Next Article in Journal / Special Issue
Board Independence and Corporate Social Responsibility Disclosure: The Mediating Role of the Presence of Family Ownership
Previous Article in Journal
Firm Performance among Internationalized SMEs: The Interplay of Market Orientation, Marketing Capability and Digitalization
Previous Article in Special Issue
Empirical Analysis of Non-Financial Reporting by Spanish Companies
Article Menu
Issue 3 (September) cover image

Export Article

Adm. Sci. 2018, 8(3), 32;

Assurance on Corporate Governance Reports in Spain: Towards an Enhanced Accountability or a New Form of Public Relations?
Centre of Business Management Research (CEGEA), Universitat Politècnica de València, 46022 Valencia, Spain
Faculty of Business Administration and Management (FADE), Universitat Politècnica de València, 46022 Valencia, Spain
Correspondence: [email protected]; Tel.: +34-96-387-7007 (ext. 84713)
These authors contributed equally to this work.
Received: 31 May 2018 / Accepted: 2 July 2018 / Published: 5 July 2018


Financial scandals have highlighted the need for greater corporate transparency. Thus, corporate governance has emerged as an instrument for corporations to fulfil their social responsibility by offering more reliable information to their stakeholders. In this sense, the corporate governance report has become one of the leading mechanisms of business reporting to attend the growing need for reliable information by users. External and independent assurance of corporate governance reports is a tool to reduce potential risk derived from malpractices. However, within the Spanish context, there is a few number of listed companies who assure their corporate governance reports, and some of them have been shaken by corporate malpractices and financial scandals. This work tries to offer a critical appraisal of current corporate governance of assurance statements in Spain, developing a research strategy based on the case-study. Thus, by analysing assurance on corporate governance reports in three Spanish listed companies, we identify strengths and weaknesses of an unusual assurance process. Obviously, because of the recent scandals occurred in the analysed companies, we raise a particular concern about the potential managerial capture of this activity. Without real changes in governance mechanisms, the corporate governance assurance could amount to little more than a public relations activity.
corporate governance; assurance; quality reporting; case study; content analysis

1. Introduction

Generally speaking, the entire society has observed a quick increase in accountability pressures, particularly on large global companies. This great call for transparency comes from two distinct but convergent perspectives (in terms of topics and audiences): (1) the accountability requirements in the corporate governance policies; and (2) the sustainability reporting, that it has broadened from environment to social and financial questions (Kolk 2008).
Definitively, the numerous financial scandals that have shaken markets over the last years have damaged the credibility of companies. Given the lack of financial audit to guarantee the reliability of information, the good corporate governance has emerged as a way to increase the users’ confidence on markets.
As stakeholders’ representatives, the responsibilities of the Board of Directors are mainly two: (1) to provide strategy to the company, and (2) to oversee the activities. The oversight role tries to check that companies reach their goals, and assurance services make it easier (Daugherty and Anderson 2012; Hermanson and Rittenberg 2003).
In recent years, numerous initiatives about good corporate governance have emerged, showing the general belief of the relevance of listed companies being run in an appropriate and transparent way, as a key driver of value creation, improvement of economic efficiency, and strengthening of investor trust. Codes of conduct have multiplied in order allow corporate decision-making to be more transparent. The Olivencia code, the Aldama code or the Conthe code are the more spread Spanish examples and have been designed with the aim to improve the transparency of stock companies. In 2006, the Comisión Nacional del Mercado de Valores (CNMV, the Spanish Stock Exchange Commission) issued the Unified Good Governance Code of Listed companies. Since the new code was passed, several laws and decrees affected some of its recommendations. For the purpose of adapting or removing recommendations affected by new rules, in 2013 the CNMV Board passed an update. Finally, in 2015, a new code was passed for ensuring the appropriate operation of the governance and management bodies of Spanish companies. The objectives of this reform were to maximize competitiveness, to increase trust and transparency for shareholders and investors, to improve internal control and corporate responsibility systems, and to ensure the right distribution of functions, duties and responsibilities under standards of professionalism.
The paper is structured as follows. In the next section, we present a literature review. Afterwards, we describe the methodology. Then, we explain the results in detail. Finally, we expose a discussion and the conclusions.

