In 2012, the Internal Audit Department undertook the first annual assessment of ICFR following its inclusion in the
IRMS. With this assessment, the Internal Audit Department validates the effectiveness of the controls in place, through
the performance of various audit tests. These tests basically consist of testing compliance in processes and/or risks
classified as having a critical impact, and self-assessment questionnaires or specific tests of the existence thereof and
their application for the controls in place for risks that have not been deemed to have a critical impact, or controls of
a general nature.
Finally, the Internal Audit Department presented its annual Activities Plan to the Audit Committee in 2012. The plan
focuses on ongoing improvement in the IRMS through suggestions and proposals by the Risk Committee and, mainly,
on reviewing ICFR to assess its working and validate its effectiveness.
5.2. A discussion procedure whereby the auditor (pursuant to TAS), the internal audit function and other experts
can report any significant internal control weaknesses encountered during their review of the financial state-
ments or other assignments, to the company’s senior management and its audit committee or board of directors.
State also whether the entity has an action plan to correct or mitigate the weaknesses found.
Article 17 of the Board of Directors’ Regulations stipulates that, among the other responsibilities delegated to the
Audit Committee, it shall: “supervise the efficiency of the Company’s internal control and risk control systems. To this
end, the internal control and risk management systems shall be supervised by the Committee at least once a year, to
ensure that the main risks are adequately identified, managed and reported, and will discuss with the auditors or audit
firms or experts appointed for that purpose any significant weaknesses detected in the auditing process.”
The Audit Committee shall also
“liaise with the external auditors in order to receive information on any issues that might
jeopardise the latter’s independence, for examination by the Committee and any others connected with the auditing proce-
dure, and to maintain with the auditors the communications envisaged in audit legislation and in the technical auditing
regulations. The Committee shall also receive information from the external auditors on a regular basis regarding the audit
plan and the results of its execution, ensuring that the auditors’ recommendations are taken into consideration by senior
management. The Committee shall also monitor compliance with the regulations in force concerning the provision of
services other than auditing, the limits in regard to business concentration of the auditor and, in general, any other rules
aimed at ensuring the auditors’ independence. Each year the auditors will receive written confirmation of their independ-
ence of the Company, as well as information on any other type of service provided by the auditors or persons or entities
related to them“.
In this regard, the Audit Committee met on nine occasions in 2012. The external auditors were called to the meetings
of the Audit Committee at which the financial information of both BME and its Group companies was reviewed.
6. Other information
Not applicable.
7. External auditor’s report
State whether
7.1. the ICFR information supplied to the market has been reviewed by the external auditor, in which case the
corresponding report should be attached. Otherwise, explain the reasons for the absence of this review.
In applying the recommendations included in the CNMV’s report on Internal control over financial reporting in listed
companies published on its website, the Company has requested that its auditor conduct a review of its ICFR disclo-
sures. The resulting report will be included as an Appendix to this Annual Corporate Governance Report.
218
Appendix to the Annual Corporate Governance Report
In compliance with the Sustainable Economy Law
6
Annual
Report 2012
/ BME
1...,208,209,210,211,212,213,214,215,216,217 219,220,221,222