39. In addition to the Audit Committee mandatory under the Securities Market Law, the Board of
Directors should forma committee, or two separate committees, of Appointments and remuneration.
The rules governing the make-up and operation of the Audit Committee and the committee or
committees of Appointments and remuneration should be set forth in the board regulations, and
include the following:
a) The Board of Directors should appoint the members of such committees with regard to the knowl-
edge, aptitudes and experience of its Directors and the terms of reference of each committee; discuss
their proposals and reports; and be responsible for overseeing and evaluating their work, which
should be reported to the first board plenary following each meeting;
b) These committees should be formed exclusively of external Directors and have aminimumof three
members. Executive Directors or senior officers may also attend meetings, for information purposes,
at the Committees’ invitation.
c) Committees should be chaired by an independent director.
d) They may engage external advisors, when they feel this is necessary for the discharge of their
duties.
e) Meeting proceedings should be minuted and a copy sent to all board members.
See sections: C.2.1 and C.2.4
Partially complies
Complies
Explain
40. The job of supervising compliance with internal codes of conduct and corporate governance
rules should be entrusted to the Audit Committee, the Nomination Committee or, as the case may be,
separate Compliance or Corporate Governance committees.
See sections: C.2.3 and C.2.4
Complies
Explain
41. Audit committee members, particularly the Chairman, are appointed in light of their knowledge
and experience of accounting, audit or risk management
42. Listed companies should have an internal audit function, under the supervision of the Audit
Committee, to ensure the proper operation of internal reporting and control systems.
See section: C.2.3
43. The head of internal audit should present an annual work programme to the Audit Committee;
report to it directly on any incidents arising during its implementation; and submit an activities
report at the end of each year.
44. Control and risk management policy should specify at least:
a) The different types of risk (operational, technological, financial, legal, reputational…) the company is
exposed to, with the inclusion under financial or economic risks of contingent liabilities and other off-bal-
ance-sheet risks;
b) The determination of the risk level the company sees as acceptable;
c) Measures in place tomitigate the impact of risk events should they occur;
d) The internal reporting and control systems tobe used to control andmanage the above risks, including
contingent liabilities and off-balance sheet risks.
See section: E
Complies
Explain
Complies
Explain
Partially complies
Complies
Explain
Partially complies
Complies
Explain
226
Annual Corporate Governance Report
Annual
Report 2013
BME
1...,216,217,218,219,220,221,222,223,224,225 227,228,229,230,231,232,233,234,235,...236