2. Literature Review

There is a large amount of academic literature about the need for governance mechanisms in firms, highlighting the relevance of the structure of corporate governance for the company growth and the strategic decision-making.
According to OECD (2004, p. 11), “Corporate governance involves a set of relationships between a company’s management, its board, its shareholders and other stakeholders. Corporate governance also provides the structure through which the objectives of the company are set, and the means of attaining those objectives and monitoring performance are determined. Good corporate governance should provide proper incentives for the board and management to pursue objectives that are in the interests of the company and its shareholders and should facilitate effective monitoring”.
On the other hand, Olcese (2005) state that for good corporate governance, an institutional framework that creates the necessary conditions for the development of firms and personal expectations is needed. Therefore, the institutional framework should enable companies to approve their own rules on governance and should make managers and directors answerable for their actions to their shareholders.
Thus, the most relevant characteristics of a good corporate governance should be (1) the transparency of the financial statements, the current operations and the internal processes of management and control, and (2) to protect and support the shareholders’ rights. In order to obtain these characteristics, the firm should have objective advisors, that is, advisors without any conflict of interest. Lastly, it is essential to have competent independent bodies controlling the integrity and the efficiency of management (Olcese 2005).
Generally speaking, the fundamentals of a good corporate governance lies in the right function of the board of directors. Therefore, they must be able to detect and avoid activities that cause a loss of value to the firm, as well as visualize and take advantage of potential opportunities.
The changing business context pressures companies to answer to some of the most difficult and challenging questions of today, including environmental threats, social issues and concerns about governance and social responsibility (Simnett 2012). Stakeholder’s recognition entails not only to identify their needs, but also an information policy that permits envisaging the assumption of such commitments (Archel 2003). This situation has lead companies to make known to corporate governance into their strategy and, consequently, to issue corporate governance reports. However, numerous financial scandals have shaken markets, damaging the credibility of companies. Accordingly, some companies subject the provided information to an assurance process, which improves their reliability and credibility (Hodge et al. 2009; Simnett 2012).
In theory, the appointment of external assurors can serve a corporate governance role by making a statement about the financial information quality, assuring its accuracy and truthfulness to the investors (Fan and Wong 2005).
Obviously, stakeholders and their representatives cannot execute, check and assure all the organisation’s activities themselves. Stakeholders will have faith in the assurance services to offer them with important information (Hermanson and Rittenberg 2003; ECIIA and FERMA 2010).
Companies have traditionally used assurance services to apply effective governance practices, to reduce the risks and to control internal processes. Thus, assurance activities are an essential aspect of corporate governance, and, in the era of integrated reporting, the ‘combined assurance’ is a new governance tool (Decaux and Sarens 2015).
Lessons from the last financial crisis let us see dramatic mistakes in the risk management of many companies. As a consequence, companies were pressed to control costs and worldwide regulators were searched for new mechanisms to improve corporate governance. However, IIA UK and Ireland (2008) recommended that most of responsible for corporate governance have only a partial representation of assurance. These findings revealed that only 50% of the companies were effective in establishing control and assurance procedures for relevant risks. Thus, they drove assurance services to achieve that (IIA UK and Ireland 2010). On the other hand, several authors argued that fruitful corporate governance was possible when boards receive assurance on their effectiveness (Chambers 2009; Shortreed et al. 2012; Soh and Martinov-Bennie 2011).
The result of an assurance process is a report or statement whose form and content depend on the assurance scope, the assurance standards and the assurance provider (GRI 2013). The most significant standard is the International Standard on Assurance Engagements 3000—Assurance Engagements other than Audits or Reviews of Historical Financial Information (ISAE 3000), developed by the International Auditing and Assurance Standards Board (IAASB), and aims to establish principles and procedures for accounting firms to review non-financial information (IAASB 2003, 2008, 2011, 2013).
Previous research works studied the content and quality of assurance statements included in sustainability or Corporate Social Responsibility (CSR) reports. In this way, O’Dwyer and Owen (2005) focused on reports short-listed for the 2002 Association of Chartered Certified Accountants (ACCA) Sustainability Reporting Awards. They found that all assurance statements included the name of provider and the majority were dated. References to competencies were occasional. Just under half of statements referred to the independence of the assurance provider from the reporting organisation. Their results also indicated that all statements made reference to the assurance scope. However, less than half specified the level of assurance and criteria applied, and a small percentage indicated the assurance standard. On the other hand, most statements provided details of work undertaken. Authors highlighted that references to materiality were made in a few assurance statements, offering a general statement instead of explaining how materiality levels had been set, or what ‘material’ entailed. Hasan et al. (2005) conducted a survey of 110 accounting firms from 11 countries and found that many of the assurance services provided a limited to moderate level rather than a reasonable to high level. Deegan et al. (2006a) focused on Australian companies and showed a great variability in contents of assurance statements. In most cases, addressees were not mentioned, and those nominated were internal to the reporting organisation, instead of being external stakeholders. A small number of statements indicated that reporting organisations are responsible for sustainability or CSR reports and assurance providers for assurance statements. Most assurance statements failed to identify reporting criteria and assurance standards. On the other hand, most statements included a description of the work undertaken and noted areas for improvement. Deegan et al. (2006b) compared assurance statements from the UK and other European companies. In general, most statements did not mention addressees, and among those that nominated them, addressees were internal to the reporting organisation. Whilst, the majority of assurance statements in the UK indicated the responsibility of the reporting organisations to prepare sustainability or CSR reports and the responsibility of assurance providers to prepare assurance statements, it was unusual in the European context. In general, most assurance statements failed to identify any reporting criteria. However, they included some description of the work performed. Opposite to the UK, in Europe, most statements mentioned standards. On the other hand, most statements from the UK noted areas for improvement, while the contrary happened in the European context. Their results also showed that assurance statements differed according to the kind of assurance provider. In this way, accountants were more prone to mention addressees, indicate responsibilities of reporting organisations, and mention assurance standards. Taking the Global Reporting Initiative (GRI) Database, Manetti and Becatti (2009) showed that most assurance providers used the ISAE 3000 and applied a limited to moderate level of assurance. Likewise, Manetti and Toccafondi (2012) found that most assurance statements addressed to organisation managers specified the level of assurance (generally a limited level) and standards (mostly a combination of two standards), and included indications for improvements. Fonseca (2010) evaluated the assurance provided to companies from the International Council on Mining and Metals (ICMM). Findings indicated that all assurance statements defined the scope, more than half specified the level (mainly a reasonable level or a combination of limited and reasonable level), and a high percentage mentioned the standards (principally, the ISAE 3000). Perego and Kolk (2012) analysed assurance practices among the G250 firms, and pointed out that most of assurance providers used the ISAE 3000 in combination with other standards. Ferreira Gomes et al. (2015) studied assurance among Portuguese companies and revealed that the dominant standard used was the ISAE 3000. Gürtürk and Hahn (2016) analysed the assurance statements in the sustainability reports issued by UK FTSE 100 companies, and German DAX and MDAX companies. Their results indicated that most assurance statements made reference to addressees, mainly to those internal to the reporting organisation. In most cases, the scope of the assurance engagement was defined. Most reports were assured under a limited level of assurance. Most assurors applied a combination of the ISAE 3000 with other standards. On the other hand, less than half of assurance statements included recommendations. In addition to differences about their content, some authors highlighted that quality of assurance statements differs across providers. In this way, Romero et al. (2010), Fernández-Feijoó-Souto et al. (2012), Zorio et al. (2013) and Martínez-Ferrero et al. (2018) indicated that quality was considerably higher when the provider was an accountant. More specifically, Perego (2009) and Perego and Kolk (2012) evidenced that accountants were positively associated with quality of reporting format and assurance procedures, while non-accountants were positively associated with the quality of the recommendations and opinions.
As far as we know, no previous studies focused on assurance of corporate governance reports, which is an interesting research gap in the field of assurance on non-financial information. Given the lack of preceding studies, the design of this research is exploratory and follows a strategy based on the case-study and content analysis methods.

3. Methodology

Given the lack of previous studies about assurance on corporate governance reports, we designed an exploratory and qualitative research. As they are especially compatible (Kohlbacher 2006), we employed the case-study as a research approach and the qualitative content analysis as a technique of analysis of data material.
Case-studies are widely used in business analysis and are increasingly used as a rigorous research strategy (Hartley 2004). According to Yin (1989), the case-study method is an interesting analysis tool to examine contemporary phenomena in their real-life context, mainly when the boundaries between the phenomena and context are not clear. Stake (1995) also affirmed that case-studies have become one of the most usual techniques to do qualitative research.
On the other hand, the content analysis has been traditionally used to assess the extent of disclosure of different items in annual reports (Gray et al. 1995a; Guthrie and Mathews 1985; Guthrie and Parker 1990; and Zeghal and Ahmed 1990). In the same way, several works have employed this method to report the degree of disclosure of different social and environmental items (Gray et al. 1995a, 1995b; Guthrie and Mathews 1985; Guthrie and Parker 1990; and Guthrie and Abeysekera 2006). In the same line, several authors (e.g., O’Dwyer and Owen 2005; Perego and Kolk 2012; and Zorio et al. 2013) used content analysis to study assurance statements in depth.
To this end, we searched Spanish companies that submitted their corporate governance reports to an assurance process, and we found only three cases: Abengoa, Banco Popular and Enagás. In addition, Abengoa and Banco Popular have suffered corporate scandals recently. There have been other scandals in the last years in Spain, but these companies are the only ones who assure their Corporate Governance reports. Abengoa assured its corporate governance reports between 2009 and 2014, which makes a total of six reports. Banco Popular adopted assurance from 2008 to 2016, which makes a total of nine reports. Enagás applied assurance between 2013 and 2017, which makes a total of five reports. In total, we found 20 corporate governance reports assured.
It’s important to note that all the Spanish listed companies prepare their annual Corporate Governance reports according to the Spanish Corporate Enterprises Act (article 540), the Order ECC/461/2013 on the annual corporate governance report, remunerations report and other disclosures, and the Circular 5/2013 of the CNMV (the Spanish Securities Stock Commission). Thus, among listed companies there are no significant differences between the content and structure of assured Spanish corporate governance reports from not assured statements.
To analyse the content of assurance statements and measure their quality, we developed a quality index based on the code of Perego and Kolk (2012). Obeying the requirements of the ISAE 3000, we built an index composed by 17 items (Table 1), where the range of quality goes from ‘0’ (the lowest level) to ‘22’ points (the highest level). With the aim of guaranteeing reliability in the content analysis, we employed the Neuendorf’s guidelines (Neuendorf 2002). To this end, we drew a random subsample of 10% of assurance statements (that is, two assurance statements), and we analysed them individually. The level of agreement (PA0 = A/n, where PA0 represents the percentage of agreement observed, A is the number of agreements, and n is the number of units of the sample) was 100%. Next, we analysed the remaining statements.

