Risk Management

Risks are inherent to existence. Risk management begins by identifying the risks the company faces, understanding and analysing them, and devoting the necessary resources to minimise them, in their different aspects.

As an organization with objectives, it is our duty to manage uncertainties, adapt, minimise threats and maximize opportunities.

Corporate Governance

Improvements in good governance in listed or private organizations are included, as well as the drafting of bylaws, management procedures and governance manuals, development and implementation of Corporate Social Liability, assistance in complying with Good Governance Codes, and the information systems to third parties, advice and review of the Annual Corporate Governance Report (IAGC), drafting of codes of conduct, ethics and integrity, and the implementation of an ethical channel of complaints.

Prevention of crime in organizations and Compliance on the prevention of money laundering and terrorism

Identification of the risk map in relation to the potential activities the different members of the organizations may carry out illegally, holding the administration of the company criminally responsible, in addition to compromising its reputational image.

Business Continuity

Identification of the risks that threaten the organization and establishment of viability plans in each situation.

Control of financial services and supervised entities

Internal control of:

  • Management companies for collective investment institutions and investment companies (SGIIC). Regulations require these SGIIC entities registered at the CNMV to carry out an internal audit of the processes, compliance with the information to be provided to the supervisory body, as well as to determine the risks and the appropriate coverage in each case, keeping contact with the administrators of the financial entities.
  • On Financial Information in listed companies (SCIIF)
  • Compliance with the Sarbanes-Oxley Act
  • Solvency II in insurance entities

Data Protection

The development and implementation of the Security Document and the communication to the Data Protection Agency of the appropriate files, specific internal training according to the company’s characteristics, coordination with the Data Protection Officer, or the outsourcing of the service to Audalia Nexia.

Internal audit and internal control processes

Outsourcing of internal audit, audit of promotions in the distribution market, design and implementation and review of internal processes, data analysis and systems to help computerised auditing environments, CAATs – such as IDEA, drafting of bylaws, regulations and audit and internal control procedures, and audit of the said internal control.

The attention to corporate governance, risk analysis in organizations and regulatory compliance is a multidisciplinary task that brings together expert professionals in business law, process consultancy, external and financial auditing, experts in internal control, assisted by specialised technicians in finance, insurance, environment, engineering or health.

At Audalia Nexia we use the international models and standards that have been developed by ERM (Enterprise Risk Management) to provide solutions to Risk Management in different aspects, offering a methodology of processes and efficient implementation, with the complements and relatively frequent modifications in this discipline.



Responsible for the treatment: AUDALIA NEXIA + info
Purpose: Receive commercial communications by electronic means of legal publications, comments and legal analysis  + info
Legitimacy: The consent granted by checking the box indicated on this form  + info
Recipients: The data processors will be the recipients of the data  + info
Rights: Access, rectification, deletion and other rights detailed in the additional information  + info
Additional information: You can consult the additional and detailed information on data protection here