In order to fulfill its core function of providing support to the Board of Directors, the main activities dealt with and analyzed by the Audit Committee can be categorized into four different areas of competence:
The Group’s financial information essentially consists of the consolidated financial statements, drawn up quarterly, and the full consolidated annual accounts, drawn up on an annual basis.
This information is prepared on the basis of the data that all group companies are required to report.
The information sent in by each of the individual companies is verified by both the group’s internal auditors as well as its external auditors, the aim being to ensure that the information is true and provides a fair view of the company.
Although over recent years Abengoa has striven to reduce the timeframes for reporting the group’s financial information, we are continuing to develop new tools and information systems to cater to the constant updates and changes in the reporting obligations imposed on listed companies.
2009 witnessed completion of an Accounting Manual, which contains the main policies and interpretations of international accounting standards (IFRS and US GAAP), as adopted by the company and applied to the numerous group subsidiaries.
The company has likewise managed to streamline the information reporting processes of subsidiary companies, thereby cutting the average timeframe for preparing and sending their financial information. This enables us to spend more time on verifying and validating the financial information included within the consolidated annual accounts.
One of the most important recurring activities of the Audit Committee is to verify the economic and financial information prepared by the Group prior to its submission to the Board of Directors of Abengoa and the Spanish securities and exchange commission (Comisión Nacional del Mercado de Valores, hereinafter CNMV).
Furthermore, in connection with this task of reviewing the financial statements and the processes followed in preparing them, the committee has been duly informed of all relevant changes in international accounting and financial reporting standards.
The duties and functions of the Audit Committee include “supervision of internal auditing services” and “awareness and understanding of the company’s financial information process, internal control systems and the corresponding risks to which the company is exposed”.
In order to supervise the sufficiency, adequacy and efficient functioning of the internal control systems and risk management, the Head of Corporate Internal Auditing systematically kept the Committee informed over 2009 of the following aspects in relation to its activities:
Over the course of 2009, the Audit Committee recorded and supervised a total of 590 missions performed by the Internal Audit Department (the Annual Audit Plan established a total of 570 for the year). The tasks not expressly envisaged in the plan mainly involved general audits of companies and projects that had not been included in the initial planning.
Throughout the year, the Audit Committee was kept regularly informed of the progress and conclusions regarding the completed internal auditing tasks. These essentially consisted of financial statement auditing tasks, SOX internal audit controls, Common Management System audits, audits of critical projects and works and audits of specific areas, among others.
As a consequence of these audit missions, 305 recommendations were issued, most of which were implemented at fiscal year-end.
A factor that had a decisive impact on the number of recommendations issued was the performance of internal control-compliance audits under PCAOB (Public Company Accounting Oversight Board) standards, pursuant to the requirements set forth in Section 404 of the Sarbanes-Oxley (SOX) Act.
The following table depicts the structure by business unit of the internal audits performed over 2009.
Among the duties of the Audit Committee is that of safeguarding the independence of the external auditor, proposing the appointment or renewal thereof to the Board of Directors, as well as approving fees.
The auditor of Abengoa, S.A.’s individual and consolidated annual accounts is the firm PricewaterhouseCoopers, which is also the group’s main auditor.
Nevertheless, Deloitte is the chosen auditor for a significant portion of the Group, essentially the Information Technologies (Telvent) Business Unit.
Towards the end of 2008, Abengoa’s Audit Committee resolved, in accordance with its Internal Regulations, to initiate a selection process to appoint the financial auditor of Abengoa S.A. and its consolidated group for financial year 2009, with the “Big Four” audit firms all taking part in the tender.
As a result of the process, and on account of the highly competitive offer put forward by PricewaterhouseCoopers, coupled with its extensive knowledge of Abengoa and its impressive credentials, which were highly valued by the Audit Committee, the latter proposed the appointment of PricewaterhouseCoopers to the Board of Directors, for subsequent approval by the General Shareholders’ Meeting.
The final award was approved in 2009 by the Board of Directors and General Shareholders’ Meeting of Abengoa, S.A. and likewise by the audit committees, governing bodies and general meetings of the corresponding group companies.
In addition, other firms had a role to play in the auditing process, particularly in small companies in Spain and abroad, although the scope of their work was not considered significant in relation to total group business.
The task of auditing SOX internal control mechanisms was also assigned to these same firms following the same criteria, as, in compliance with PCAOB regulations, the firm that issues an opinion on the financial statements must be the same firm that assesses the internal control involved in their preparation, given that they are a key factor in so-called integrated audits.
The policy of Abengoa is that all group companies be audited by external auditors, even when this is not required by law.
The following table displays the total amount of fees agreed upon with the external auditors for the 2009 audit, including the auditing of periodic information, the audit of the U.S. corporation under US GAAP criteria and the SOX audit and distribution:
As a result of the audit firm selection process described above, the company has managed to cut audit fees by over 27% in comparison to the fees paid in 2008.
