise in their consolidation perimeter to the Finance Department which, in turn, coordinate the modification of these in all the Group’s financial reporting and consolidation systems.

On the other hand, the tax department of the Corporate Finance Department is responsible for maintaining the Group’s organisational chart and periodically reporting the updated version to a distribution list of people within the Finance Department to control changes in the consolidation perimeter.

• Whether the process takes into account the effects of other types of risks (operational, technological, financial, legal, reputational, environmental, etc.) insofar as these affect the financial accounts.

In designing the risk management process associated with generating Financial Reports, the following objectives have been focused on:
- Definition of the Financial Information Control System processes and sub-processes.

Determination of the relevant risk categories and types for each of the different Internal Financial Information Control System processes defined in the point above.

Corresponding subcategories have been defined for each of these risk categories.

• Definition and analysis of controls for each specific risk and establishment of their degree of effectiveness.

A risk matrix has been established for each of the sub-processes detailed above, in which the most relevant risks for each process are defined, along with the operational controls and their effectiveness in mitigating the risks that affect them.

• Which governing body of the company supervises the process.

The company’s Board of Directors is responsible for supervising the risk assessment process. In order to carry out the aforementioned supervision duties, the Board of Directors turns to the Audit and Control Committee, which performs this duty through the Internal Audit Department.

F.3.1 Procedures to review and authorise the financial report and description of the SCIIF, to be published on the securities market, indicating its responsible bodies, and documentation describing the workflows and controls (including those regarding fraud risk) of the different types of transactions which can have a tangible effect on the financial accounts, including the accounting close procedure and the specific review of the relevant judgements, estimations, evaluations and projections.

There is a financial information review and authorisation procedure in the NH Hotel Group which is set out below:

- Internal reporting of financial information:

Each month, the Group’s Finance Management send the Group’s most significant information management to the Executive Committee and Board of Directors for their review which contains the income statement and the main economic indicators. Prior to reporting to these governing bodies, the information undergoes a review process by the finance directors at a business unit level and by Finance Management at a corporate level.

- Reporting of information to stock markets:

The consolidated accounts and the half-yearly consolidated financial reports are prepared based on the information reports of the business units and, once reviewed by their respective directors, the consolidation process is undertaken by Corporate Consolidation and the information required to prepare the consolidated accounts is provided both by the Finance Department and other Corporate departments always with the review of the corresponding people responsible for it. Once the consolidated financial statements have been received, they are reviews by the Group’s Finance Management and by the Audit and Control Committee before being prepared and approved by the Board of Directors (section b) of article 33 of the Parent’s Articles of Association and sections 3. d) and 5. b) of Article 5 of the Board of Directors’ Governing rules). Once prepared, they are published through the National Securities Market Commission.

Additionally, each quarter, the Group publishes financial information to the stock markets. Finance Management is responsible for the process of issuing such information while the Board of Directors, in accordance with section 3 of article 40 of its Governing rules, is responsible for ensuring the preparation is carried out in line with the principles, criteria and professional practices with which the Annual Accounts are produced and enjoy the same reliability. To this end, said information is reviewed by the Audit and Control Committee which, when it deems it appropriate, requires the presence of both external and internal auditors.

Likewise, the Board of Directors may request analysis of specific issues, as well as the details of particular financial transactions which, because of their importance, require greater analysis.

The Corporate Organisation Department is responsible for documenting and updating the year-end process which is published on the corporate intranet. This process includes the SCIIF controls implemented to mitigate those risks identified at year-end among which are those risks related to the different review levels of the financial information generated.

On the other hand, NH has an internal financial reporting control system (SCIIF) based on the COSO model (Committee of Sponsoring Organisations of the Treadway Commission) to achieve the following objectives:
- Effectiveness and efficiency of operations
- Reliability of financial reporting
- Compliance with applicable laws and regulations
- Safeguarding assets

NH Hotel Group’s SCIIF model is documented in a matrix of financial risks and controls which includes the following business cycles, which are relevant to the preparation of the financial information prepared and published by the Group:
- Accounting close, consolidation and financial reporting process
- Purchasing and suppliers
- Sales and customers
- Cash
- Financing
- Fixed assets
- Inter-company
- Tax
- Human resources
- Provisions and contingencies
- Loyalty programme
- Shared services centre
- Business support technological processes

The structure of the financial risk and controls matrix includes the following information:

- Organisational unit: the organisational level to which the controls are implemented and determines the scope of the assessed entities.
- Process and sub-process: set of activities related to a specific function within the operation of an organisational unit. They include those with a potential significant impact on the financial information prepared by the Group.
- Risk: the possible events or actions which could affect the capacity of the company to meet financial reporting objectives and/or implement strategies successfully.
- Description of the control: definition of the control activities included in the policies, procedures and practices applied by the Group to ensure it meets its control objectives and the risk is mitigated.
- Evidence: the documentation maintained by those responsible for the control (company personnel) so that the entire model can be regularly supervised and audited.
- Classification of the controls: key or not, preventive or detective, and manual or automatic; this last one depending on whether they can be monitored using data from automated tools.
- Ownership of the controls: they belong to the first line of defence in accordance with the COSO model. They are those who execute the controls and those responsible for their self-assessment and the assessment of their design.
- Those responsible for the controls: within the first line of defence they are the supervisors of the correct execution and reporting of the controls for each activity before their reporting to Internal Control, the model’s second line of defence.
- Frequency: how often the controls are executed.

Within the risks identified in the business cycles defined in the SCIIF matrix are the risks of fraud and the controls associated with its mitigation. Likewise, the matrix includes controls specific to the review of relevant judgements, estimates, valuations and projections whose execution mitigates the risk of reporting unreliable financial information.

Additionally, the Group has a documented procedure which collates the policies to follow in the valuation of those assets of the consolidated balance sheet which involve the making of judgements, estimates, valuations and/or projections with a material impact on the consolidated financial statements

Internal Control, within the Corporate Finance Department and the second line of defence in compliance with the COSO model, is charged with managing and updating the risks and SCIIF controls matrix as well as the periodic review of the self-assessment of the controls made by the owners of those controls, within the first line of defence, to ensure their effectiveness and to mitigate associated risks.

The Corporate Internal Audit Department, as the third line of defence, annually audits the Group’s internal control model to afford the Audit Committee and Board of Directors reasonable security as to its effectiveness and, as a result, the reliability of the financial information generated and published on the stock market.

El Departamento de Auditoría Interna Corporativo, como tercera línea de defensa, realiza anualmente una auditoría del modelo de control interno del Grupo para dar seguridad razonable a la Comisión de Auditoría y al Consejo de Administración de la efectividad del mismo y, en consecuencia, de la fiabilidad de la información financiera generada y publicada al mercado de valores.

Additionally, section F of the Annual Corporate Governance Report published by the NH Hotel Group is subject to an external audit by a recognised firm to guarantee the truthfulness of its content.

The Group is currently in the final phase of implementing the SAP GRC tool Process Control module to manage the SCIIF which will end at the beginning of 2018. From the end of January 2018, the tool will enter use and allow integrations of the SCIIF reporting into a single repository and improve efficiency in monitoring changes to the risks and controls matrix and communication between users involved in SCIIF reporting, as well as the monitoring of action plans to correct weaknesses found in the model. Likewise, its implementation will suppose a greater degree of involvement in SCIIF reporting of all users of the first line of the model and of the Group as a whole, including an internal certification model twice per year.

F.3.2 Internal control policies and procedures for the information systems (including secure access, change monitoring and management, operational continuity and separation of functions) which support the company’s processes relating to the preparation and publication of financial reports.

Internal control of IT system
There is an internal control model for the Group’s information systems which covers the different IT processes and is based on their associated risks. This model (based on COSO and COBIT) includes a matrix of 130 general IT system controls (GITC) and policies and procedures relating to the security the IT systems need.
The internal control model covers the systems that contribute to the preparation of the Group’s consolidated financial statements and thus assures the completeness, availability, validity and quality of the information provided to the markets.
The GITC matrix is aligned with the control models created by the NH Group for other business cycles, which are structured into the following processes:

Access to programmes and data
There are policies and procedures that set up controls over:

• Restricted access to the systems, avoiding unauthorised access or changes to programmes that could affect the completeness, integrity and reliability of financial reports.
• Correct separation of functions, in order to guarantee secure access to the accounts information systems.
• Security in the facilities housing the systems, ensuring that only authorised personnel have access to them.

Operations
There are policies and procedures that set up controls over:

• The availability of the information, ensuring that financial data are complete, valid and accurate.
• Good management of incidents, enabling quick resolutions and minimising their impact.
• That operations are monitored, ensuring that they are executed completely and on time. Any incidents are resolved, enabling jobs to be restarted and run correctly.

The Group has had an Information Security area, part of the IT Department, which monitors security in all IT processes, assuring the availability, reliability and completeness of information.

Security Policy
The security policy is the reference framework defining the directives to be followed by all employees, and makes it possible to ensure the security of the IT systems and, therefore, of all the business processes. This policy was revised during the 2015 financial year.

F.3.3 Internal control policies and procedures to supervise the management of outsourced activities and those aspects of evaluation, calculation or appraisal entrusted to independent experts, which may materially affect the financial accounts.

The function has been outsourced to a third party in the companies included in the scope of the SCIIF.

The NH Group has implemented an internal control model for the Shared Services Centre (SSC) aligned with the control models defined for the other business cycles.

Therefore, a matrix has been defined with 6 sub-processes and 18 control activities, including controls relating to the handover period of transferring the administrative function to the SSC, the settling-in period, the provision of the service, compliance with regulations, the continuity of the service and the governance model in the outsourcing contract.

The service provider has also been asked to obtain an ISAE “International Standard on Assurance Engagements” 3402 report, allowing Grupo NH to check whether the control objectives and activities of the service provider have been effective in the corresponding period.

F.4.1 A specific area responsible for defining and updating accounting policies (accounting policies area or department) and resolving queries or conflicts arising from their interpretation, maintaining constant communication with those responsible for operations in the organisation, and an updated manual of accounting policies communicated to the units through which the company operates.

Through Corporate Consolidation, NH Hotel Group’s Finance Management is responsible for defining, updating and correctly applying the accounting policies as well as responding to questions and queries which arise in their interpretation. In this same sense, it is charged with communicating any change which occurs in accounting matters to the heads of the business and corporate units and which affects them in the reporting of financial information.

The Group has an accounting policies manual and a consolidation manual -both published on the intranet- in accordance with the International Financial Reporting Standards (IFRS), which are those which govern the NH Hotel Group. Likewise, the Group shares a single accounting plan applicable in all the business units in which it operates.

The Organisation Department is responsible for unifying, analysing and publishing the rules and procedures applicable in the Group, among which are the operational, administrative (including accounting), quality and regulatory procedures.

The Internal Audit Department is responsible for periodic review of the processes, policies and procedures defined in the Group.

F.4.2 Mechanisms to capture and prepare financial reports with standardised formats, applicable and for use in all units of the company or the Group, supported by the main financial statements and notes, and the information provided on the SCIIF.

As discussed in section F.4.1, the consolidated financial information which NH Hotel Group publishes on the stock market is in accordance with IFRS. In this sense, the information reported from the Group’s business units follows international regulations

Likewise, there is a single accounts plan applied by all the companies which are included in the consolidated group. Grupo NH has a common consolidation tool for all companies. This tool centralises all the information corresponding to the accounting of the companies which make up the financial consolidation of the NH Hotel Group into a single system. The input of financial information from the ERP to the consolidation system is automatic for those companies already migrated to the common ERP implemented in most Group companies, or manually for those companies with a different ERP. In this sense, preventive controls have been defined in the consolidation tool itself which ensure data is input correctly. From January 2018, the input of financial information from the ERP to the consolidation system will be automatic for all Group companies as the companies recently incorporated into the NH Hotel Group consolidation perimeter will be included.

Finance directors of the business units report the financial information to the corporate office monthly using two unique standard reporting packets designed by the Corporate Finance Department for reporting of the financial management information and the consolidated balance sheet. The dumping of information from the accounts and the accounting headings to the reporting is the same for both models, having previously been approved by the Corporate Finance Department. Any change in criteria for the dumping and presentation of information to be reported is communicated from the corporate office to the finance directors of the business units.

In turn, the Corporate Finance Department uses the same reporting models to prepare the management reports and annual accounts published on the stock market.

All this ensures that the information reported between business units is comparable and homogeneous to be included in the Group’s consolidated financial reporting.

At an internal control level, the Group has designed a single reporting model for the monthly sending of SCIIF controls self-assessment to its owners. Likewise, the Internal Control area pursues the homogenisation of the processes in all the Group’s business units so that the risk and control matrix is the same for all the organisational units. In turn, whenever Internal Control modifies the design of the controls, it is communicated to the owners of the processes and controls so they are informed and report according to the latest version of the SCIIF risks and controls matrix.

F.5.1 The supervision of the SCIIF by the Audit Committee and whether the company has an internal auditing area whose competency includes supporting the committee in supervising the internal control system, including the SCIIF. It will also report the scope of the evaluation of the ICFR during the year and the procedure by which the body in charge of the evaluation will report its results, if the company has an action plan which details possible corrective measures, and if its impact on financial reporting has been considered.

Supervisory activities of the Audit Committee

The Audit and Control Committee is the advisory body to which the Board of Directors has delegated its powers to update and supervise the SCIIF. As part of this function and to fulfil the tasks delegated by the Board, the Committee receives and reviews the financial reports which the NH Group issues to the markets and regulatory bodies, particularly the consolidated annual financial statements accompanied by the Audit Report. The Committee supervises the preparation process and the completeness of the financial reports of the Company and its subsidiaries, and checks that the legal requirements applicable to the NH Group are complied with, the consolidation perimeter is appropriate and that generally accepted accounting standards are applied correctly.

The Audit and Control Committee receives an annual report from the Internal Audit SVP on its assessment of the effectiveness of the SCIIF model, the weaknesses detected during internal audits, and the plans or actions already in place to remedy any detected weaknesses. During 2017, the Internal Control Function, reporting to the Financial Department assumed full responsibility for the SCIIF, in addition to its maintenance and extension to the different companies which form part of Grupo NH.

Currently, Grupo NH has a computer tool implemented which helps automate the SCIIF assessment and certification process, which will begin to be used during 2018 for the assessment and monthly monitoring of the SCIIF.

The Audit and Control Committee supports and supervises the work of the Internal Audit department in its assessment of the SCIIF. The Committee proposes the selection, appointment and replacement of the body or person responsible for Internal Audit services, validates and approves the strategy, the Internal Audit plan and objectives for the year, and is responsible for evaluating the performance of the Internal Audit Department Manager annually.

The Internal Audit plan for assessing the SCIIF is submitted to the Audit and Control Committee for approval before being put into practice, in order to include all the considerations of the Committee.

The level of implementation of the relevant recommendations arising from the SCIIF is reviewed by the Audit and Control Committee at least once a year. The Audit and Control Committee procedures are documented in the presentations made by said Committee and subsequently included in the corresponding signed minutes.

Internal Audit Function

Internal audits are carried out by the Group’s Internal Audit Department, which reports functionally to the Audit and Control Committee and administratively to the General Secretariat. This hierarchical structure is designed to enable the Internal Audit function to remain structurally independent and to encourage direct communication to and from the Audit and Control Committee.

The Internal Audit function, via a team consisting of 9 auditors located in both Corporate and the business units, ensures, within reason, the effectiveness of the internal control system, supervising and evaluating the design and effectiveness of the risk management system applied to the company, including specific IT audits.

This function has internal auditing statutes which were updated in 2017 and have been formally approved by the Audit and Control Committee, and an internal audit manual which sets out the Department’s working methods.

In relation to monitoring the SCIIF, the Internal Audit Department is responsible for:

• Independently evaluating the internal control model for financial reporting.
• Testing the assertions of the Board.
• Testing the effectiveness of internal controls in the companies within the scope of application, in a maximum period of one year for key controls and three years for non-key controls.
• Helping to identify weaknesses in controls and reviewing action plans to correct inadequate controls.
• Conducting follow-up checks to see if weaknesses in controls have been properly remedied.
• Coordinating between the Board and the external auditor when clarification is needed on scope and testing plans.

Scope of SCIIF 2017

The Group’s SCIIF model covers the business units in Northern Europe (Benelux and Central Europe), Southern Europe (Spain, France, Portugal and Italy) and Latin America (Mexico and Argentina, partially implemented), which consist of 280 hotels and 13 business cycles of major importance in the presentation of financial reports.

A total of 455 control activities have been defined, divided between financial reporting and IT systems, and classified as key and non-key controls. Those responsible for the controls have been defined at Corporate level, for Business Units and within the Shared Services Centre.

Grupo NH has defined a monthly calendar for internal control reporting where, at the end of each month, each responsible body performs a self-assessment of the controls for which it is responsible.

During 2017, the Internal Control Department supervised the self-assessment process and evidence deposited in a file shared by the Shared Services Centre, Administration and the Internal Control Department.

The assessment process in 2017 analysed a total of 345 controls for the geographic area of Spain, the Netherlands, Belgium, Germany, Austria, Italy, Mexico, Argentina and controls at Corporate level, which involved reaching 76% of their total. These controls were evaluated according to the guidelines included in the “SCIIF Evaluation Procedure”, summarised below:

La evaluación de dichos controles ha seguido las pautas incluidas en el “Procedimiento de Evaluación del SCIIF”, la cuales se resumen a continuación:

• The controls evaluated each month (relating to Administration and the Shared Services Centre) were subjected to two types of review, one based on the supervision of the evaluation by the owners of the controls, and another where the objective was to repeat the tests and checks of the effectiveness of the control.
• For the other controls, evidence was obtained and the necessary tests were run to enable conclusions to be drawn on their effectiveness.
• User-defined files (UDA) have been identified which impact the preparation of financial reports, where the existence has been verified of controls of completeness, availability and security.

The review has detected weaknesses in internal controls and room for improvement in certain processes which do not have a significant impact on the quality of financial reporting, and action plans agreed with the bodies responsible for the controls have been proposed. Jointly with the Internal Control Department, the Internal Audit Department will check the implementation of these action plans during its regular tests of the SCIIF.

F.5.2 Whether there is a discussion procedure through which the accounts auditor (as established in the NTA), the internal auditing area and other experts can report to senior management and the Audit Committee or company administrators on the significant weaknesses in internal control detected during the process of reviewing the annual accounts, or others for which they are responsible. Likewise, whether there is an action plan to correct or mitigate the weaknesses found.

The Audit Committee meets periodically to review the regular financial reports. It also discusses matters relating to internal controls and/or other current initiatives.

The Financial Department, through the Chief Financial Officer, is responsible for notifying senior management of any important matter relating to the SCIIF and/or financial reporting through the meetings of the Management Committee.

All the weaknesses detected by the Internal Audit Department during its work are subject to recommendations and action plans agreed with the audited department. The Internal Audit Department supervises the implementation of the agreed actions and reports their status to the NH Group’s various governing bodies (mainly the Audit Committee).

