Corporate governance, risk management and regulatory compliance

Corporate governance

Good corporate governance is realized at Abengoa through the implementation of a set of sound practices which govern the relationships between the company’s range of governing bodies and company stakeholders. These practices are grounded in transparency and rigor in management.

A core aspect of Abengoa’s corporate governance is fighting corruption, which is supported through internal prevention mechanisms and specific actions aimed at detecting corruption.

With the aim of reporting to stakeholders on the company’s performance in the realm of corporate governance, Abengoa publishes a Corporate Governance Report which, since 2009, is verified by an independent third party.

Governing bodies

Thw Board of Directors is the body that regulates Abengoa’s governance. In keeping with good governance practices, the board requires specialized committees to be able to carry out its work efficiently. Abengoa’s Board of Directors is therefore assisted by the Audit Committee, the Appointments and Remuneration Committee and the Strategy and Technology Committee, with the latter having been created in 2014. The three committees are made up exclusively of directors and receive assistance from a non-director secretary. The committees are also supported by the International Advisory Board when addressing matters that require more detailed or specific knowledge.

Board of Directors

Abengoa’s Board of Directors is composed of sixteen directors who were designated and approved by the Chairman’s Office: thirteen men and three women. Seven members are proprietary directors, five are independent and four are internal directors. None of them is a board member of any other listed company. In 2014, a new independent director,was appointed, Ricardo Haussmann, who has ample experience in numerous public positions of relevance and is a professor at Harvard University ².

The duties of the Board include determining the company’s financial objectives and ensuring their viability and competitiveness. The Board met 18 times, in 2014 to address the most significant operational matters and situations requiring responses from management. Due to the stock market crisis in mid-November, which led to a substantial drop in share value, the Board of Directors began to meet weekly to monitor events more closely. These weekly meetings were maintained over the course of one month and regular monthly meetings were resumed afterwards.

The Board also reviews the tasks assigned to the different committees and commissions that report to the Board. In this regard the Board of Directors is responsible for approving, among other aspects, general company policies and strategies, and, in particular, the company’s strategic or business plan, in addition to management objectives, investment and financing policy, corporate social responsibility policy and risk management and control policy.

Abengoa has a non-executive general secretary who, with support from other directors, is in charge of social, economic and environmental affairs. Like the other directors, the secretary meets periodically with the Chairman’s Office through the different committees to review and analyze all issues pertaining to social, economic and environmental matters.

The Rules of Procedure of the Board of Directors dictate that the principal of equal treatment be applied in dealings with shareholders. Accordingly, suitable mechanisms must be created to hear shareholder proposals related to company management, informative meetings held on company progress and the necessary channels implemented to exchange information with shareholder groups. The company thus created a shareholder portal, accessible through its website, whereby shareholders may submit their enquiries.

Given that the chairman of the Board of Directors is also the chief executive officer, the internal rules of the Board authorize one of the independent directors to coordinate the concerns of external directors, request a meeting of the Board of Directors or include new business on the meeting agenda and direct the process of evaluating the chairman. Additionally, in 2010 the Board of Directors agreed upon the designation of a chief executive officer to share executive duties with the company chairman. The existence of four executive directors within an ample majority of independent or external directors ensures effective control of the decisions made by the chief executive officer, thus preventing a concentration of power, facilitating decision-making and optimizing the functioning of the company’s governance.

---

Note 2: In its meeting held on January 19, 2015, Abengoa’s Board of Directors named chief executive officer Manuel Sánchez Ortega as first vice-chairman (replacing José B. Terceiro), and appointed independent director Antonio Fornieles Melero to act as lead director, second vice-chairman and member of the Audit Committee and of the Appointments and Remuneration Committee.

 

Appointments and Remuneration Committee

The Appointments and Remuneration Committee was set up by Abengoa’s Board of Directors in 2003 under the Rules of Procedure of the Board of Directors for the purpose of incorporating the recommendations contained in the Spanish Financial System Reform Act.

This committee has the principal duty of advising and reporting to the Board of Directors on appointments, reelections, terminations and remuneration of the Board and its officers, and on general policy regarding compensation and incentives for board members and senior management, which is also approved at the General Shareholders’ Meeting. External consultants have not been involved in determining remuneration policy.

