37
Likewise, he/she is tasked with providing advisory services to directors and executives
regarding all aspects that could have criminal consequences.
INTERNAL AUDIT AND PROCESS CONTROL:
Coordinates and administers the Risk Management and Control System.
Performs a periodical review of the risks identified and coordinates the assessment of such
risks by the heads.
Designs policies and procedures and identifies new controls.
Verifies the application of the controls and reports to the Audit and Control Committee.
The Audit and Control Committee is responsible for the supervision of the System's functioning, the
assessment of new risks and for the information to be included in the annual and half-yearly financial
statements.
The Audit and Control Committee is also responsible for informing the Board of Directors on the Risk
Management and Control System for which, where appropriate, it approves or modifies the action
plans, promotes new measures to be implemented and supervises the assessment of the new risks
identified.
E.3 Indicate the main risks, including tax contingencies, that can prevent the Company from achieving its
targets:
The content of this section has been filled in in the appendix to section H.
E.4
Identify if the Company has a risk tolerance level, including with respect to tax contingencies:
Atresmedia has defined a risk tolerance level within the Risk Management and Control System in
each business, based on two main criteria:
Process potentially affected by the risk.
Level of operations/results affected.
The System periodically assesses the level of exposure to the identified risks of the defined processes
and organisations.
Risks are evaluated taking into account both:
The inherent risk: understood to be the risk existing in the absence of actions to modify its
probability and impact.
The residual risk: understood to be the risk that remains even when the responses to the
risks have been adopted and implemented.
Subsequently, all risks are assessed based on the estimated impact and probability, in line with two
criteria:
Impact: classified in accordance with the negative impact of the occurrence of the risk on
results or on business continuity.
Probability: the probability is assessed that the risk becomes apparent regardless of
whether the controls are sufficient and reduce the risk to acceptable levels.
Based on the risk assessment criteria, which are frequently reviewed, risks are classified into risk
groups, based on their classification.
E.5
Identify any risks, including tax contingencies, that have materialised during the year:
The most significant risk that materialised in 2015 relates to the penalty imposed by the Spanish
National Markets and Competition Commission (CNMC) as a result of disciplinary proceedings in
which this public body reviewed compliance with the conditions imposed at the time to authorise
Atresmedia’s concentration with La Sexta. In the CNMC’s opinion, Atresmedia had breached some of
these conditions, and accordingly, a penalty was imposed, which was appealed against before the
courts.
In addition, this penalty did not have an impact on Atresmedia’s earnings since the directors and
internal and external legal advisers considered that solid grounds existed to uphold that the