4. Results

4.1. The Abengoa Case

Abengoa is an international company founded in 1941 in Seville. It is a technological parent company of a group of companies, which also includes 363 subsidiaries, 76 associates and 16 joint ventures, as well as some companies involved in 143 temporary joint ventures. Moreover, the Group’s companies have shareholdings of less than 20% in other entities. The company employs innovative technology solutions for sustainability in the infrastructures, energy and water industries. Currently, it is present on four continents and has a permanent presence in 19 countries. The company’s workforce is formed by 12,468 people. Abengoa is listed on the Ibex-35 index (Abengoa 2018).
The company submitted their corporate governance reports to an assurance process from 2009 to 2014. All reports were assured by big audit firms, specifically, PriceWaterhouseCoopers (PwC) assured the reports from 2009 to 2011, while Deloitte assured the reports from 2012 to 2014. As shown in Table 2, all assurance statements include the title, name of assuror, location of assuror and date. the addressee is the Board of Directors, which are internal members to the company. Assurance statements also refer to responsibilities of reporting organisation (Abengoa), whose responsibility consist of preparing the corporate governance report, and responsibilities of assuror (PwC and Deloitte), whose responsibility is to issue an independent assurance statement. Regarding the applicable criteria, PwC reviewed the 2009, 2010 and 2011 corporate governance reports in accordance to the 2006 Unified Good Governance Code and Circular 4/2007 of CNMV. Deloitte, meanwhile, reviewed the 2012 corporate governance report according to the Ley 2/2011 de Economía Sostenible, 2006 Unified Good Governance Code and Circular 4/2007 of CNMV, while the 2013 and 2014 corporate governance reports were reviewed in accordance to the Order ECC/461/2013 and Circular 5/2013 of CNMV. In relation to independence and ethical requirements, assurors indicate the accomplishment of the Code of Ethics of IFAC. On the other hand, there is no reference to quality control requirements. Both audit firms follow ISAE 3000 to develop the assurance process. In regards to the level of assurance, they apply a reasonable level. All assurance statements refer to the scope, include a summary of work performed and mention the concept of materiality. With regard to the conclusions, all assurors express a general opinion. On the other hand, no assurance statement includes observations or recommendations. In total, all assurance statements get a quality of 18 points, which represents a quality level of 81.9%, and it is constant during the period observed.
Despite these good practices, Abengoa started insolvency proceedings in 2015, which would become the biggest bankruptcy case in Spanish business history (Urra 2015). The company manipulated the information about the company’s debt. Abengoa included the debt of its subsidiary Abengoa Greenfield, and moreover, reported a debt of € 500 million when it reached € 1592 million. It led to bad qualifications by rating agencies and the consequent stock-market fail (Tàpies et al. 2017). In addition, the owners of the company collected € 34 million three months before its stock-market fail (Martínez 2015).

4.2. The Banco Popular Case

Banco Popular was born in 1926. It became the sixth largest banking group in Spain. Currently, it belongs to Banco Santander. The company has 1416 offices and 9066 employees in Spain (Banco Popular 2018).
The company hired the big audit firm PwC to assure their corporate governance reports from 2009 to 2016. As presented in Table 3, all assurance statements include the title, name of assuror, location of assuror and date. They are addressed to the Board of Directors, that is, the addressee is internal. Banco Popular is responsible of preparing the corporate governance report, while PwC is responsible of issuing the assurance statement. With respect to the applicable criteria, reports between 2009 and 2012 were reviewed according to the 2006 Unified Good Governance Code and Circular 4/2007 of CNMV. In 2013, the assuror applies the 2013 Unified Good Governance Code and Circular 5/2013 of CNMV. In 2014, the assuror follows the Order ECC/461/2013 and Circular 5/2013 of CNMV. In 2015, the assurance process obeys the article 540 of Spanish Company Law, Order ECC/461/2013 and Circular 5/2013 of CNMV. Finally, the 2016 report is reviewed in accordance to the article 540 of Spanish Company Law, Order ECC/461/2013 and Circular 7/2015. In regards to the independence and ethical requirements, the assurance statements include a statement where the assuror indicates the fulfilment of the Code of Ethics of IFAC (2008–2014) or IESBA code (2015–2016). Since 2014, assurance statements include a statement indicating the application of International Standard on Quality Control 1 (ISQC 1). PwC adopts the ISAE 3000 to perform the assurance work. Regarding the level of assurance, the assuror applies a limited level. The scope of assurance, summary of work performed and concept of materiality are included in all assurance statements. The conclusions express a general opinion. There is no observations or recommendations. In general, assurance statements get a level of quality between 17 and 18 points, which represents 77.3% and 81.9%.
Despite Banco Popular submitting their corporate governance reports to external and independent assurance processes, the company was bought for one euro by Banco Santander as part of a rescue in 2017 in order to prevent its collapse (Urra 2017). The company paid € 5.5 million to five directives before the failure (De Barrón 2018).

4.3. The Enagás Case

Enagás is an international standard bearer in the development and conservation of gas infrastructures and in the operation and management of complex gas networks. The company leads the natural gas transmission and it is the Technical Manager of the gas system in Spain. Moreover, it is certified as an independent Transmission System Operator by the European Union. The company is present in Latin America (Mexico, Chile and Peru) and Europe (Sweden, Italy, Greece and Albania). Enagás is listed on the Ibex-35 index (Enagás 2018).
The company opted for the audit firm Deloitte to assure their corporate governance reports between 2013 and 2015, and they selected Ernst & Young in 2016 and 2017. As shown in Table 4, all assurance statements contain the title, name of assuror, location of assuror and date. Addressee is the Board of Director or shareholders, that is, internal members. Assurance statements include responsibilities of reporting organisation (Enagás), that is responsible of preparing the corporate governance report, and responsibilities of assuror (Deloitte y Ernst & Young), that is responsible of issuing an independent assurance statement. In 2013 and 2014, Deloitte follows the Order ECC/461/2013 and Circular 5/2013 of CNMV. In 2015, the audit firm bases on the Order ECC/461/2013 and Circular 7/2015 of CNMV. Finally, in 2016 and 2017, Ernst & Young proceeds in accordance to the article 540 of Spanish Company Law, Order ECC/461/2013 and Circular 7/2015. Both audit firms highlight that they comply the ethical requirements of the Code of Ethics of IFAC (2013–2014) or IESBA code (2015–2017). Since 2015, they point out the application of the International Standard on Quality Control 1 (ISQC 1). The assurance process was performed according to the ISAE 3000. Regarding the level of assurance, assurors applied a reasonable level. Assurance statements do not include observations or recommendations. In all, the quality level of assurance statements goes from 18 to 19 points, representing 81.9% and 86.4%.

5. Discussion and Conclusions

Business ethics, corporate social responsibility and good governance are basic solutions to generate confidence and credibility, and definitely to be more efficient. Several companies issue corporate governance reports, which have become the communication channel for companies to disclose their corporate governance performance to stakeholders. In this context, external and independent assurance is positive since it introduces reliability to stakeholders’ perception. Consequently, many companies have adopted assurance to enhance the credibility of their corporate governance reports.
Within the Spanish context, many companies started to issue corporate governance reports, mainly mandatory reports for listed companies and some industries (such as financial services or insurance companies). Thus, these companies converted the corporate governance report in the way they communicate their performance to the stakeholders. Consequently, the external and independent assurance emerged as a mechanism to enhance the quality of the corporate governance reports, offering a greater reliability to the corporate disclosure.
However, the assurance on corporate governance reports is still an incipient field of work in Spain, even for big and listed companies. Therefore, the three examples presented in this paper are at the vanguard of corporate governance reporting in Spain.
Findings showed that big audit firms monopolise the practice of assurance on corporate governance reports. The preference for auditors could be justified by the perception that this type of provider offer higher quality (Mock et al. 2013), and possess greater skills and training (Martínez-Ferrero et al. 2018). Moreover, they involve experts from several disciplines and consult a wide number of stakeholders (Manetti and Toccafondi 2012).
It is important to underline how the scores obtained by the three companies are clearly great, showing high quality. In general, assurance statements present uniformity, reaching between 17 and 19 points of 22. They show a slight improvement over the years. However, it should be noted that that this increase could be due to changes incorporated in the ISAE 3000. The standard has been updated in several occasions incorporating new requirements. In this way, assurance reports dated on or after 1 January 2005 followed ISAE (2003) and ISAE (2008), assurance reports covering periods ending on or after 15 June 2011 followed ISAE (2011), and assurance reports dated on or after 15 December 2015 follow ISAE (2013). Abengoa and Banco Popular pulled out the issuance of assurance of their corporate governance report in 2015 and 2017, respectively (maybe due to their corporate scandals).
Regarding the content and format, we did not find that assurance statements present large differences, in contrast to Deegan et al. (2006a) and Deegan et al. (2006b). Among the most noted aspects, we found that the addressee was internal to reporting organisations in all cases, which may have implications for the independence of assurance providers since the involvement of addressees in the management of the organisation could be seen as a lack of independence (Deegan et al. 2006a, 2006b). Moreover, this evidence could suppose the existence of managerial and professional capture, attributing only residual materiality to stakeholder interests (Manetti and Toccafondi 2012). Opposite to previous results (see O’Dwyer and Owen 2005; Hasan et al. 2005; Mock et al. 2007, 2013; Perego and Kolk 2012; and Gürtürk and Hahn 2016), most assurors provided a reasonable to high level. Regarding standards, all providers followed the ISAE 3000 to perform their work, which is not surprising given that this standard comes from an international auditing body (Perego and Kolk 2012), and all providers are audit firms. In regards to conclusions, all assurors expressed a general opinion, instead of a detailed one. Moreover, we found a lack of observations and recommendations, although Manetti and Becatti (2009) consider that recommendations are negative, since the aim of assurance should be to only express an opinion about the reliability of the information reported, refraining from providing advices to the organisation.
According to the title of this work, a critical appraisal on assurance of corporate governance could not be omitted. The recent corporate scandals at Abengoa and Banco Popular have raised significant doubts about the corporate information disclosed by the companies. We do not forget that Abengoa represented an example of good practices and transparency. The scandal has shown the lack of effectiveness of the controls and harms the interests of many stakeholders (thousands of shareholders, employees, creditors and suppliers). A questionable management, lack of control and some very criticized retributions to the top management evidence malpractices. These types of scandals call into question good practices such as transparency or assurance, by becoming ineffective instruments for frauds. In sum, Abengoa and Banco Popular seem to represent new examples of ‘managerial capture’ of the meaning of these practices (Owen et al. 2000), perverting their meaning. However, the question is not of the effectiveness of corporate reporting or assurance, it is about ethics and corporate responsibility. Without them, there are no practices that can be considered good for the company or for society as a whole.