The external auditor notifies the Audit and Control Committee of the conclusions of its audit procedures, and any other matters which may be considered important. The external auditor also has access to the Audit and Control Committee in order to share, comment on or report any aspects they consider necessary or pertinent. The external auditor, without breaching his/her independence, will participate in the dialogue with Management.

F.7.1 Whether the SCIIF reports sent to the markets have been reviewed by the external auditor, in which case the company must include the corresponding report as an appendix. If not, it must report its reasons.

The Group’s Management has decided to submit the information relating to the SCIIF included in this section F of the Annual Corporate Governance Report for 2017, drawn up by the Company’s Management, to the external auditor for review. This report is attached as an Annex.

1. The articles of association of listed companies should not limit the maximum number of votes that a single shareholder may cast, nor contain other restrictions that stand in the way of a company take-over through the acquisition of its shares in the market.
Complies

2. When a parent company and a subsidiary company are both stock market listed, both must provide detailed disclosure on:
a) LasTheir respective areas of activity and possible business relations between them, as well as between the listed subsidiary and the other companies in the group;
b) The mechanisms in place for resolving potential conflicts of interest that may arise.
Not applicable

3. That during the ordinary general meeting, in addition to circulating the annual corporate governance report in writing, the chairman of the board of directors verbally informs the shareholders, in sufficient detail, of the most important aspects of the company´s corporate governance and, in particular:
a) About changes that have occurred since the last ordinary general meeting.
b) About specific reasons why the company does not follow any of the recommendations in the Corporate Governance Code and, if any, alternative rules applicable in this area.
Complies

4. That the company defines and promotes a policy of communication and contact with shareholders, institutional investors and voting advisers which fully respects regulations against market abuse and gives similar treatment to shareholders who are in the same position.
And that the company publishes the policy on its web site, including information relating to the way in which it is put into practice and identifying the contact persons or those responsible for carrying it out.
Complies

5. That the board of directors does not bring a proposal to the general meeting for delegation of powers to issue shares or convertible securities which exclude preferential subscription rights for more than 20% of the company’s capital at the time of delegation.
And that when the board of directors approves any issue of shares or convertible securities excluding preferential subscription rights, the company immediately publishes reports on its web site about this exclusion as referred to under company law. Complies

6. That listed companies drawing up the reports listed below, whether on a compulsory or voluntary basis, publish then on their web site sufficiently in advance of the ordinary general meeting being held, even if their circulation is not mandatory:
a) Report on the independence of the auditor.
b) Reports on the work of the audit and appointments and remuneration committees.
c) Audit committee report on related-party transactions.
d) Report on the corporate social responsibility policy.
Complies

7. That the company transmits general shareholders’ meetings live on its web site.
Complies

8. That the audit committee ensures that the Board of Directors makes every effort to present financial statements to the General Shareholders’ Meeting that are free from limitations or qualifications in the audit report and, in exceptional circumstances where they may exist, both the Chairman of the Audit Committee and the auditors shall provide the shareholders with a clear explanation of the content and scope of such limitations or qualifications.
Complies

9. That the company permanently publishes the requirements and procedures that it will accept to prove ownership of shares, the right to attend the general shareholders’ meeting and the exercise or delegation of the right to vote.
And that such requirements and procedures facilitate the shareholders’ attendance and the exercise of their right to vote and that they are applied in a non-discriminatory manner.
Complies

10. That where any legitimate shareholder has, prior to the general shareholders' meeting being held, exercised the right to supplement the agenda or submit new proposals for resolution, the company:

a) Immediately circulates such supplementary points and new proposals for resolution.
b) Publicises the attendance card form or vote delegation or remote voting form with the amendments needed so that the new points on the agenda and alternative proposals for resolution may be voted on under the same terms as those proposed by the board of directors.
c) Puts all such points or alternative proposals to the vote and applies the same voting rules as those for the points made by the board of directors including, in particular, the assumptions or deductions on the outcome of the vote.
d) Report, after the general shareholders’ meeting, the breakdown of the vote on such supplementary points or alternative proposals.
Not applicable

11. That, in the event that the company foresees payment of fees for attendance at the general shareholders’ meeting, it sets up a general policy on such fees beforehand and that said policy is stable.

12. That the board of directors performs its duties with a unity of purpose and independence of judgement, gives the same treatment to all shareholders who are in the same position and is guided by company interest, understood to be the achievement of a profitable business that is sustainable in the long term, that promotes its continuity and the maximisation of the company’s financial value.
And that in pursuing company interests, apart from respecting the laws and regulations and behaviour based on good faith, ethics and respect for commonly accepted uses and good practice, it seeks to reconcile company interest with, as appropriate, the legitimate interests of its employees, suppliers, customers and other interest groups who may be affected, along with the impact of the company’s activities on the community as a whole and the environment.
Complies

13. That, in the interests of effectiveness and participation, the board of directors should comprise no fewer than five and no more than 15 members.

14. That the board of directors approves a policy for selecting directors that:
a) Is specific and verifiable.
b) Ensures that proposals for appointment or re-election are based on prior analysis of the board of directors’ needs.
c) Encourages diversity of knowledge, experience and gender.

That the result of prior analysis of the board of directors’ needs is included in an explanatory report from the appointments committee which is published when calling the general shareholders’ meeting to which it is submitted for ratification, appointment or re-election of each director.
And that the policy for selecting directors promotes the objective that by 2020 the number of female directors is at least 30% of the total number of members of the board of directors.
The appointments committee will verify compliance with the policy for selecting directors annually and will report on it in the annual corporate governance report.
Complies

15. External proprietary directors and independent directors should comprise a significant majority of the Board of Directors, and the number of executive directors be kept to a minimum, taking into account the complexity of the corporate group and the percentage shareholdings of the executive directors in the company.
Complies

16. That the ratio of proprietary directors to the total number of non-executive directors should not be greater than the existing ratio between the capital of the company represented by such directors and the remaining capital. This criteria may be flexible:
a) In companies with high capitalisation where shareholdings that are legally considered to be significant are scarce.
b) In companies in which there are numerous shareholders represented on the board of directors and these shareholders have no links between them.
Complies

17. That independent directors represent at least half of all the directors. Nevertheless, where the company does not have high capitalisation or where, even if it does, it has one shareholder, or several acting jointly, who control more than 30% of the company capital, the number of independent directors represents, at least, one-third of all the directors.
Complies

