You are in:
José Manuel Muries.
Internal Audit General Manager MAPFRE S.A.
Madrid - Spain
On 1 July 2010, the Spanish Official State Gazette1 published Act 12/2010, of 30 June, amending the Accounts Auditing Act2, the Securities Market Act3 and the revised text of the Spanish Public Limited Companies Act4, in order to bring them into line with Community regulations.
The main reason for that Act was to adapt to Directive 2006/43/EC, which regulates aspects relating to external auditing, such as:
At the same time, the reform is being used to modify certain aspects of the regulations contained in the Act, which have to be adapted to the changes in commercial legislation that have occurred, and to incorporate the technical improvements recommended by experience and the practice developed since it entered into force.
On 1 July 2010, the Spanish Official State Gazette published Act 12/2010, amending the Accounts Auditing Act in order to bring them into line with Community regulations
Following this introduction, I am going to focus my briefing on the aspects of the Act that most affect insurance companies listed on the stock exchange, like MAPFRE for example, and in particular on the changes which the Act introduces to the functions of the Audit Committee and Internal Control.
Article 4. Auditing of Consolidated Accounts, of the Accounts Auditing Act, paragraph 2 of which is now worded as follows:
“The auditor who carries out the audit of the accounts or consolidated accounting documents assumes full responsibility for the audit report issued, even where the auditing of affiliated companies’ annual accounts has been carried out by other auditors.”
This is a significant change compared with the previous provision, in which the auditor of the consolidated accounts could limit his liability by excluding affiliated companies audited by other firms.
Another relevant aspect is the inclusion in the provision for the first time of the Annual Transparency Report, which is included in Article 14B and lays down the following:
The reform is being used to modify certain aspects of the regulations contained in the Act, which have to be adapted to the changes in commercial legislation that have occurred, and to incorporate the technical improvements recommended by experience
The fourth Final Provision of Act 12/2010 changes Act 24/1988, of 28 July, on the Securities Market in the following aspects:
“On the company’s webpage an Electronic Shareholder Forum shall be enabled, to which both individual shareholders and any voluntary associations they may set up shall be able to have access, with the proper guarantees, in order to facilitate their communication prior to the holding of Annual General Meetings. In the Forum they shall be able to publish proposals that they intend to present as a complement to the agenda announced in the AGM notification, requests for support for such proposals, initiatives for reaching the percentage sufficient to exercise a minority right as provided for in the Act, as well as offers or requests for voluntary representation.”
“The shareholders of each listed company shall be able to set up specific voluntary Associations in order to exercise their rights and better defend their common interests. Shareholders’ Associations shall be entered in a special Register for that purpose at the Spanish Securities and Exchange Commission (CNMV7). The legal system of Shareholders’ Associations shall be developed in due form and comprise at least the requirements and limits for their constitution, the bases of their organic structure, rules for their operation and the relevant rights and obligations, especially in relation to the company listed.”
The new regulation replaces the word “Know” with “Monitor”, considerably increasing the Audit Committee’s responsibility as regards matters relating to Internal Control, Risk Management and the process of preparing and presenting regulated financial information
As far as the Audit Committee is concerned, certain aspects are being changed. In the table below, the provisions of the previous Securities Market Act (Column A) can be compared with the Audit Committee’s new authorities (Column B) under the current Act.
At the same time, Column C includes the broad outlines of the Audit Committee included at MAPFRE’s Good Governance Code, which coincide with the Good Governance Unified Code on the same aspects.
A Securities Market Act (former) 18th Additional Regulation |
B Securities Market Act) (new) 18th Additional Regulation |
C MAPFRE Good Governance Code 18th Article |
---|---|---|
1. – Inform the General Meeting. | 1. – Inform the General Meeting. | |
2. – Supervision of internal audit services. | 2. – Supervision of internal audit services. | 1º b - Periodically review the internal control and risk management systems. |
3. – Knowledge of the financial information process and internal control systems. | 3. – MONITOR the process of preparing and presenting regulated financial information. | 1ºa - Monitor the process of preparing and the integrity of financial information. |
4. - Propose the
appointment of the
auditors. 5. – Establish relations with the auditors in order to receive information on matters that may put their independence at risk. |
4. – Propose the
appointment of the
auditors. 5. – Establish relations with the auditors in order to receive information on matters that may put their independence at risk. Each year they must receive from the auditors written confirmation of their independence, as well as information on additional services performed. 6. – Issue each year a report in which an opinion is given on the independence of the auditors. |
2ºa - Submit to the
Board proposals for the
selection, appointment,
re-election and
replacement of the
external auditor. 2ºb - Regularly receive information from the external auditor. 2ºc - Ensure the independence of the external auditor. |
1ºc - Ensure the
independence and
effectiveness of the
Internal Audit function. 1ºd - Establish and monitor a mechanism that allows employees to report irregularities. |
Note: Numerical references at columns A and B are sections that belong to
the 18th Additional regulation included at the Securities Market Act (former
and new, respectively).
In Column C, numbers correspond to sections within the 18th article at
MAPFRE’s Good Governance Code.
Print table
Among the Audit Committee’s new authorities, the regulation clearly establishes that the Audit Committee must MONITOR:
It should be noted that the new regulation replaces the word “Know” with “Monitor”, considerably increasing the Audit Committee’s responsibility as regards matters relating to:
As regards this new monitoring role which Act 12/2010 confers on the Audit Committee, both in the process of preparing and presenting the regulated financial information and in the process of monitoring the effectiveness of the internal control system, it is appropriate to mention the recommendations that the Working Party created by the Spanish Securities and Exchange Commission (CNMV) issued in June 2010, the main results of which were as follows:
The company shall draw up a report on the effectiveness of its internal control procedures, stressing any significant deficiencies identified and their implications and proposing the measures considered appropriate for their correction
For these recommendations to be normative in nature, the CNMV must submit a Circular containing the recommendations of the aforementioned Working Party. And for that, it must approve two laws which have in fact already been approved by the Spanish Parliament:
For its part, Royal Decree 239/2007, which modifies the Private Insurance Organisation and Supervision Code8, regulates in its Article 110 the internal control of insurance companies, establishing amongst other things the following aspects:
An insurance group operating internationally, like MAPFRE, therefore has the following obligations as regards Internal Control – obligations which fall to the Audit Committee, as this is the body entrusted with the supervision:
When the Solvency II Directive enters into force, the role of the Internal Audit as a supervisory body will increase considerably, as it will also supervise the Governance System and the Own Risk Solvency Assessment (ORSA)
In both cases, directly or indirectly, the internal control obligations of the holding company affect all the subsidiaries, which means that all the companies in the Group have to have high standards of internal control in order to adequately comply with internal control requirements.
Within the scope of supervision, the Internal Audit’s role will constitute a valuable help for both the Group’s top management and subsidiaries and the Audit Committee. When the Solvency II Directive enters into force, the role of the Internal Audit as a supervisory body will increase considerably, as that Directive lays down that, in addition to Internal Control, the Internal Audit will also supervise the Governance System and the Own Risk Solvency Assessment (ORSA), which is no less than an internal assessment of the Risk Management System.
(1) Boletín Oficial del Estado de España.
(2) Ley de Auditoría de Cuentas.
(3) Ley del Mercado de Valores.
(4) Ley de Sociedades Anónimas.
(5) For the purposes of this Act, public interest entities shall mean entities (and the groups of companies in which they are integrated) which issue securities admitted to trading in official secondary securities markets, credit institutions and insurance undertakings subject to the system of supervision and control attributed to the Bank of Spain, the Spanish Securities and Exchange Commission, the Spanish Insurance and Pensions Supervisory Authority, and also to the autonomous bodies with powers to organise and supervise insurance entities. Entities (and the groups of companies in which they are integrated) which are established in due form in view of their significant public importance due to the nature of their activity, their size or their number of employees, shall also be deemed to be public interest entities.
(6) Entities or persons in which the circumstances provided for in this or other laws come together and lead to the auditor or audit firm being deemed not to enjoy sufficient independence in the performance of their duties with respect to an audited entity.
(7) Comisión Nacional del Mercado de Valores.
(8) Reglamento de Ordenación y Supervisión de los Seguros Privados.
(9) Dirección General de Seguros y Fondos de Pensiones (DGSFP).