Regulations of the Audit and Risk Supervision Committee

Regulations of the Audit and Risk Supervision Committee

25 March 2025

TITLE I. REGULATIONS

Article 1. Nature and Object

1. Pursuant to the Governance and Sustainability System of IBERDROLA, S.A. (the “Company”), the Board of Directors establishes the Audit and Risk Supervision Committee (hereinafter, the “Committee”), a permanent internal informational and consultative body without executive duties, with information, advisory and proposal-making powers within its scope of action and which shall be governed by the provisions set forth in the By-Laws, in the Regulations of the Board of Directors and in these Regulations of the Audit and Risk Supervision Committee (the “Regulations”).
2. The object of these Regulations is to favour the independence of the Committee and to determine the principles of conduct and the rules of internal operation thereof, with full respect for the powers of the committees or equivalent bodies that may exist at companies, whether or not listed, belonging to the group of companies of which the Company is the controlling entity, within the meaning established by law (the “Group”).
3. These Regulations have been prepared taking into account applicable legal provisions and the good governance recommendations generally accepted in international markets and form part of the Governance and Sustainability System.

Article 2. Approval, Amendment and Priority

1. These Regulations and any amendments hereof must be approved by resolution adopted by the Board of Directors on the initiative of the Board, of the chairman thereof, of the chair of the Committee, of one-third of the directors or of the Committee itself.
2. These Regulations further develop and supplement the provisions of the By-Laws and of the Regulations of the Board of Directors applicable to the Committee. The latter provisions shall prevail in the event of conflict with the former.

Article 3. Interpretation

1. These Regulations shall be interpreted in accordance with law and with the Governance and Sustainability System.
2. Issues that may arise regarding the interpretation and application of these Regulations shall be resolved by the Committee itself, and in the absence of such resolution, by the chair of the Committee, who shall be assisted by such persons, if any, as may be appointed by the Board of Directors for such purpose. The Board of Directors shall be informed of the interpretation and resolution of the issues that may have arisen.
3. In the absence of a specific rule, the provisions of the Regulations of the Board of Directors governing its operation, and specifically the calls to meeting, the granting of a proxy to another member of the Committee, the establishment of a quorum for meetings, the holding of meetings without prior notice, the rules for adopting resolutions, voting in writing and without a meeting, and the approval of the minutes of meetings shall apply to the Committee, to the extent not inconsistent with the nature thereof.

Article 4. Compliance and Dissemination

1. The members of the Committee, as well as the other members of the Board of Directors to the extent they are affected, have the obligation to know and comply with these Regulations, for which purpose the secretary of the Board of Directors shall post them on the directors’ website and on the Company’s corporate website.
2. In addition, the Committee shall have the obligation to ensure compliance with these Regulations and to adopt appropriate measures for the required dissemination thereof among the organisation.

TITLE II. POWERS

Article 5. Powers

The Committee shall have the following main powers:

1. Conduct a review of the General Risk Control and Management Foundations of the Iberdrola Group and the risk guidelines and limits on at least an annual basis, and propose the amendment and update thereof to the Board of Directors.
2. Approve the statutory auditor contracting policy, establishing the procedure for the selection and contracting of the Company’s statutory auditor, the relations therewith, the circumstances that might affect the independence thereof and the instruments required to ensure the transparency of such relationship.
3. Endeavour to ensure that the annual financial statements that the Board of Directors submits to the shareholders at the General Shareholders’ Meeting are prepared in accordance with accounting regulations.
4. Report to the shareholders at the General Shareholders’ Meeting with respect to the matters that may be raised therein by the shareholders regarding the results of the audit of the annual financial statements, the contribution thereof to the integrity of the financial information and the role that it has played in such process and regarding other issues within the purview of the Audit and Risk Supervision Committee.
   