The committee also verifies on an annual basis that the different board members continue to meet the requirements to remain as such, including the category and nature of their directorship. It is in charge of selecting profiles that best represent the needs of different stakeholders from among experts of renowned national or international prestige in different fields. The selection procedure is based on merit and is intended to fill new vacancies with individuals whose professional profiles are not linked to personal interests. It also acts to ensure that in filling any vacancies that may arise selection procedures are not affected by matters of gender, religion, race, etc. Other tasks of this committee include assessing the performance of the Board of Directors and of its executive officers by examining and organizing the replacement of the chairman and the chief executive officer, communicating appointments and terminations of members of senior management, which the chief executive officer proposes to the Board, and providing information on matters of gender diversity.

The Appointments and Remuneration Committee is composed exclusively of non-executive independent directors, which lends greater objectivity when carrying out its duties.

The relationship between the chairman’s annual salary (including his variable pay) and the average salary for all other employees, including all regions and contract types, stood at 126³ to 1. However, while the General Manager’s remuneration remained unchanged in 2014, the average salary of the other employees rose 14 %.

 

Audit Committee

Abengoa’s Audit Committee was established by Abengoa’s Board of Directors in 2002 under the company bylaws with the aim of incorporating the provisions on audit committees contained in the Spanish Financial System Reform Act. Acting as an independent body, the Audit Committee ensures that group companies act responsibly to ensure ethical conduct.

The committee also oversees and resolves conflicts of interest. As established under the Internal Rules of the Board of Directors, the committee chairman has the obligation to inform the Board beforehand on situations involving potential conflict and to abstain until the committee has been resolved. The functions and duties established under the rules can be summarized as follows: to report to the Board on the company’s annual accounts; to communicate changes in accounting criteria; to oversee the internal auditing functions; to call meetings of the Board; to have an understanding of the financial reporting process and internal control system; and to interact with auditors in determining issues which may put their independence at risk. The committee is also in charge of preparing and executing the risk control system on the basis of internal auditing and risk management functions. The latter is tasked with analyzing risks of any kind involving the company’s projects and businesses, which are in turn overseen by the internal auditing division.

---

Note 3: The salary base used in the calculation encompasses the salaries paid in 2014 across all regions and for all kinds of employee and contract.

The committee is composed of independent non-executive directors, in compliance with the requirements established under standards of good governance, thereby lending the committee greater objectivity in carrying out its duties. The committee meets four times a year and is assisted by the secretary to the Board of Directors.

Strategy and Technology Committee

Created in 2014, the Strategy and Technology Committee addresses the Board’s need for a committee specialized in technology, given that technology is one of the most important underpinnings of Abengoa’s business model.

The committee is made up of directors that specialize in different areas of Abengoa’s business.

International Advisory Board

In 2010, Abengoa created the International Advisory Board (IAB), a non-regulated voluntary body, set up to provide expert technical advice to the Board of Directors on any matters requested by the latter. The mission of the International Advisory Board is to support the Board of Directors by collaborating and offering its knowledge, and to address any consultations made by the Board. It may also put any proposals before the Board it deems pertinent based on its experience and analysis.

The IAB is made up of 11 experts of renowned international prestige in a variety of fields and who hold their office for a maximum two-year term. Members are elected by the Board of Directors, which has the power to reelect them.

Joining the IAB in 2014 with extensive international experience in a variety of institutional and business fields was Noemí Sanín Posada. Also worth noting is that in 2014 Álvaro Fernández Villaverde y Silva, a member of the IAB, became a member of the Independent Panel of Experts on Sustainable Development (IPESD)⁴ with the aim of reinforcing the interconnection existing among Abengoa’s range of advisory and governance bodies. He is also able to provide the members of the IPESD with a clearer vision of Abengoa’s activities and way of doing business, while to the IAB he lends greater visibility to the relevant environmental, social or ethical issues identified through the work conducted by the IPESD.

Resumes for all members of Abengoa’s governing bodies are available for consultation on the corporate website.

---

Note 4: Further information can be found in the chapter titled “About this report”».

Transparency and anti-corruption

The values governing corporate culture are honesty, integrity, good judgment and professional rigor and these are deemed essential to the company’s reputation and success. Accordingly, transparency and sound professional judgment are essential to each of the company’s activities.

Practices for preventing corruption

Abengoa has mechanisms and procedures in place to prevent and detect fraudulent and corrupt practices. These mechanisms have been incorporated into the common management systems and are updated continually to ensure a balance between the best business opportunities and appropriate risk management.

All company employees periodically receive information and training in the procedures to follow and channels available for reporting any irregular activities in this regard.

Abengoa has a variety of instruments for preventing corruption. Adherence to national and international laws and the Code of Conduct lays the foundations from a preventive standpoint, whereas the Whistleblower Channel and other detection mechanisms, such as audits, enable the company to pinpoint any potentially fraudulent activities.

Anti-corruption law

Abengoa adheres to local and international law pertaining to anti-corruption, particularly the provisions of the US Foreign Corrupt Practices Act (FCPA). This act applies to all companies that operate in the U.S., regardless of their country of origin, and supplements the internal control requirements established under Section 404 of the Sarbanes-Oxley Act.

The FCPA prohibits bribes and payments to foreign government officials intended to influence any act or decision resulting in undue advantage, not only in the U.S., but throughout the world.

Abengoa’s common management systems are devised to ensure and watch over compliance by all company employees, executives and directors of the provisions of any legal regulations involving anti-corruption that are applicable to Abengoa, including the FCPA. In addition, the Social Responsibility Code (SRC), which all company suppliers are required to adhere, contains clauses which expressly prohibit any type of corrupt practice that benefits Abengoa.

The Internal Auditing Department also has resources for monitoring compliance with the Act through the Fraud Prevention and Detection Unit⁵.

In 2015, the company expects to be able to implement an internal control system in smaller group companies, increasing the frequency of visits and providing support to ensure homogenous control throughout the group.

Code of Conduct

Abengoa has a code of professional conduct that defines working relations for employees, senior managers and directors within the company in 16 areas, as well as stakeholder relations. The general aim of the code is to increase transparency and professional rigor by establishing standards of conduct expected from all Abengoa employees. The code is available through the intranet and on the corporate website. It is therefore accessible to all employees, senior managers, directors and related parties in the company’s working languages: English, Spanish and Portugueses.

---

Note 5: More information can be found in the «Audits for preventing and detecting fraudulent activity» section of this chapter.

Abengoa considers the Code of Conducta key component of corporate culture. With the aim of raising awareness of the code, and of how the whistleblower channels in place within the company work, specific trainingprograms were designed and given to all employees in 2014.

The Code of Conduct is continually updated and, accordingly, modifications are made to adapt content to the new reality of the company and the communities in which it operates. The last review, which took place in 2014, adapted the code to reflect the separation of duties of the Compliance Unit and the General Secretary’s Office. In order to ensure knowledge of and compliance with all aspects of the code, changes are communicated immediately throughout the organization.

Whistleblower channels

The whistleblower channels are an essential part of Abengoa’s commitment to anti-corruption and constitute the mechanism through which all company stakeholders may anonymously report any irregular conduct they may detect when carrying out their professional duties.

In effect since 2007, Abengoa’s whistleblower channels were devised pursuant to the specific requirements of the Sarbanes-Oxley Act and consist of two types:

• Internal: available to all employees for them to report any complaints or claims concerning financial statements or other reports, accounting matters, internal controls over the financial information reported, auditing matters or breaches of the Abengoa Code of Conduct.
• External: intended to enable anyone outside the company to report irregularities, fraudulent acts or conduct that contravenes the Abengoa Code of Conduct. This channel is available on the Abengoa website.

In accordance with the policy on channeling claims and complaints, which defines the procedure for handling all information received, there is a specific guarantee of the utmost confidentiality of whistleblowers and the system allows information to be submitted anonymously without any risk of reprisal for any claim made in good faith. The policy dictates that the response protocol must be initiated within 48 hours from the time the claim is made.

In addition to the whistleblower channels, any infraction may be reported directly to the compliance officer, and to supervisors, directors and duly authorized personnel.

Due to Abengoa’s ever-growing international presence, claims and complaints received come from all geographical locations of company operation.

The geographical distribution of claims submitted is as follows

Audits for preventing and detecting fraudulent activities

In 2012, Abengoa created the Fraud Prevention and Detection Unit tasked with identifying and mitigating the main fraud-related risks to which the company is exposed and investigating any claims received through the available channels. Thus, the tasks associated with the preventive audits are conducted according to a plan of action which includes geographical regions and business segments that are most susceptible to fraud, as well as a review of those areas entailing greater risk in the financial statementss.

As of year-end 2014, the unit had 16 members, in comparison to 8 in 2013. Thirteen of these members have previous experience in financial auditing at some of the leading firms from the sector.

In 2014, the fraud prevention auditing plan included 143 actions, 93 more than in 2013. In carrying out these actions, 31 significant corruption-related risks were detected and analyzed accordingly.

In addition, over the course of the year various pilot tests were conducted using the Business Intelligence tool, increasing automatic detection control mechanisms and big data analytical capacities⁶.

Additionally, with the aim of bolstering its anti-fraud efforts, Abengoa joined the ACFE Corporate Alliance Association of Certified Fraud Examiners) on November 1, 2014. The association helps companies by providing tools and specific training aimed at halting fraud and corruption, and also provides resources for obtaining CFE (Certified Fraud Examiner) accreditation for internal auditors involved in the detection of fraud and non-compliance.

Throughout the year, the effective implementation of COSO II enhanced internal documentation in various areas where informal mechanisms were already in place. In particular, a greater effort was made to document the company’s general control environment.

In relation to prevention of financial risks, fraudulent activities and money-laundering, Abengoa’s policy on investments made in tax havens is based strictly on justified business and economic criteria that are entirely distanced from other motivations, such as obtaining tax benefits or tax exemption. Among the countries considered to be tax havens by Spain’s National Tax Agency (AEAT by its Spanish acronym), Abengoa operates in Oman only, where the company is building a desalination plant. It should likewise be noted that Abengoa conducts over 70% of its business in Organization for Economic Cooperation and Development (OECD) countries.

Additionally, Abengoa conducts activities in other geographical areas which, though not included on the list of tax havens by Spain’s AEAT, are nevertheless considered by international observatories and organizations as territories whose tax system is more advantageous than the Spanish regime. The company has subsidiaries in Delaware (U.S.), Holland, Luxembourg, Uruguay, Singapore, Hong Kong, Switzerland and Panama. All of them are grounded in strictly economic or business rationale or simplification of commercial and administrative processes, and under no circumstances are motivated by tax evasion, money-laundering or financing of illicit activities.

---

Note 6 Big data: large-scale analysis of massive data sets.

Risk management

For Abengoa, risk management is key to creating value and improving the company’s competitiveness, and risk management is therefore wholly integrated into the business. Risk management begins with the identification and parameterization of any project prior to its commencement, establishing its tolerance to risk and the likelihood of occurrence. When moving forward with a project, the risk function defines the most appropriate mitigation measures for each type of risk.

The Global Risk Management System enables the company to control and determine risks and is intended to create a common risk culture to help facilitate the fulfillment of objectives in this area and to allow it to act and adapt accordingly.

Conducting project-related risk analysis means coordinating efforts with the group companies in question, specifically with their bidding, commercial and technical departments and management teams, which analyze and undertake the different projects and associated procurement for the companies. It also requires special communication between the Risk, Finance, Internal Auditing and Legal Advisory departments. Although there are no periodic committee meetings planned among these departments, in practice meetings are held frequently to manage the regular course of business in a coordinated fashion.

In 2014, the following main innovations were implemented in relation to risk management policies:

• Classification of countries where the company operates according to the risk they pose in terms of environment/security, political risk, sovereign rating, transparency index and natural risks. For each country, the measures to be applied have been defined according to their rating, and these must be implemented in order to do business in the countries.
• Implementation of a risk analysis methodology with respect to climate change so that all activities may be evaluated and treated accordingly so as to support the sustainability of the business in accordance with corporate policy.
• Reinforcement of analysis and control measures in order to prevent the undertaking of tasks and businesses which may violate international standards and prove detrimental to the interests of Abengoa and its stakeholders.

The Universal Risk Model (URM)

The Universal Risk Model (URM) is employed to gauge risk level according to risk probability and impact in all categories (strategic, financial, legal and operational risks). It provides online risk maps through automatic real-time connection to the company’s information.

Risk measurement is carried out in each of Abengoa’s business units by company and by relevant geographic region and is reviewed every six months. This allows for action plans to be drawn up for those risks that exceed the threshold defined as being tolerable in each case.

The URM is being adapted so that the model, apart from providing the risk map information, will aid in obtaining and monitoring the indicators that each business unit deems significant in daily business management, thus increasing system efficiency.

Risk mitigation

The company applies the controls needed to maintain the different identified risks within the established limits, determining the strategy to be followed for each one of them. The risk mitigation systems are applied at different levels:

• Business-level:each and every procedure (legal, financial, procurement, quality, corporate social responsibility) contains measures for mitigating inherent risks, and application of such measures is obligatory.
• Project-level: each company projects is preceded by risk analysis and quantification which extends to all project phases (development, construction and operation). No project is undertaken without conducting this risk analysis, thus verifying that all potential risks have been taken into account and approval received from those in charge at all decision-making levels.
• Strategic-level: measuring risks through the URM requires and allows for the definition of action plans aimed at maintaining risks at the level of tolerance established for each of them.

It should be pointed out that Abengoa has a unified and common system for compiling lessons learned, which enables feedback from the risk management system and the application of measures for new projects or businesses according to past experience.

Committees on risk management

Holding regular periodic committee meetings ensures that Abengoa’s senior management has accurate knowledge of the main risks affecting the company as a whole and, in particular, each of its projects and lines of business. This helps ensure that strategic decisionsare undertaken with maximum assurance of success.

Compliance

In 2013, Abengoa set up the Corporate Compliance Program (CCP) with the aim of preventing, detecting, and sanctioning any conduct that may result in company or employee liability. This comprises the self-regulatory programs voluntarily put in place by the company to adapt to legal requirements, to further illustrate its hallmark commitment to ethical conduct, and to prevent and detect unlawful conduct.

The Corporate Compliance Program reports directly to the Compliance Officer, who reports on a monthly basis to the Board of Directors regarding relevant issues in this area. The Corporate Compliance Officer also attends fiscal, consolidation, strategic development and corporate social responsibility committee meetings, which are held monthly.

This provides the CCP with information from all areas of the company so that it can report periodically to the Board of Directors.

Geographical and functional scope

The program defines the main actions involving detection, prevention, surveillance and control to be carried out by the Internal Compliance Unit, which is headed by the Compliance Officer, and by the control processes implemented by Abengoa to prevent and control the occurrence of unlawful conduct.

The program applies to all companies controlled by Abengoa, in all countries of company operation and to any company activity. It also applies to company employees and third parties acting directly and expressly on behalf of Abengoa or its directors. All of these must uphold the laws undertaken voluntarily or obligatorily by the company when infringement could result in economic or administrative sanction, or criminal or civil liability or otherwise tarnish the company’s reputation. The scope of the program is slated to be extended in the future to include suppliers, collaborators and other stakeholders.

The CCP is based on the model proposed by the Open Compliance and Ethics Group (OCEG),as a means of attaining excellence in managing key processes involved in corporate governance, risk management and compliance. The model is based on six pillars:

• Leadership.
• Risks.
• Procedures.
• Training.
• Disciplinary procedure.
• Monitoring and improvement.

Instruments available to the program

The CCP is carried out using prevention and control instruments, as well as the disciplinary measures the program has in place.

The company’s key prevention instruments care the Risk Map, the Code of Conduct and training. Through these mechanisms, Abengoa analyzes corporate risks potentially posed by company activity and defines the norms and principles of ethics governing the conduct of all company agents, expressly forbidding any conduct that may be considered criminal. They are considered prevention instruments because their purpose is to ensure that all individuals lying within their scope assume and accept the values defined in it, while establishing a culture of respect for the law.

The control instruments are intended to provide continuous oversight of compliance with established regulations in order to forestall the occurrence of law-breaking or any other illicit conduct within the company and to evaluate the existence of new risks. Among the instruments devised to exercise control is the appointment of the Compliance Officer and the existence of the Whistleblower Channel, whereby company workers may report unlawful conduct anonymously.

Disciplinary measures are intended to ensure compliance with the norms of conduct established by Abengoa. A regime of internal sanctions has therefore been implemented and extends to all members of the company, including both officers and employees.

Compliance Unit Resources

The Compliance Unit and Compliance Program centralize their activity through the Compliance Officer, who has access to all the information sources needed to perform his or her duties.

The Compliance Officer is required to have full knowledge of any legal regulations that may apply to Abengoa, in addition to promoting upstanding conduct by all company employees by disclosing necessary legal information among those to whom regulations may apply.

Activities carried out under the program framework

In 2014, the first year of operation of the Corporate Compliance Program (CCP), Abengoa implemented the associated Norm of Obligatory Compliance and control processes. The company also provided training to a number of employee groups and developed and implemented four specific programs aimed at segmenting the activities carried out under the CCP framework. These programs are the following:

• Program of Compliance in Matters Concerning Competition..
• Program of Compliance in Matters Concerning Data Protection..
• Program of Compliance in Matters Concerning Corruption..
• Program of Compliance in Legal Matters..

These 4 programs start by establishing forbidden or recommended conduct for each regulatory block. Using presentation of cases, the programs seek to create a corporate culture based on the strictest adherence to legal regulations