3.- Control activities
The entity should state whether it has at least the following components in place, specifying their main characteristics:
3.1. Procedures for reviewing and authorising the financial information and description of ICFR to be disclosed
to the markets, stating who is responsible in each case. Documentation and flow charts of activities and controls
(including those addressing the risk of fraud) for each type of transaction that may materially affect the financial
statements, including procedures for the closing of accounts and for the separate review of critical judgements,
estimates, evaluations and projections.
The preparation of the financial information which is disseminated to the stock market and its subsequent review is
entrusted to a suitably defined human and technical team which allows the BME Group to ensure that this informa-
tion is precise, true and comprehensive according to current legislation. The procedures for preparing and reviewing
financial information have been defined and documented by the Group’s Finance Department. Other departments
also assist in ensuring that the necessary level of detail is obtained.
Therefore, the procedures for the accounting close and the preparation of the financial statements occasionally rely
on key judgements, estimates and assumptions made by senior management to quantify assets, liabilities, revenue,
expenses and commitments, which are described in detail in the corresponding financial statements. These estimates
are made according to the best available information at the date on which the financial statements are prepared,
using generally accepted methods and techniques and data, and observable and contrasted assumptions. In the
current year, the following issues have been addressed:
• the assessment of potential impairment losses on certain assets;
• assumptions used in the actuarial calculation of liabilities and commitments for post-employment benefits;
• the useful life of property, plant and equipment and of intangible assets;
• goodwill impairment measurement;
• the fair value of certain financial instruments;
• the calculation of provisions; and
• assumptions used to determine the variable remuneration schemes relating to BME shares.
In order to guarantee the reliability of this financial information, the Finance Department carries out monthly review
and closing procedures, such as analysing the adherence to budgets, preparing business performance indicators and
analysing the ratios defined by the BME Group itself.
The Board, through the Audit Committee, has among its functions, pursuant to article 8 of the Board of Directors’
Regulations, that of reviewing all the published financial information:
“(…) In matters related to the stock market and
bearing in mind the Company’s status as an issuer, the Board of Directors, either in full or through its Committees, shall
undertake the following specific duties:
a)Supervising all periodic financial reports and in general the information released to the financial markets on all
events, decisions and circumstances that may affect the Company’s share price performance.
(…)”
The Finance Department is responsible for determining the relevant financial information, based on quantitative
criteria of materiality, and qualitative criteria, taking into consideration all of the financial information reported and
published in the financial markets. Later, the processes linked to this information are analysed, distinguishing between
business processes, support processes and the applications used in preparing the financial information. To this end,
the BME Group has descriptive documentation of the activity flow charts relating to the processes, sub-processes and
activities linked to this financial information, as well as the main risks and controls associated with the same. These are
reviewed and updated periodically.
The Internal Audit Department shall
“(...) Revise the reliability and completeness of the financial and operating informa-
tion, as well as of the means used to identify, evaluate, classify and disseminate this information. (…)”
, as stipulated in the
Regulations for the BME Group Internal Audit.
3.2 Internal control policies and procedures for IT systems (including secure access, control of changes, systemoper-
ation, continuity and segregation of duties) giving support to key company processes regarding the preparation
and publication of financial information.
The IT systems which support the processes on which the financial information is based are subject to internal
control policies and procedures to guarantee the completeness of the preparation and publication of the financial
information.
Specifically policies have been established in relation to:
Safety in accessing the information: the process systems which contain the BME Group’s financial information can
only be accessed by univocal user IDs which are password protected in each of the environments. Likewise, permis-
sion to access the different environments, applications or operating systems is granted according to the user class
and powers. The process of managing users in these systems is based on established procedures based on formally
established channels.
215
Appendix to the Annual Corporate Governance Report
In compliance with the Sustainable Economy Law
6
Annual
Report 2012
/ BME
1...,205,206,207,208,209,210,211,212,213,214 216,217,218,219,220,221,222