Abengoa is keenly aware of the importance of suitably managing risks in order to fulfill strategic planning and meet objectives, and understands the need for having a Risk Management System in place.

This system is global and dynamic in nourishing itself through constant feedback, and meets the following set of requirements:

• Risks must be managed at all company levels without exception.
• The system must be fully integrated in keeping with objectives and in line with operations undertaken to meet these objectives.
• Management supports, evaluates and monitors the system, and adheres to the guidelines set down regarding risk management.

Abengoa Code of Conduct

The honesty, integrity and sound judgment of Abengoa’s employees, directors and officers is essential to the company’s reputation and success. The Code of Conduct governs working relations within the company between Abengoa staff and relationships between Abengoa personnel and the company’s stakeholders. This code may be consulted through the company intranet, Connect@, available to all employees, and is also available on the corporate website. Any changes made to the code are duly communicated throughout the organization with no exceptions or delays.

Practices for preventing corruption

Anti-corruption act

In the fight against extortion, fraud and bribery, Abengoa, in addition to its own Code of Conduct, adheres to the provisions of the U.S. Foreign Corrupt Practices Act (FCPA), which regulates the actions of all international companies that conduct any type of activity in the USA.

The act makes it a crime for companies or any of their members to pay, promise, offer or authorize the payment of anything of value to a foreign official, foreign political party, officials of international public organizations, etc., for the purpose of obtaining any kind of improper advantage.

The company also has a specific communication channel in place that is available to employees and serves as an instrument for reporting any potential irregularity, non-compliance, or conduct in violation of the ethics, legality and norms governing the organization.

The U.S. Foreign Corrupt Practices Act (FCPA) complements the requirements established under Section 404 of the U.S. Sarbanes-Oxley (SOX) Act.

The U.S. Department of Justice is the body ultimately in charge of overseeing compliance with the anti-bribery act for national and foreign companies, with the Securities and Exchange Commission (SEC) being responsible for application to listed companies.

In 2011, 486 audit reports were conducted, which include, among other aspects, reviews and analyses of corruption-related risks in companies deemed material. The number of legal audits performed in companies categorized as material totaled 49. And the total number of companies categorized as being material in which the aforementioned audits were performed was 80. There were no reports over the course of the year of any incidents involving corruption. No incidents involving monopolistic practices or breaches of free competition occured in 2011.

Whistleblower channels

Together with the Audit Committee, Abengoa manages a whistleblower mechanism, which was implemented in 2007 in accordance with the requirements of the Sarbanes-Oxley Act.

The company currently has two whistleblower channels in place:

•  Internal: available to all employees via electronic mail or ordinary mail whereby they may report any irregularities in matters of accounting, auditing or breaches of the Abengoa Code of Conduct.
• External: enabling any third parties unrelated to the company to report irregularities, fraudulent acts or conduct that contravenes the Abengoa code of conduct via the corporate website (www.abengoa.com).

Claims may be submitted with the petition of assurance of whistleblower confidentiality, and may also be sent in anonymously.

Abengoa’s aim in creating these channels is to provide a specific means of communication with company management and governing bodies serving as an instrument for reporting any incident that potentially involves irregularity, non-compliance or conduct that runs contrary to the ethics, legality and norms governing the group.

Development of a SAP module for SOX

Implementation of Process Control got under way within the company in 2011. This provides a technological solution for automating the internal control model and monitoring fulfillment thereof, thus increasing security in company operations and cutting travel-related costs.

Internal control is a process intended to add value by enhancing an organization’s operational efficiency, regulatory compliance, financial information reliability, and protection of assets.

The benefits of implementing this tool are as follows:

• Automation of control mechanisms to speed up auditing, documentation and monitoring processes.
• Reduction in the level of user effort in maintaining the internal control model throughout the organization.
• Reduction in travel-related costs when carrying out internal control testing.
• Centralization of documentation processes and internal control management throughout the organization. 
• Because it is a global integrated solution, it enables control tests to be conducted across the company.