When entrusting different financial audit work to any of the “Big Four” audit firms, the company operates a prior verification procedure, the aim being to unearth the existence of possible incompatibilities with the entrusted work pursuant to the U.S. SEC (Securities Exchange Commission) or the Spanish ICAC (Instituto de Contabilidad y Auditoría de Cuentas) regulations.
The following table illustrates the total fees paid to the “Big Four” for different financial audit work performed in 2009:
The Audit Committee is also responsible for monitoring the results of the work of the external auditors. Therefore, the committee is promptly informed of their conclusions and any incidents detected in the course of their work.
When required to do so, the external auditor attends Audit Committee meetings in order to report on the scope of its competencies, which basically encompass the following:
Although auditors must issue their opinion on the financial statements ending December 31 of each year, the work they carry out in each of the companies includes an audit of a previous accounting period close date, which usually corresponds to the third quarter of the year in question (September), the aim being to anticipate any significant transactions or matters that may have arisen before such date.
Since financial year 2008, and marking a voluntary move by the company, the half-yearly financial statements of Abengoa and its listed subsidiaries now include an interim audit report issued by the corresponding audit firm.
Furthermore, the quarterly financial statements are audited to enable the company to submit the information required by official bodies.
The consolidated financial statements for each of the five Business Units are likewise audited: Abeinsa, Befesa, Telvent GIT, Abengoa Bioenergy and Abengoa Solar.
An advanced approach to auditing practice involves a prior analysis of the company’s internal controls in order to reduce the subsequent need to perform substantive testing procedures in areas in which controls are already appropriate.
Although external auditors have already been following this approach, it has been further reinforced since 2007 following the implementation of SOX and the requirement for an internal control audit pursuant to PCAOB audit standards, which apply to listed companies in the United States (SEC registrants).
Specific PCAOB regulations require a series of additional auditing procedures. The SEC (Securities and Exchange Commission) delegates upon the PCAOB the task of creating and issuing the standards that external auditors must comply with when evaluating internal controls as part of an integrated audit.
In 2009, the external auditors performed an integrated audit following PCAOB standards and adapting their methodology to AS5 (Audit Standard Nº 5). As a result of this work, the external auditors also proceeded to issue a report detailing the conclusions of their appraisal of the internal control system. This opinion supplements the one issued in the audit report on the annual accounts, although the PCAOB allows both opinions to be included in one single document.
For certain specific or significant matters or transactions, a preview of the auditors’ opinion on the criteria adopted by the company is required so that a consensus can be reached.
One of the cornerstones of the company’s strategy is its unflinching commitment to transparency and rigor. To reflect and strengthen this undertaking, the company set itself an objective several years back to the effect that all the information that appears in the Annual Audit Report must have its corresponding external audit report.
Therefore, 2007 witnessed the first audit of the company’s Corporate Social Responsibility Report. In 2008, this was extended to the Greenhouse Gas Emissions Report and in 2009, the Corporate Governance Report underwent an external audit process.
The company is not content with a moderate assurance audit report pursuant to ISAE 3000 standards, but rather aims to continue migrating towards a type of reasonable assurance audit report, which represents the most stringent kind of assurance a company can hope for.
In 2009, the company commissioned no less than 6 reports from its external auditors, all of which form an integral part of the Annual Report:
In order to carry out the duties assigned to it, the Audit Committee has the following supervisory tools in place throughout the various hierarchical levels of the company:
The company’s management has implemented a Code of Professional Conduct rooted in the notions of honesty, integrity and the sound judgment of employees, managers and directors, as reflected in Abengoa’s Annual Corporate Governance Report, which details the company’s administrative structure, its Risk Control Systems, the extent to which good governance recommendations have been followed and the information systems in place. It likewise illustrates the management’s commitment to maintaining suitable internal control and risk management systems, good corporate governance and ethical conduct throughout the company and among all employees.
The Code of Conduct is available to all employees through Abengoa’s Intranet and is updated periodically.
Abengoa’s and the different Business Groups’ Welcome Manual makes express reference to the Code of Professional Conduct.
All departments, chiefly Human Resources and Internal Auditing, oversee compliance with the Code and notify the management of any improper conduct they may observe, which is then addressed accordingly.
Abengoa and its various Business Groups have integrated a mechanism (officially implemented since 2007 pursuant to SOX requirements), whereby interested parties may report to the Audit Committee possible irregular practices concerning accounting, auditing and internal control over financial reporting. A register is kept of all communications received in relation to the whistleblower, subject to the necessary guarantees of confidentiality, integrity and availability of the information. The internal audit team conducts an inquiry into each claim received in accordance with the following flow chart:
Over the course of 2009, the Audit Committee met on six occasions, with all members of the committee in attendance. Listed below are the different meetings and the main items included on the agendas:
Moreover, the following recurring matters were addressed at each of the aforementioned Audit Committee meetings:
Monitoring of the 2009 Internal Audit Plan
Information on related-party transactions
Compliance with Code of Conduct / Whistleblower Channel
The following persons attended the Committee meetings over 2009: