Corporate Governance and Internal Audit

A good Corporate Governance level ensures that the organization’s objectives are reaches with transparency towards shareholders, efficiency in operations, an internal control culture and, in general, an appropriate operation of Governance bodies and of the Board of Directors.

A good Corporate Governance level provides the following to the organization:

  • Trust, transparency and value for shareholders.
  • An increase in its operations’ efficiency.
  • An appropriate regulatory compliance.
  • An appropriate internal control culture conveyed to the employees’ activities.
  • An adequate segregation of duties and responsibilities.
  • Finally, a correct operation of governance bodies and of the Board of Directors.

In order to achieve the above, organizations must follow Corporate Governance best practices, and count with the appropriate risk management plans, efficient and effective internal control systems, and as far as possible an internal audit function (in-house or outsourced) transversal to the organization. The mission, values, code of ethics, together with the strategy and other internal policies must be conveyed at every level of the organization.


Good Corporate Governance

  • Improvement of Good Governance bodies and elaboration of Bylaws, Manuals and Procedures.
  • Advice and review of the Corporate Governance Annual Report.
  • Compliance with Good Governance Codes and third parties’ reporting systems.
  • Corporate Social Responsibility (ISO 26000).
  • Ethics and integrity programmes, and development of codes of conduct.
  • Implementation of good governance practices of Information Systems COBIT, ITIL, ISO 27000, etc. 
  • Whistleblowing Channel ( 

Audit and Internal control

  • Elaboration of Bylaws, Regulations and Audit and Internal Control procedures.
  • Design and implementation of internal procedures. Audit of internal controls.
  • Advice in Risks Management and Self-assessment models ( 
  • Internal Audit outsourcing services. Co-sourcing.
  • Audit of outsourced services and contractual clauses.
  • Analysis of computer-assisted audit data and tools (CAATs): ACL, IDEA. 
  • Asset control and management.
  • Customized internal audit and internal control training.

Internal Control in Regulated Entities

  • Internal control on financial information in listed entities (SCIIF). CNMV regulations. 
  • Internal control of collective investment institutions and investment companies’ managing entities (SGIIC).
  • Internal control audit for service providers (report ISAE 3402 / SAS 70). 
  • Solvency II, Basil III, and different sectoral regulations.
  • Compliance with the Sarbanes-Oxley Act (SOX), JSOX and LSF.
  • Advice in the implementation of the Markets in Financial Instruments Directive (MiFID).