Author Contributions

Conceptualization, E.S.-M. and H.-M.B.-A.; Methodology, E.S.-M., H.-M.B.-A. and F.P.-G.; F.A., E.S.-M., H.-M.B.-A. and F.P.-G.; D.C., H.-M.B.-A.; Writing-Original Draft Preparation, E.S.-M. and H.-M.B.-A.; Writing-Review & Editing, E.S.-M., H.-M.B.-A. and F.P.-G.; Project Administration, E.S.-M.


This research received no external funding.

Conflicts of Interest

The authors declare no conflict of interest.


  1. Abengoa. 2018. Abengoa Annual Report 2017. Available online: (accessed on 29 May 2018).
  2. Archel, Pablo. 2003. La Divulgación de la Información Social y Medioambiental de la Gran Empresa Española en el Período 1994–1998: Situación Actual y Perspectivas. Revista Española de Financiación y Contabilidad 117: 571–601. [Google Scholar]
  3. Banco Popular. 2018. Cuentas Anuales e Informe de Gestión correspondiente al ejercicio anual terminado el 31 de diciembre de 2017. Available online: (accessed on 29 May 2018).
  4. Chambers, Andrew. 2009. “The black hole of assurance”, Internal Auditor. Available online: (accessed on 19 April 2012).
  5. Daugherty, Brian, and Urton Anderson. 2012. The third line of defense: Internal audit’s role in the governance process. Internal Auditing July/August: 38–41. [Google Scholar]
  6. De Barrón, Íñigo. 2018. El Popular pagó 5,5 millones a cinco directivos antes de quebrar. El País. in press. [Google Scholar]
  7. Decaux, Loïc, and Gerrit Sarens. 2015. Implementing combined assurance: Insights from multiple case studies. Managerial Auditing Journal 30: 56–79. [Google Scholar] [CrossRef]
  8. Deegan, Craig, Barry J. Cooper, and Marita Shelly. 2006a. An Investigation of TBL Report Assurance Statements: Australian Evidence. Australian Accounting Review 16: 2–18. [Google Scholar] [CrossRef]
  9. Deegan, Craig, Barry J. Cooper, and Marita Shelly. 2006b. An investigation of TBL report assurance statements: UK and European evidence. Managerial Auditing Journal 21: 329–71. [Google Scholar] [CrossRef]
  10. ECIIA and FERMA. 2010. Guidance on the 8th EU Company Law Directive. Brussels: European Confederation of Institutes of Internal Auditing and Federation of European Risk Management Associations. [Google Scholar]
  11. Enagás. 2018. Informe Anual 2017. Available online: (accessed on 29 May 2018).
  12. Fan, Joseph P.H., and T. J. Wong. 2005. Do external auditors perform a corporate governance role in emerging markets? Evidence from East Asia. Journal of Accounting Research 43: 35–72. [Google Scholar] [CrossRef]
  13. Fernández-Feijoó-Souto, Belén, Silvia Romero, and Silvia Ruiz-Blanco. 2012. Measuring quality of sustainability reports and assurance statements: Characteristics of the high quality reporting companies. International Journal of Society Systems Science 4: 5–27. [Google Scholar]
  14. Ferreira Gomes, Sónia, Teresa Cristina Pereira Eugéncio, and Manuel Castelo Branco. 2015. Sustainability reporting and assurance in Portugal. Corporate Governance 15: 281–92. [Google Scholar] [CrossRef]
  15. Fonseca, Alberto. 2010. How credible are mining corporations’ sustainability reports? A critical analysis of external assurance under the requirements of the International Council on Mining and Metals. Corporate Social Responsibility and Environmental Management 17: 355–70. [Google Scholar] [CrossRef]
  16. Gray, Rob, Reza Kouhy, and Simon Lavers. 1995a. Corporate social and environmental reporting: A review of the literature and a longitudinal study of UK disclosure. Accounting, Auditing & Accountability Journal 8: 47–77. [Google Scholar]
  17. Gray, Rob, Reza Kouhy, and Simon Lavers. 1995b. Methodological themes. Constructing a research database of social and environmental reporting by UK companies. Accounting, Auditing & Accountability Journal 8: 78–101. [Google Scholar]
  18. GRI. 2013. The External Assurance of Sustainability Reporting, Research & Development Series. Amsterdam: GRI. [Google Scholar]
  19. Gürtürk, Anil, and Rüdiger Hahn. 2016. An empirical assessment of assurance statements in sustainability reports: Smoke screens or enlightening information? Journal of Cleaner Production 136: 30–41. [Google Scholar] [CrossRef]
  20. Guthrie, James, and Indra Abeysekera. 2006. Content analysis of social, environmental reporting: what is new? Journal of Human Resource Costing & Accounting 10: 114–26. [Google Scholar]
  21. Guthrie, James, and M. R. Mathews. 1985. Corporate social accounting in Australia. Research in Corporate Social Performance and Policy 7: 251–77. [Google Scholar]
  22. Guthrie, James, and Lee D. Parker. 1990. Corporate social disclosure practice: A comparative international analysis. Advances in Public Interest Accounting 3: 159–76. [Google Scholar]
  23. Hartley, Jean. 2004. Case study research. In Essential Guide to Qualitative Methods in Organizational Research. Edited by Catherine Cassell and Gillian Symon. London: Sage, pp. 323–33. [Google Scholar]
  24. Hasan, Mahreen, Steven Maijoor, Theodore J. Mock, Peter Roebuck, Roger Simnett, and Ann Vanstraelen. 2005. The different types of assurance services and levels of assurance provided. International Journal of Auditing 9: 91–102. [Google Scholar] [CrossRef]
