10. Control and Risk Committee

As noted in Section 6 of this report, the board has set up a control and risk committee.

Composition and duties of the control and risk committee (Article 123-bis.2.d) of TUF)

The control and risk committee meets whenever the chairperson deems it necessary and in order to carry out its mandate, as there is no calendar for the year. It is coordinated by its chairperson.

It also meets when a committee member, the chairperson of the Board of Statutory Auditors or the internal control supervisor makes a documented request to the chairperson.

The control and risk committee met 21 times during the year and each meeting lasted an average of approximately two hours and thirty minutes.

The control and risk committee held 6 meetings in 2015.

Please see the Table provided in Section 4.2 for information on the percentage of meetings attended by each member of the control and risk committee during the year.

***

The control and risk committee is currently composed of the following independent directors:

Control and Risk Committee 

The Board, considering the personal and professional characteristics of the members of the control and risk committee, has concluded that the committee is composed entirely of independent directors who have suitable financial or remuneration policy knowledge and experience.

On September 21, 2012, the control and risk committee approved rules for its working which establish that its proceedings are coordinated by the chairperson and that the chairperson of the Board of Statutory Auditors or another statutory auditor designated by him participate. All the members of the Board of Statutory Auditors have standing invitations to attend meetings, as does the chief internal auditor. Depending on the items on the agenda, the CEO, other directors, managers of the Issuer, external consultants and representatives of the independent auditors may also be invited to attend; Moreover, the other directors may always be present at the meetings.

The control and risk committee meetings have always been attended by the chairperson of the Board of Statutory Auditors or another statutory auditor designated by him (and the other statutory auditors were also free to attend).

The chief internal auditor participated in 17 of this committee’s meetings. Upon invitation and to make its working more efficient, the committee invited the chairperson of Salini Impregilo, the CEO, the designated accounting officer, the relevant internal functions, the integrity board, external consultants and the representatives of the independent auditors to attend certain meetings.

Duties of the Control and Risk Committee

As resolved by the Board of Directors on July 18, 2012, as regards criteria 7.C.1 and 7.C.2 of the Code, the control and risk committee has the following duties:

• providing the Board of Directors with opinions on:
• the guidelines for the internal control and risk management system, so that the main risks affecting Salini Impregilo and its subsidiaries are correctly identified, properly measured, managed and monitored, defining the degree of compatibility of these risks with company management and its strategic objectives;
• assessment at least once a year of the adequacy of the internal control and risk management system considering the company’s characteristics and risk profile and their efficiency;
• approval at least once a year of the audit plan prepared by the chief internal auditor;
• review of the main audit reports and their implementation;
• description of the main characteristics of the internal control and risk management system in the corporate governance report, expressing its assessment of their adequacy;
• assessment of the findings presented by the auditor engaged to carry out the legally-required audit in its management letter (if prepared) and in the audit report;
• appointment and removal from office of the chief internal auditor;
• Reporting to the Board of Directors on the suitability of the resources of the internal audit unit for carrying out their duties;
• definition of remuneration of the chief internal auditor in line with internal policies;
• assessment with the manager in charge of financial reporting, and after consulting the auditor engaged to carry out the legally-required audit and the Board of Statutory Auditors, of the correct application of the accounting policies, and in the case of a group, their consistency for the preparation of the consolidated financial statements;
• expression of opinions on specific aspects related to the identification of key business risks;
• review of the periodic reports on the internal control and risk management system, especially those prepared by the internal audit unit;
• monitor the independence, adequacy, effectiveness and efficiency of the internal audit unit;
• it may ask the internal audit unit to carry out checks of specific operating areas and it reports thereon to the chairperson of the Board of Statutory Auditors;
• reporting to the Board of Directors at least twice a year, during the meetings held to approve the annual and interim reports, on its activities and the adequacy of the internal control and risk management system.
• performance of the other duties assigned to it by the board.

During the year, the control and risk committee reviewed and assessed the work plan and reports prepared by the chief internal auditor, and the reports drawn up by the integrity board as per Legislative Decree no. 231/2001; it expressed, in agreement with the Board of

Statutory Auditors, a favorable opinion, together with the manager in charge of financial reporting and the representatives of the independent auditors, on the correct application of the accounting policies and their consistency during preparation of the consolidated financial statements, reporting thereon to the Board of Directors. During approval of the draft annual financial statements and the interim financial report, the committee informed the Board of Directors about its activities and the adequacy of the internal control and risk management system taking into account the characteristics of the company and its risk profile, as well as its effectiveness. This opinion was shared by the Board of Statutory Auditors. Furthermore, the committee found the organizational, administrative and accounting structure of the Issuer and its strategically significant subsidiaries Impregilo International Infrastructures N.V. and Fisia Italimpianti S.p.A. to be adequate. It approved the revisions of the Organization, Management and Control model required by Article 6 of Legislative Decree no. 231/01. It ascertained that the members of the integrity board met the subjective requirements of the Organization, Management and Control Model and, therefore, that the entire body met these requirements. It examined the draft interim financial report at June 30, 2014, and the draft interim financial report at March 31, and September 30, 2014; it met certain company functions.

***

Minutes of the committee meetings are drawn up regularly.

In the performance of their duties, the control and risk committee has the right to access the necessary company’s information and functions, for the performance of their duties. To gain further insight on the interpretation and application profiles of the new accounting principles, the committee organized a focus meeting with an expert in the field. This meeting was held on December 17, 2014, and was also attended by other directors and statutory auditors.

On May 11, 2011, the Board of Directors resolved to give the internal control committee an annual budget of €50,000 to cover the costs of any necessary consultancy or other services required to carry out its duties, which can be increased to €100,000 with the documented request by the committee chairperson and approval by the Board of Directors’ chairperson. The prior authorization of outlays is not necessary although the committee is required to document its expenses. It may also avail of internal information and functions.