Risk management
BME has a risk management system in place which
ensures that any significant risks which could affect the
group’s objectives and activities are identified, evaluated
and controlled as described in BME’s Annual Corporate
Governance Report.
The Risk Committee, the Internal Audit Department and
the Compliance Department assist the Board of Directors
and the Audit Committee in developing a suitable risk
management programme.
The
Risk Committee
, under the helm of the General
Manager, reports to the Coordination Committee. These
two units work together to implement the risk control and
management policy laid down by the Board of Directors.
The committee monitors and analyses the risks arising in
the day-to-day activities of BME group companies.
The Risk Committee has created an integrated risk man-
agement system (IRMS) following the methodological
framework specified in the COSO II paper. It also main-
tains the Corporate Risk Map, in close cooperation with
the business units and corporate areas. In addition to the
IRMS, the Risk Committee has formally incorporated the
Internal Control over Financial Reporting (ICFR) system. A
description of the IRMS, including the ICFR, is available in
the Annual Corporate Governance Report for 2013.
In the second half of 2012, BME engaged an external
company to analyse its internal organisation, with a view
to shoring up the company’s organisational and resource
management bases. Specific actions are currently being
carried out to strengthen the organisational structure
areas identified as needing improvement.
Among other improvements, efforts are being made to
integrate the Technology Area’s IT equipment and create
major synergies, as well as to bring about greater organ-
isational integration of the area in developing software.
A Project Management and Organisation (PMO) cor-
porate function has also been created. This function
reports to General Management and aims to stand-
ardise and improve control and monitoring of projects
across all areas.
At its meeting of 29 November 2012, the Board of Direc-
tors resolved to set up a Penalty Prevention System, as
described in Chapter 3 of this report. The system is being
gradually implemented throughout the group.
The
Internal Audit Department
is charged with providing
senior management and the Board with information that
enables them to fulfil the company’s objectives, includ-
ing the assessment and evaluation of the efficiency of
the risk assessment tasks carried out. Its task is therefore
aimed at assessing and improving the efficiency of the
processes concerning risk management, control and
governance by identifying key risks and controls.
In order to create an independent body that could
monitor compliance with the regulations governing
the activities of BME and its group companies, on 20
November 2013 the Executive Committee approved the
formation of a group-wide
Compliance Department.
The Compliance Department’s primary duties include
supervising compliance with prevailing regulations,
codes of conduct and commercial agreements; verifying
the suitability of procedures and compliance therewith;
supporting the Audit Committee in supervising regula-
tory compliance risk; and helping employees to monitor
regulatory changes that could affect the activities carried
out by the Group.
21
Corporate Governance
Corporate and Social
Responsibility Report 2013
BME
1...,11,12,13,14,15,16,17,18,19,20 22,23,24,25,26,27,28,29,30,31,...107