  25. Hermanson, Dana R., and Larry E. Rittenberg. 2003. Internal audit and organizational governance. In Research Opportunities in Internal Auditing. Edited by Andrew D. Bailey, Audrey A. Gramling and Sridhar Ramamoorti. Altamonte Springs: The Institute of Internal Auditors Research Foundation. [Google Scholar]
  26. Hodge, Kristy, Nava Subramaniam, and Jenny Stewart. 2009. Assurance of Sustainability Reports: Impact on Report Users’ Confidence and Perceptions of Information Credibility. Australian Accounting Review 19: 178–94. [Google Scholar] [CrossRef]
  27. IAASB. 2003. ISAE 3000, Assurance Engagements Other than Audits or Reviews of Historical Financial Information. New York: International Federation of Accountants. [Google Scholar]
  28. IAASB. 2008. ISAE 3000 (Revised), Assurance Engagements Other than Audits or Reviews of Historical Financial Information. New York: International Federation of Accountants. [Google Scholar]
  29. IAASB. 2011. ISAE 3000 (Revised), Assurance Engagements Other than Audits or Reviews of Historical Financial Information. New York: International Federation of Accountants. [Google Scholar]
  30. IAASB. 2013. ISAE 3000 (Revised), Assurance Engagements Other than Audits or Reviews of Historical Financial Information. New York: International Federation of Accountants. [Google Scholar]
  31. IIA UK and Ireland. 2008. Towards a Blueprint for the Internal Audit Profession, The Institute of Internal Auditors—UK and Ireland in association with Deloitte, United Kingdom. London: The Institute of Internal Auditors UK and Ireland. [Google Scholar]
  32. IIA UK and Ireland. 2010. Professional Guidance for Internal Auditors: Coordination of Assurance Services. London: The Institute of Internal Auditors UK and Ireland. [Google Scholar]
  33. Kohlbacher, Florian. 2006. The use of qualitative content analysis in case study research. Forum on Qualitative Social Research 7: 1–30. [Google Scholar] [CrossRef]
  34. Kolk, Ans. 2008. Sustainability, Accountability and Corporate Governance: Exploring Multinationals’ Reporting Practices. Business Strategy and the Environment 17: 1–15. [Google Scholar] [CrossRef]
  35. Manetti, Giacomo, and Lucia Becatti. 2009. Assurance services for sustainability reports: Standards and empirical evidence. Journal of Business Ethics 87: 289–98. [Google Scholar] [CrossRef]
  36. Manetti, Giacomo, and Simone Toccafondi. 2012. The Role of Stakeholders in Sustainability Reporting Assurance. Journal of Business Ethics 107: 363–77. [Google Scholar] [CrossRef]
  37. Martínez, Víctor. 2015. Los dueños de Abengoa cobraron un dividendo récord antes de su crisis. El Mundo. in press. [Google Scholar]
  38. Martínez-Ferrero, Jennifer, Isabel María García-Sánchez, and Emiliano Ruiz-Barbadillo. 2018. The quality of sustainability assurance reports: The expertise and experience of assurance providers as determinants. Business Strategy and the Environment, 1–18. [Google Scholar] [CrossRef]
  39. Mock, Theodore J., Christiane Strohm, and Kevin M. Swartz. 2007. An examination of worldwide assured sustainability reporting. Australian Accounting Review 17: 67–77. [Google Scholar] [CrossRef]
  40. Mock, Theodore J., Sunita S. Rao, and Rajendra P. Srivastava. 2013. The Development of Worldwide Sustainability Reporting Assurance. Australian Accounting Review 67: 280–294. [Google Scholar] [CrossRef]
  41. Neuendorf, Kimberly A. 2002. The Content Analysis Guidebook. Thousand Oaks: Sage. [Google Scholar]
  42. O’Dwyer, Brendan, and David Owen. 2005. Assurance statement practice in environmental, social and sustainability reporting: A critical evaluation. The British Accounting Review 14: 205–29. [Google Scholar] [CrossRef]
  43. OECD. 2004. OECD Principles of Corporate Governance. Paris: OECD Publications. [Google Scholar]
  44. Olcese, Aldo. 2005. Teoría y Práctica del Buen Gobierno Corporativo. Madrid: Marcial Pons. [Google Scholar]
  45. Owen, David L., Tracey A. Swift, Christopher Humphrey, and Mary Bowerman. 2000. The new social audits: Accountability, managerial capture or the agenda of social champions? European Accounting Review 9: 81–98. [Google Scholar] [CrossRef]
  46. Perego, Paulo M. 2009. Causes and consequences of choosing different assurance providers: An international study of sustainability reporting. International Journal of Management 26: 412–25. [Google Scholar]
  47. Perego, Paulo, and Ans Kolk. 2012. Multinationals’ Accountability on Sustainability: The Evolution of Third-party Assurance of Sustainability Reports. Journal of Business Ethics 110: 173–90. [Google Scholar] [CrossRef]
  48. Romero, Silvia, Silvia Ruiz, and Belén Fernández-Feijóo. 2010. Assurance statement for sustainability reports: The case of Spain. Paper presented at the Northeast Business & Economics Association, New Jersey, NJ, USA, October 1–2. [Google Scholar]