18. That companies publish and update the following information about their directors on their web site:
a) Professional profile and biography.
b) Other boards of directors to which they belong, whether or not they are listed companies, along with information about their other remunerated activities, whatever they may be.
c) Indication of the director’s category stating, in the case of proprietary directors, the shareholder that they represent or with whom they have ties.
d) Date of their first appointment as a director in the company as well as the date of subsequent re-appointments.
e) Shares and share options held by the director.
Complies

19. That the annual corporate governance report, after verification by the appointments committee, explains the reasons why proprietary directors have been appointed on behalf of shareholders with shareholdings of less than 3% in the company capital and the reasons for ignoring, if applicable, formal requests for presence on the Board from shareholders with shareholdings equal to or greater than others who have successfully proposed proprietary directors.
Not applicable

20. That proprietary directors present their resignation when the shareholder they represent transfers its entire shareholding. And the number of proprietary directors is also reduced when the shareholders in question reduce their holdings to a level that requires fewer such directors.
Explain

The Company’s General Shareholders’ Meeting used its votes to set the representation of the proprietary shareholder on the Board of Directors. As a result, there is (i) a proprietary shareholder with a holding of around 29% (HNA Group) without representation on the Board, (ii) another proprietary shareholder with a holding of around 12% (Oceanwood) which, with one director would be under-represented on the Board, and (iii) a third proprietary shareholder with a holding of around 9% (Grupo Hesperia Inversor) which, with two directors would be over-represented. With regard to this last shareholder, in 2014 they reduced their shareholding in NH but retained two representatives on NH’s Board of Directors as it was considered that the in-depth knowledge both representatives had of the hotel industry was an asset worth preserving for the benefit of all shareholders. And so it was approved by the General Shareholders’ Meeting on 29 June 2017 and by the proxy advisors which covered said Meeting who recommended voting in favour of the appointment’s approval..

21. The Board of Directors does not propose the removal of any independent director before the statutory period for which the director has been appointed concludes, unless the board of directors has just cause, based on a report by the Appointments Committee. In particular, it will be understood that just cause exists where the director takes up new posts or undertakes new obligations which prevent him/her from dedicating the time needed to perform the duties of the post of director, or failing to carry out the duties inherent to the post or he/she incurs in any of the circumstances which cause him/her to lose his/her independent status, in accordance with the provisions of applicable law. The removal of independent directors may also be proposed as a result of mergers, take-overs or other similar corporate actions that change the structure of the company’s capital when such changes in the structure of the board of directors obey the criteria of proportionality indicated in Recommendation 16.
Complies

22. Companies establish rules that require directors to report and, as applicable, resign when circumstances arise that could damage the company’s credibility and reputation, and in particular to notify the board of directors of any criminal proceedings in which they are involved, and the subsequent developments of any court action.
If a director is indicted or sent for trial for any of the offences provided for in company law, the board of directors shall examine the case as soon as possible and, based on the specific circumstances, decide whether the director should continue in their post. The board of directors reports and explains all such occurrences in the annual corporate governance report.
Complies

23. All directors clearly express their opposition when they believe that a proposal for a decision presented to the board of directors may not be in the Company’s interests. Particularly independent and other directors who are not affected by any potential conflict of interest should oppose decisions that may be detrimental to shareholders not represented on the board of directors. When the board of directors adopts significant or repeated decisions about which a director has serious reservations, the director draws the appropriate conclusions and, if they decide to resign, explains the reasons in the letter referred to in the following recommendation. This recommendation also applies to the secretary of the board of directors, even though they may not be a director.
Complies

24. When, due to resignation or for other reasons, a director vacates their post before the end of their term, they explain the reasons in a letter sent to every member of the board of directors. And, notwithstanding the fact that this departure is reported as a significant event, the reason for the departure is reported in the annual corporate governance report.
Complies

25. That the appointments committee ensures that non-executive directors have sufficient time available to perform their duties properly. That the company rules set out the maximum number of company boards that its directors may belong to:
Complies

26. The board of directors is to meet as frequently as required to efficiently perform its functions, at least eight times a year, following the schedule of dates and matters established at the start of the year, and each director, individually, may propose other items not initially included on the agenda.
Complies

27. Directors may only be absent when it is essential and the number of absences should be included in the annual corporate governance report. When non-attendance is inevitable, the absent director may nominate a proxy and provide instructions.
Partially complies

Out of a total of 11 meetings of the Board of Directors, it was not possible to nominate a proxy with instructions in 3 for reasons of urgency. In any case, the percentage of attendance over total votes during the year was 97.29%.

28. When directors or the secretary raise concerns about a proposal or, in the case of directors, about the performance of the company, and such concerns are not resolved by the board of directors, these concerns are recorded in the minutes at the request of the director raising them.
Complies

29. The company sets up appropriate channels so that directors may obtain the advice needed to perform their duties, including, if the circumstances deem fit, external advice payable by the company.
Complies

30. Independently of the knowledge demanded from the directors to carry out their duties, the companies also offer directors with the opportunity to participate in knowledge refresher programmes where the circumstances so require.
Complies

31.The agenda at meetings clearly shows the points regarding which the board of directors must make a decision or adopt a resolution so that the directors can study them or gather the information needed for their adoption beforehand.
Where, exceptionally, on the grounds of urgency, the chairman wishes to submit decisions or resolutions for the board of directors’ approval which do not appear on the agenda, prior, express consent will be required from the majority of directors present, and this will be duly recorded in the minutes.
Complies

32. Directors are periodically informed about changes in shareholdings and the opinion that significant shareholders, investors and ratings agencies have about the company and its group.
Complies

33. The chairman, being responsible for the effective functioning of the board of directors, in addition to carrying out the duties that are legally and statutorily attributed thereto, prepares and submits a programme of dates and matters to be addressed to the board of directors; organises and coordinates the periodic assessment of the board and, if necessary, the company’s chief executive; ensures that sufficient time is given to the discussion of strategic matters, and agrees and reviews knowledge refresher programmes for each director where the circumstances so require.
Complies

34. Where there is a coordinating director, the articles of association or board of directors’ regulations offer him/her the following powers, in addition to the powers provided by the law: chair the board of directors in the absence of the chairman and vice-chairmen, if any; speak up for non-executive directors concerns; maintain contact with investors and shareholders to establish their points of view for the purposes of forming an opinion on their concerns, particularly in relation to the company’s corporate governance; and coordinate the chairman’s succession plan.
Not applicable

35. That the secretary of the board of directors takes particular care so that, in their actions and decisions, the board of directors are aware of the recommendations on good governance contained in this Code of Good Governance applicable to the company.
Complies

36.Once a year the board of directors, in plenary, assesses and adopts, as necessary, an action plan correcting shortcomings detected in relation to:
a) The quality and efficiency of the board of director’s work.
b) The operation and composition of its committees.
c) The diversity of the composition and powers of the board of directors.
d) The performance of the chairman of the board of directors and the chief executive of the company.
e) EThe performance and contribution of each director, paying particular attention to those responsible for the various committees of the board.Consejo

Assessment of the various committees will be based on the report that they submit to the board of directors and, with respect to the board, the report submitted by the appointments committee. Every three years, the board of directors will be aided in carrying out the assessment by an external consultant whose independence will be verified by the appointments committee. The business relationship of the consultant, or any company in its group, with the company, or any company in its group, must be broken down in the annual corporate governance report. The process and the areas assessed will be subject to description in the annual corporate governance report
Complies

37. When there is an executive committee, the participation structure of the different director categories is similar to that of the main Board and its secretary is the Secretary of the Board.
Partially Complies

The Company’s Executive Committee does not have a similar director category structure as the Board of Directors itself as, in the Executive Committee there is a greater weight of proprietary directors than on the Board of Directors. This is the result of an informed and free decision by the Board of Directors which, logically, has been approved by qualified majorities considering that the make up of its Executive Committee is adequate to carry out its duties. The Secretary and Deputy Secretary of the Board serve in the same positions on the Executive Committee.

38. The board of directors is always aware of the issues discussed and the decisions adopted by the executive committee and each member of the board of directors receives a copy of the minutes of the executive committee’s meetings.
Complies

39. Members of the audit committee, particularly its chairman, are appointed on the basis of their knowledge and experience in accountancy, auditing or risk management and the majority of its members are independent directors.
Complies

40. Under supervision of the audit committee, there is a unit that carries out the internal audit function, tasked with ensuring the proper functioning of the information and internal control systems and that functionally comes under the non-executive chairman of the board or of the audit committee.
Complies

41. The manager of the unit responsible for internal audit submits his/her annual work plan to the audit committee, directly reports corresponding incidents and submits an activity report to the committee at the end of every year.
Complies

42. In addition to those provided for by the law, the audit committee is responsible for the following functions:

1. In relation to internal control and information systems:
a) Supervising the preparation and safeguarding the integrity of the financial reporting relating to the company and, if applicable, to the group, reviewing compliance with regulations, the adequate delimitation of the consolidated group and the proper application of accounting standards.
b) Safeguarding the independence and effectiveness of the unit responsible for internal auditing; proposing the selection, appointment, re-election and removal of the manager of the internal audit service; proposing the budget for this service; approving its focus and work plans, ensuring that its activity is mainly focussed on relevant risks for the company; receiving periodic information about its activities; and verifying that senior management takes into account the conclusions and recommendations of its reports.
c) Establishing and supervising a mechanism that allows employees to report confidentially and, if possible and considered appropriate, anonymously, any potentially significant irregularities, particularly financial and accounting, they discover within the Company.

2. In relation to the external auditor:
a) In the case of the resignation of the external auditor, examining the circumstances that may have lead to this.
b) Ensuring that the external auditor’s remuneration for their work does not compromise their quality or independence.
c) Monitoring that the company notifies the Spanish Stock Market Commission (CNMV) of the change of auditor as a significant event and accompanies it with a statement about the existence of disagreements with the outgoing auditor and the content of such disagreements, if they exist.
d) Ensuring that the external auditor has an annual meeting with the board of directors in plenary to report on the work carried out and on the evolution of the accounting position and risks to the company.
e) Ensuring that the company and the external auditor follow prevailing regulations on the provision of services other than audit services, the limits on the concentration of business with the auditor and, in general, any other regulations on the independence of the auditors;
Complies

43. The Audit Committee may summon any employee or director of the company, and may require the appearance of the same without the presence of any other director.
Complies

44. The audit committee is informed about structural and corporate amendment transactions that the company plans to carry out for analysis and prior reporting to the board of directors about their financial terms and their accounting impact and, in particular, as appropriate, on the proposed swap ratio.
Complies

45. The risk management and control policy identifies at least the following:
a) The different types of risk, either financial or non-financial, (operational, technological, legal, social, environmental, reputational, amongst others) to which the company is exposed, including contingent liabilities and other off-balance sheet risks amongst financial and economic risks.
b) The level of risk that the company considers acceptable.
c) The measures planned to mitigate the impact of identified risks should they materialise.
d) The internal control and information systems that will be used to control and manage the aforementioned risks, including contingent liabilities or off-balance sheet risks.
Complies

46. Under the direct supervision of the audit committee or, as appropriate, a specialist committee of the board of directors, there is an internal risk control and management system run by an internal unit or department at the company which is expressly given the following functions:
a) Ensure the proper functioning of the risk control and management systems and, in particular, that all significant risks that may affect the company are adequately identified, managed and quantified.
b) Actively take part in drawing up risk strategy and in important decisions on its management.
c) Ensure that risk control and management systems suitably mitigate risks within the framework of the policy defined by the board of directors.
Complies

47. The members of the appointments and remuneration committee (or the appointments committee and remuneration committee, if they are separate) are appointed endeavouring to ensure that they have suitable knowledge, skills and experience for the functions that they are called to perform and that the majority of such members are independent directors.
Complies

48. Companies with high capitalisation have separate appointments and remuneration committees.
Not applicable

49. QThe appointments committee consults the chairman of the board of directors and the chief executive of the company, particularly regarding issues concerning executive directors.
And that any director can request the appointments committee to take into consideration potential candidates to cover any director vacancies, if, in their opinion, they deem the candidate appropriate.
Complies

50. The remuneration committee carries out its functions independently and, apart from the functions allotted to it by the law, also carries out the following:
a) Propose the basic conditions of contracts for senior management to the board of directors
b) Monitor compliance with the remuneration policy established by the company.
c) Periodically review the remuneration policy applicable to directors and senior management, including systems of remuneration with shares and their application, in addition to ensuring that individual remuneration is proportionate to that paid to the company’s other directors and senior management.
d) Ensure that possible conflicts of interest do not affect the independence of the external advice given to the committee.
e) Verify the information regarding directors’ and senior management’s remuneration contained in the various corporate documents, including the annual report on directors’ remuneration.

