The Board of Directors of CONSTRUCCIONES EL CÓNDOR S.A., during session 193 of June 24, 2011, amended by the Board itself in sessions 201 of February 27, 2012, and 268 of October 31, 2016, approves the following Regulations: AUDIT AND RISK MANAGEMENT COMMITTEE REGULATIONS OF CONSTRUCCIONES EL CÓNDOR S.A. CHAPTER I GENERAL PROVISIONS ARTICLE 1. Purpose and Scope of the Regulations: The purpose of these Regulations is to determine the objective and nature of this Committee alongside its composition, scope and duties, and the basic rules of its organization. ARTICLE 2. Objective and Nature of the Committee: The Audit and Risk Management Committee is a body that supports the tasks of the Board of Directors. It was created to back the Board to determine the internal control and risk management model of the corporation and its follow-up, all for the decision-making process related to this subject and its improvement. The Committee establishes and verifies if the internal control and risk management procedures meet the needs, objectives, goals and strategies set forth by the corporation, and if said procedures are framed within the goals of the internal control and risk management model, such as: operation efficiency and effectiveness, financial information sufficiency and reliability, and safeguard of the corporation s interests and net worth. Another objective of the Auditor and Risk Management Committee is to secure the compliance with the laws and regulations applicable to the Corporation, and to oversee that the businesses develop properly, maintaining effective controls in terms of conflicts of interests and conditions of fraud or losses. PARAGRAPH ONE: The Committee does not substitute the duties of the Board of Directors or senior management in terms of supervising and executing the internal control system of the corporation. PARAGRAPH TWO: The members of the Committee, who in turn are members of the Board of Directors of the Corporation, shall be subject to the provisions contained in the Internal Regulation of the Board. CHAPTER II INTERNAL STRUCTURE AND DUTIES ARTICLE 3. Composition: The Audit and Risk Management Committee is comprised of every Independent member of the Board, as set forth in the regulations of the Board of Directors. The sessions of this Committee are attended with voice but no vote by the 1
Corporate and Executive Presidents of the corporation and by the Controllership and Finance Manager, or by the party responsible of the internal audit and Risk Management of the corporation; Committee members are elected for two (2) year periods. Committee sessions may be attended by guests of the Corporation, other external advisors in charge of specific tasks requested by the Committee, or those with the knowledge or responsibilities of particular issues addressed in the sessions, or deemed necessary to attend for the sound development of the meeting, and the external auditor. ARTICLE 4. Chairman of the Committee: Committee members shall elect their own chairman, who will lead the ordinary and special meetings. The duty of the chairman is to represent the Committee before the Board of Directors and to report the recommendations and decisions adopted within the Committee. ARTICLE 5. Secretary of the Committee: The Secretary of the Audit and Risk Management Committee shall be the Secretary General of the corporation or his/her replacement. The Secretary shall be in charge of the logistics necessary to summon the committee, revise and update commitments, and prepare the minutes of the sessions evidencing the subjects debated and the decisions made. ARTICLE 6. Duties: The following lists the primary duties of the Audit and Risk Management Committee: a) Support the Board of Directors to make decisions related to the internal control and Risk Management model; b) Provide on-going assessments of the procedures set forth to determine internal control and risk management sufficiency; c) Consider the financial statements of intermediate and year-end period before these are submitted to the Board of Directors and to the highest corporate body. In the event of any unfavorable opinions the Committee shall publish its opinion about the contents and scope, addressed to the shareholders and to the public stock market through the issuer s website; and to verify if Management keeps in mind the recommendations of the External Auditor and if necessary, to lead the process to respond to the observations included in its report; d) Oversee that the accounting criteria in force are steadily applied to prepare the financial statements which the Board of Directors presents to the Shareholders Meeting, and to prepare reliable internal information for decision-making procedures; e) Oversee the efficiency of the Corporation s compliance with regulations and LAFT; f) Oversee the transparency of the financial information prepared by the Corporation and its proper disclosure. This entails verifying the existence of necessary controls and 2
proper tools to check if the financial statements disclose the Corporation s condition and asset value; g) Establish the policies, criteria and practices used by the Corporation to build and disclose its financial information; h) Oversee and assess the internal control and risk management structure of the Corporation to establish if the procedures designed reasonably protect the Corporation s assets and if there are controls in place to check if the operations are properly authorized and registered; i) Regularly monitor and report to the Board of Directors the effective use of the Risk Policy of the Corporation to identify, manage and properly disclose the primary financial and non-financial risks, on and off the balance sheet; j) Oversee the duties and activities of internal audit to determine its Independence pertaining to the activities audited, and determine if the scope of the internal audit meets the needs of the Corporation; k) Propose to the Board of Directors the selection, appointment, remuneration, reelection and termination of the party responsible of conducting the internal audit; l) Analyze and approve the Annual Work Plan of internal audit, and the activity annual report; m) Ensure the independence and effectiveness of the internal audit duties, receive information regularly of its activities and verify that Senior Management keeps in mind the conclusions and recommendations of its reports; n) Evaluate the internal control reports prepared by Internal Audit and External Audit, checking that Management follows the suggestions and recommendations; o) Oversee the internal audit of the Corporation has enough training and resources to perform its duties; p) Revise the compliance with the actions and measures derived from the inspection reports made by the oversight and control authorities; q) Request the reports it deems convenient to conduct its duties properly; r) Prepare an opinion, in writing, of the possible operations the Corporation plans to conduct with economic associates, and verify if these operations are made in market conditions and do not hinder the equal treatment among shareholders; 3
s) Determine the mechanisms to consolidate the information of the issuer s control bodies, to be presented to the Board of Directors; t) Propose to the Board of Directors, and presented in turn to the General Shareholders Meeting, the candidates to appoint the External Auditor and the hiring conditions, and if necessary, the termination or not of said External Auditor based on the assessment described in the item below; u) Oversee the services of External Audit, including an assessment of their quality and effectiveness; v) Interact and hold regular sessions with the External Auditor and particularly, evaluate and report to the Board of Directors every situation which may limit its access to the information or risk its Independence, or any other situation related to the audit plan and to the development of the financial audit, plus other communications foreseen in the financial audit legislation and in the technical audit standards; w) Evaluate and report to the Board of Directors any temporary or permanent conflict of interest in which a Significant Shareholder, Board member or Senior Management member may be directly or indirectly immersed or through a related party making the proposals necessary to manage the situation; x) Prior to the authorization given by the Board of Directors, examine and report to the Board la operations conducted by the Corporation either directly or indirectly with members of the Board, Controlling and Significant Shareholders, members of Senior Management, operations among companies of the Conglomerate or persons related to them which may represent a risk for the Corporation or Conglomerate due to their amount, nature or conditions; y) Steady follow-up of the compliance with the Ethics Code and with the efficiency of the whistleblower system, assessing the anti-ethic activities and the content of the reports made, and making pertinent recommendations to the Board of Directors; z) Report to the General Shareholders Meeting the matters addressed by the shareholders of its competence; aa) All other duties determined by the Board of Directors. ARTICLE 7. Meetings of the Committee. The Committee shall meet once every three (3) months; special meetings shall be held when the Corporation deems it convenient or when deficiencies in the internal control system are observed and require urgent measures. In terms of special meetings, the Committee may be summoned by the Board of Directors, the Corporate President, or any of the Committee members. Regular meetings shall be summoned no less than eight (8) days beforehand, and an annual timetable of meetings shall be approved. Special meetings shall be summoned no 4
less than three (3) days beforehand. All communications related to the summon may be sent to the Committee members using any suitable medium such as e-mail or fax. Meetings may be held at the Corporation s domicile or where ever the Committee determines. The place, date and time of the meeting shall be included in the summon for each meeting. The Committee may meet in any time and place without being summoned previously when all of its members are present and approve the meeting. It is mandatory for all Committee members to apply the measures necessary to keep the information discussed in these meetings fully reserved and confidential. ARTICLE 8. Quorum for Decisions: The Committee may deliberate provided the majority of its members are present; decisions are made by consensus. ARTICLE 9. Reports presented to the Board of Directors. For the sound development of its tasks, the Audit and Risk Management Committee shall represent to the Board of Directors the reports related to its duties. When significant situations take place, the Committee may prepare a special report for the Board of Directors. In addition, the Committee shall prepare an annual report for the Board covering the operation of the internal control systems and the management of the Committee during the corresponding year. ARTICLE 10. Amendments to the Audit and Risk Management Committee Regulations. The Board of Directors may interpret and amend these Regulations. The amendments made shall be reported to the Shareholders and to the market through www.elcondor.com, or whichever medium replaces it. ARTICLE 11. Interpretation and Priority: The Code of Good Governance, the By-laws and the Board of Directors Regulations have a priority over these regulations in the event of any void, inconsistency or conflict. 5