36
into place new controls or mitigate impacts. The risks are frequently re-assessed to verify
whether they are effectively controlled.
iii.
Compliance: the Atresmedia Group has defined a Regulatory Compliance System that
ensures compliance with all regulations, both internal and external.
The System supervises compliance with such regulations through specific controls.
iv.
Processes: the main processes and sub-processes of the different businesses of the
Atresmedia Group are defined to identify the risks that have the greatest impact on one or
another business process, the existing controls and the improvement requirements for each
of the processes and sub-processes identified.
v.
Organisation: the risks and controls affecting the whole Group have been defined, together
with the risks and controls that exclusively affect certain organisational units. The heads of
each organisational unit monitor the risks and controls specific to their organisation.
Further information on the Company's Risk Management and Control System is provided in the
appendix to section H of this report.
With regard to tax risks, aside from the controls inherent in the Risk Management and Control
System, in 2015, a Corporate Fiscal Policy was approved by the Board of Directors, subject to the
review and approval of the Regulatory Compliance Committee and the Audit and Control
Committee, which regulates the basic principles that govern Atresmedia’s corporate fiscal policy, as
well as the best practices applied in relation to all tax matters. These are summarised through
compliance with all applicable regulations, collaboration with the tax authorities when required and
by avoiding opaque structures and operations and in tax havens.
Likewise, a Procedural Protocol regarding Particularly Significant Tax Transactions was approved by
the Regulatory Compliance Committee and duly notified to the Audit and Control Committee. This
Protocol defines the specific procedure that must be followed with respect to the transactions that,
due to their type and/or amount, require an additional, itemised analysis by the Tax Area.
E.2.
Identify the Company bodies responsible for preparing and implementing the Risk Management
System, including the control of tax contingencies:
The Risk Management and Control System is a corporate system in which the whole of the
Atresmedia Group participates with different levels of responsibility and participation therein.
Through control assessments, all organisational and business units are actively involved in the
System.
Atresmedia's main responsibilities relating to the Risk Management and Control System are
summarised as follows:
BUSINESS UNITS AND CORPORATE UNITS:
Control, assessment and supervision heads
Bound to comply with regulations: external and internal (policies, regulations and procedures).
FINANCIAL DIVISION:
Head of most of the financial controls and of the Internal Control over Financial Reporting
(ICFR) System.
Compliance with policies and rules related with budgets, accounts, financial statements and
financial reporting.
Head of the controls corresponding to the tax risks.
LEGAL ADVISORY SERVICES/SECRETARY TO THE BOARD OF DIRECTORS:
Head of most of the regulatory compliance and Corporate Governance controls.
REGULATORY COMPLIANCE COMMITTEE:
Collective body that monitors the Group's regulatory compliance.
Tasked with monitoring the Code of Conduct, the Queries and Whistleblower Channel and
the Internal Securities Market Regulations.
CRIMINAL COMPLIANCE HEAD
Responsible for the implementation and monitoring of the Group’s Criminal Compliance
System.