51. The Remuneration Committee consults the chairman and the Chief Executive Director of the company, particularly regarding issues concerning executive directors.
Complies

52. The rules on the composition and functioning of the supervision and control committees are contained in the board of directors’ rules and are consistent with those applicable to the committees that are legally mandatory in accordance with the above-mentioned recommendations, including:
a) That they are exclusively made up of non-executive directors, with a majority of independent directors.
b) The chairmen are independent directors.
c) The board of directors appoints the members of these committees taking into account the knowledge, skills and experience of the directors and the tasks of each committee; it discusses their proposals and reports, and during the first plenary session following their meetings, gives account of their activities which responds to the work carried out;
d) The committees have access to external advice when they deem it necessary to perform their duties.
e) Minutes of their meetings are drawn up and made available to all the directors.
Not applicable

53. Supervision of compliance with the corporate governance rules, internal rules of conduct and corporate social responsibility policy is the responsibility of one or distributed amongst several committees of the board of directors which may include the audit, appointment or corporate social responsibility committee, if there is one, or a specialist committee that the board of directors, exercising its powers of self-organisation, decides to create for that purpose, to which the following functions are given, as a minimum:
a) Supervise compliance and internal codes of conduct, as well as the company’s rules of corporate governance.
b) Supervise the communications strategy and relationship with shareholders and investors, including small and medium shareholders.
c) Periodically assess the adequacy of the company’s corporate governance system, for the purpose that it complies with its mission to promote company interests and takes into account, as appropriate, the legitimate interests of other stakeholders.
d) Review the company’s corporate responsibility policy, ensuring that it is directed at creating value.
e) Monitor corporate social responsibility strategy and practices and assess the level of compliance therewith.
f) Supervise and assess relationship processes with the various stakeholders.
g) Assess all matters relating to the company’s non-financial risks including operational, technological, legal, social, environmental, political and reputational.
h) Coordinate the process for non-financial and diversity information reporting in accordance with applicable regulations and international reference standards.
Complies

54. The corporate social responsibility policy includes the principles or undertakings that the company assumes voluntarily in its relationships with the various stakeholders and identifies, as a minimum:
b) The aims of the corporate social responsibility policy and the development of support tools.
c) Specific practices in matters related to: shareholders, employees, customers, suppliers, social matters, the environment, diversity, tax responsibility, respect for human rights and the prevention of illegal behaviour.
d) The methods or systems for monitoring the results of the application of specific practices listed under the previous letter, associated risks and their management.
e) Mechanisms for supervising non-financial risk, company ethics and behaviour.
f) Channels for communication, participation and dialogue with stakeholders.
g) Responsible communication practices that avoid the manipulation of information and protect integrity and honour.
Complies

55. The company reports, in a separate document or in the management report, on matters related to corporate social responsibility, using one of the internationally accepted methodologies to do so.
Complies

56. Directors’ remuneration is sufficient to attract and retain directors with the desired profile and to remunerate the dedication, qualification and responsibility that the post demands, but not so high as to compromise the independent opinion of non-executive directors.
Complies

57. Variable remuneration linked to company and personal performance is limited to executive directors, in addition to remuneration with shares, options or rights over shares or instruments referenced to share value and long-term savings systems such as pension plans, retirement plans or other social benefits systems.
Giving shares by way of remuneration to non-executive directors may be contemplated when this is conditional on said shares being retained until they cease to be directors. The foregoing will not be applicable to shares that a director needs to dispose of, as appropriate, to pay for the costs related to their acquisition.
Complies

58. In the case of variable remuneration, payment policies incorporate the limits and technical safeguards required to ensure that such remuneration is in line with the professional performance of the beneficiaries and is not solely derived from the general evolution of the markets or the business sector of the company or from other similar circumstances.
In particular, the variable components of remuneration:
a) Are bound to performance criteria that are predefined and measurable and that such criteria consider the risk assumed to obtain a result.
b) Promote the company’s sustainability and include non-financial criteria that are appropriate for the creation of long-term value, such as compliance with the company’s internal rules and procedures and its policies for risk control and management.
c) Are set up on the basis of a balance between fulfilling objectives in the short-, medium- and long-term that make it possible to reward continuous performance during a period of time that is sufficient to appreciate the contribution to sustainable creation of value, in such a way that the elements for measuring this performance are not solely based around one-off, occasional or extraordinary events.
Partially complies

The Company’s executive directors’ short-term variable remuneration has ten per cent linked to the professional performance of the CEO, i.e. his performance assessment. The eight competences measured in this performance assessment are non-financial and are linked to predetermined and measurable performance criteria, as is recommended.
In relation to long-term variable remuneration, although it does not include non-financial criteria as a measure of achievement, it does include a “clawback” clause with an application period of two years from the end of each cycle and for which the payback of the award may be demanded in the following cases:
i. Restatement of the Company’s financial statements wherever not due to the modification of applicable accounting standards or interpretations.
ii. The Executive Director being sanctioned for serious breach of the code of conduct and other internal regulations which may be applicable.
iii. When the settlement and payment of the award was wholly or partially produced on the basis of information whose falsehood or serious inaccuracy is manifestly demonstrated a posteriori..

59. Payment of a significant part of variable components of remuneration is deferred for a sufficient minimum period of time to verify that the remuneration terms previously set up have been fulfilled.
Partially complies

There is no deferral scheme in the Company’s current annual variable remuneration system for any of its participants. With long-term variable remuneration, its very nature allows the Company’s performance to be seen in the medium and long term (3 years), in addition to ex post control instruments which would be activated when circumstances arise which make it evident that the payment was made on an erroneous premise.

60. Remuneration linked to the results of the company shall take into consideration any possible qualifications in the auditor’s report that might reduce such results.
Complies

61. A significant percentage of the executive directors’ variable remuneration is linked to the handover of shares or financial instruments referenced to their value.
Complies

62.Once the shares or options or rights over shares relating to the remuneration system have been allotted, the directors may not transfer ownership of a number of shares equivalent to twice their annual fixed remuneration, nor may they exercise the options or rights until a period of, at least, three years has passed since their allotment. The foregoing will not be applicable to shares that a director needs to dispose of, as appropriate, to pay for the costs related to their acquisition.
Explain

Both the 2014-2019 and 2017-2022 “Performance Shares” Plans establish the obligation to retain the shares delivered to the Executive Director for at least one year. In addition, the Executive Director will be obliged to hold an amount in shares equivalent to at least one year of fixed remuneration throughout their entire tenure. To determine compliance with this obligation, it considers the share price on the day they were delivered.