  49. Shortreed, John, John Fraser, Grant Purdy, and Arnold Schanfield. 2012. The Future Role of Internal Audit in (Enterprise) Risk Management, a White Paper Published on the Website of the Manhattanville College. Available online: (accessed on 24 January 2018).
  50. Simnett, Roger. 2012. Assurance of Sustainability Reports: Revision of ISAE 3000 and Associated Research Opportunities. Sustainability Accounting, Management and Policy Journal 3: 89–98. [Google Scholar] [CrossRef]
  51. Soh, Dominic, and Nonna Martinov-Bennie. 2011. The internal audit function: Perceptions of internal audit roles, effectiveness and evaluation. Managerial Auditing Journal 26: 605–22. [Google Scholar] [CrossRef]
  52. Stake, Robert E. 1995. The Art of Case Study Research. Thousand Oaks: Sage. [Google Scholar]
  53. Tàpies, Josep, Luis Manuel Calleja, and Iñigo Alonso. 2017. Sintomatología del Mal Funcionamiento en los Consejos de Administración. Algunos Casos. Documento de Investigación WP-1165. Pamplona: IESE Business School, Universidad de Navarra. [Google Scholar]
  54. Urra, Susana. 2015. Abengoa on verge of largest bankruptcy filing in Spanish history. El País. in press. [Google Scholar]
  55. Urra, Susana. 2017. Santander buys Spain’s struggling Banco Popular for €1. El País. in press. [Google Scholar]
  56. Yin, Robert K. 1989. Case Study Research, Design and Methods. Thousand Oaks: Sage Publications. [Google Scholar]
  57. Zeghal, Daniel, and Sadrudin A. Ahmed. 1990. Comparison of Social Responsibility Information Disclosure Media Used by Canadian Firms. Accounting, Auditing & Accountability Journal 3: 38–53. [Google Scholar]
  58. Zorio, Ana, Maria Antonia García-Benau, and Laura Sierra. 2013. Sustainability Development and the Quality of Assurance Reports: Empirical Evidence. Business Strategy and the Environment 22: 484–500. [Google Scholar] [CrossRef]
The members of the assurance team are subject to Parts A and B of the Code of Ethics for Professional Accountants issued by the International Ethics Standards Board for Accountants (IESBA Code).
International Standard on Quality Control (ISQC) 1, Quality Control for Firms that Perform Audits and Reviews of Financial Statements, and Other Assurance and Related Services Engagements.
Table 1. Quality index.
Table 1. Quality index.
Title0No reference
Addressee0No reference
1Addressee is internal or ‘the readers’
2Stakeholder are mentioned in the addressee
Name of assuror0No reference
Location of assuror0No reference
Date0No reference
Responsibilities of reporting organisation0No reference
Responsibilities of assuror0No reference
Independence and other ethical requirements (IESBA code)10No reference
Quality control requirements (ISQC 1)20No reference
Scope of assurance0No reference
Level of assurance0Not applicable or no reference
1Limited/moderate level
2High/reasonable level
Applicable criteria0No reference
1Reference to publicly unavailable criteria
2Reference to publicly available criteria
Assurance standards0No reference
1Reference to publicly unavailable criteria
2Reference to publicly available criteria
Summary of work performed0No reference
Materiality0No reference
Conclusion0No reference
1General opinion
2Detailed opinion (recommendations are not considered)
Observations/recommendations0No reference
Table 2. Assurance statements of Abengoa’s Corporate Governance Reports.
Table 2. Assurance statements of Abengoa’s Corporate Governance Reports.
Name of assuror111111
Location of assuror111111
Responsibilities of reporting organisation111111
Responsibilities of assuror111111
Independence and other ethical requirements (IESBA code)111111
Quality control requirements (ISQC 1)000000
Scope of assurance111111
Level of assurance222222
Applicable criteria222222
Assurance standards222222
Summary of work performed111111
Total quality181818181818
Table 3. Assurance statements of Banco Popular’s Corporate Governance Reports.
Table 3. Assurance statements of Banco Popular’s Corporate Governance Reports.
Name of assuror111111111
Location of assuror111111111
Responsibilities of reporting organisation111111111
Responsibilities of assuror111111111
Independence and other ethical requirements (IESBA code)111111111
Quality control requirements (ISQC 1)000000111
Scope of assurance111111111
Level of assurance111111111
Applicable criteria222222222
Assurance standards222222222
Summary of work performed111111111
Total quality171717171717181818
Table 4. Assurance statements of Enagás’s Corporate Governance Reports.
Table 4. Assurance statements of Enagás’s Corporate Governance Reports.
Name of assuror11111
Location of assuror11111
Responsibilities of reporting organisation11111
Responsibilities of assuror11111
Independence and other ethical requirements (IESBA code)11111
Quality control requirements (ISQC 1)00111
Scope of assurance11111
Level of assurance22222
Applicable criteria22222
Assurance standards22222
Summary of work performed11111
Total quality1818191919

© 2018 by the authors. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (
Adm. Sci. EISSN 2076-3387 Published by MDPI AG, Basel, Switzerland RSS E-Mail Table of Contents Alert
Back to Top