63. Contractual agreements include a clause that allows the company to claim repayment of the variable components of remuneration where the payment has not been adjusted to the terms for performance or where they were paid in the light of data which is later proven to be inaccurate.
Complies

64. Payments for termination of contract do not exceed an amount established as the equivalent of two years total annual remuneration and they are not paid until the company has been able to prove that the director fulfilled the performance criteria set up beforehand.br /> Explique

Regarding the outgoing Executive Body, the possible compensation which could correspond to it is pending judicial review, with the court having set 20 November 2018 for the pre-trial hearing. When any news arises, this information will be transferred quickly and included into the new annual reports which may be necessary. Notwithstanding the foregoing, and in accordance with criteria of accounting prudence, the Company’s Annual Accounts have had the maximum amounts which, if applicable, could be derived from the eventual compensation to Mr Federico González Tejera fully provided for.

In no event will Ramón Aragonés Marín, the Executive Director appointed in 2017, be entitled to receive any compensation derived from the termination of his position and ending of such commercial relationship. However, the possible indemnities derived from an ending of the employment relationship will continue in effect during his term as Executive Director, recognising that period as time employed. Once ended, as appropriate, the business relationship will take over the labour relationship which was in effect between company and employee until the taking on of the new position in all its effects, except in serious and culpable breach and thus declared jurisdictionally.

SECTION A.2
Although in the CNMV Records it is recorded that the shareholding of Grupo HNA in NH is 29.50% at 31 December 2017, Grupo HNA reported a decrease to 29.34% in its shareholding in NH to the CNMV on 27 February 2017.

In addition, on 3 November 2017, Grupo HNA notified the CNMV of the signing of a sales contract and repurchase agreement through which it would transfer NH shares representing approximately 1.14% of the share capital.

Depending on whether the sale has been formalised and the terms and conditions of it, Grupo HNA’s shareholding in NH could reach 28.20% of the share capital. Finally, on 19 January 2018, it notified the CNMV of the engagement to review its shareholding in NH, including identify potential buyers of its shareholding.

Although the directors are expressly excluded in section A.2, to show the shareholding in NH Hotel Group, S.A. clearly, the shareholding of Grupo Inversor Hesperia, S.A. is included in that section as it is also a director of the Company. The shareholding of Grupo Hesperia consists of the direct shareholding held by Grupo Inversor Hesperia, S.A. (9.10%) and Eurofondo (0.17%).

SECTION A.5
All relations of a commercial, contractual or corporate nature between significant shareholders and the Company and/or its group have been described in the section on Related Party Transactions (insofar as the significant shareholders are also Company directors). These relations have not been included in section A.5 since these transactions are considered to arise from the ordinary course of the Company’s business.

SECTION A.8
At 31 December 2017, final ownership of NH Hotel Group, S.A. own shares came to 8,031,895 shares.

During 2017, the Company did not acquire own shares. The other operations correspond to refunds of shares undertaken as part of the loan agreement for 9,000,000 shares in NH Hotel Group, S.A. entered into as part of the issue of the bonds convertible or exchangeable for shares of NH Hotel Group in November 2013 between the Company and the three financial institutions involved in the placement of the bonds. The outstanding balance of the share lending initiative at 31 December 2017 came to 1,384,473 shares. By virtue of the foregoing, the final ownership of NH Hotel Group, S.A. own shares at 31 December 2017 came to 8,031,895 shares, which are attached to the same number of rights to vote.

SECTION C.1.12
Given that the IAGC workforce only allows inclusion of positions which the Directors had on the Board of Directors of other listed companies, it is hereby informed that Mr Fernando Lacadena Azpeitia is the Financial Director at Merlin Properties Socimi, S.A.

SECTION C.1.17
D. Jordi Ferrer Graupera, Reprsentative persona física del DIRECTOR Grupo Inversor Hesperia, S.A., accionista significativo de la Compañía, ostenta el cargo de administrador solidario de Grupo Inversor Hesperia, S.A.

APARTADO C.1.33
The Board also has a Deputy Secretary, Mr Carlos Ulecia Palacios, who holds the post of General Secretary of the Company.

SECTION C.1.43
HNA, via its company Tangla, S.L., brought criminal proceedings against Mr José Antonio Castro Sousa based on the agreements adopted at the General Shareholders’ Meeting of 21 June 2016 at which Mr Castro served as the Chairman of the Meeting. The Instructing Judge of said criminal action dismissed and filed the proceedings on 21 September 2017. This order to dismiss and file has been appealed by HNA, and is pending resolution.

SECTION C.2.1.
Notwithstanding the detailed composition of the Board of Directors, the Company has a co-chairmanship system which specifies the appointment of a Chairman of the Board (Mr Alfredo Fernández Agras) and a Chairman of the Executive Committee (Mr José Antonio Castro Sousa).
In relation to the reference made to the Audit and Control Committee and the identification of the “member of the audit committee who has been appointed taking their knowledge and experience in accounting, auditing or both into account”, the IAGC form only allows the appointment of one of the members (as required by article 529m of the LSC, which requires that “one of them be appointed taking their knowledge into account” in these matters), clarification is wanted that all members of the Audit and Control Committee have extensive experience and knowledge in accounting and auditing, which is why they have been appointed to be part of the Committee in question.

SECTION D.2.
On 19 April 2017, NH and the shareholder Grupo Inversor Hesperia, S.A. signed a framework contract for hotel management for a total net amount of 31,000 (thousand) euros, of which 11,000 (thousand) euros was paid in 2017 (published through Relevant Event with record number 250817 dated 19 April 2017). Said agreement has brought about a new strategic and transformational framework for the Company when signing new hotel management contracts for a term of 9 years.

It is hereby recorded that concerning the management agreement entered into between Hoteles Hesperia, S.A. and the major shareholder Grupo Inversor Hesperia, S.A., the total transaction volume in 2017 came to 8,969 (thousand) euros. The balance at 31 December 2017 resulting from said management agreement is contained in this report and comes to 2,191 (thousand) euros.

SECTION D.3.
See note D.2. where the shareholder Grupo Inversor Hesperia, S.A. which carries out significant operations with the Company is a Director of the Company at the same time.

SECTION G.3.
Si bien durante la celebración de la Junta General Ordinaria se ha dado cumplimiento a lo dispuesto en la presente Recomendación, ha sido el PCHAIRMAN de la Comisión de Nombramientos, Retribuciones y Gobierno Corporativo (y no el PCHAIRMAN del Consejo) quien ha facilitado dicha información.