   In addition, if auditor has included any qualification in its audit report, the chair of the Committee shall clearly explain at the General Shareholders’ Meeting the opinion of the Committee regarding the content and scope thereof, if so approved by the Board of Directors, making a summary of said opinion available to the shareholders at the time of publication of the call to meeting, together with the other proposals and reports of the Board of Directors.
5. Together with the statutory auditor, analyse significant weaknesses in the internal control system detected during the audit, all without infringing upon the independence thereof. To this end, if appropriate, the Committee may submit recommendations or proposals to the Board of Directors and shall establish the corresponding follow-up period.
6. Supervise the process of preparing and presenting regulated financial information relating to the Company, both individual and consolidated with its subsidiaries, reviewing compliance with legal requirements, the proper delimitation of the scope of consolidation and the correct application of accounting standards, and submit recommendations or proposals to the Board of Directors to safeguard the integrity of such information. This supervisory work of the Committee must be carried out continuously, and also performed specifically when required to deal with unexpected events if the Committee so deems appropriate or at the request of the Board of Directors.
7. Propose to the Board of Directors, for submission to the shareholders at the General Shareholders’ Meeting, the appointment, re-election and removal of the statutory auditor of the Company’s separate financial statements and of the consolidated financial statements of its Group, in accordance with applicable legal provisions and the Statutory Auditor Contracting and Relations Policy.
8. Propose to the Board of Directors the terms for contracting the statutory auditor of the Company’s separate financial statements and of the consolidated financial statements of its Group in accordance with applicable legal provisions and the Statutory Auditor Contracting and Relations Policy, regularly receive therefrom information regarding the audit plan and the results of the implementation thereof, and preserve its independence in the performance of its duties.
9. In relation to the statement of non-financial information: (i) supervise the process of preparing and presenting the non-financial information regarding the Company and its Group; (ii) propose to the Board of Directors the appointment of the independent assurance provider responsible for assurance of the information included therein; and (iii) report to the Sustainable Development Committee on the process of preparing and presenting the statement of non-financial information as well as on the clarity thereof and on the integrity of the content thereof.
10. Supervise the activities of the Internal Audit and Risk Division, which is functionally controlled by the Committee.
11. Authorise in advance the non-audit services that the Company’s audit firm, or the persons or entities connected thereto pursuant to the provisions of the law on auditing of accounts, will provide to companies of the Group, as provided by law.
    
    In order for the Committee to authorise the provision of said services, it must assess whether the audit firm it the most appropriate firm to provide them based on its knowledge and experience, and in this case shall analyse: (i) the nature thereof and the circumstances and context in which it occurs, (ii) the status, position or influence of the provider of the service and other relations thereof with the Company; (iii) the effects thereof; and (iv) whether said services could threaten the independence of the auditor and, if applicable, the establishment of measures eliminating or reducing these threats to a level that does not compromise the independence thereof.
    
    It must also assess the remuneration for non-audit services, individually or as a whole, compared to the remuneration for audit services and the parameters used by the audit firm to determine its own remuneration policy.
12. Establish appropriate relationships with the statutory auditor to receive information regarding matters that might entail a threat to the independence thereof, for examination by the Committee, and any other information related to the development of the audit procedure, as well as such other communications as are provided for in the laws on auditing of accounts and in other legal provisions on statutory auditing.desarrollo de la auditoría de cuentas, así como aquellas otras comunicaciones previstas en la legislación de auditoría de cuentas y en las demás normas de auditoría de cuentas.
    
    In any event, it must receive written confirmation from the statutory auditor on an annual basis of their independence in relation to the Company or entities directly or indirectly related thereto, as well as a detailed breakdown of information on additional services of any kind provided to and the corresponding fees received from such entities by the statutory auditor or persons or entities related thereto, pursuant to the legal provisions governing the auditing of accounts.
13. On an annual basis and prior to the statutory audit report, issue a report setting forth an opinion on whether the independence of the statutory auditor is compromised.
    
    This report shall be made available to the shareholders upon the terms set forth in the Regulations for the General Shareholders’ Meeting and shall contain a reasoned assessment of the provision of each and every one of the additional non-audit services other than statutory audit, considered individually and as a whole, and in relation to the rules on independence or the legal provisions regarding the auditing of accounts.
14. Report in advance to the Board of Directors regarding the financial information that the Company must disclose on a regular basis because of its status as a listed company; making sure that the interim financial statements are prepared in accordance with the same accounting standards as the annual financial statements and, for such purpose, it shall consider the appropriateness of a limited review by the statutory auditor.
15. Report on Related-Party Transactions (as defined in the Regulations of the Board of Directors) prior to the approval thereof by the shareholders acting at a General Shareholders’ Meeting or by the Board of Directors (or in urgent cases by the Executive Committee), without prejudice to the exceptions set out in the Regulations of the Board of Directors.
    
    Any member of the Committee that has a conflict of interest with respect to the Related-Party Transaction to be reported on may not participate in the preparation of the report.
    
    The Committee shall endeavour to ensure that Related-Party Transactions are fair and reasonable from the viewpoint of the Company and, if applicable, of shareholders other than the related party, and may request reports from experts when it so deems appropriate. In addition, it shall ensure that the announcement to be disseminated to the market on a Related-Party Transaction contains the information required by the applicable legal provisions.
    
    A prior report of the Committee shall not be required in the case of Related-Party Transactions for which approval may be delegated pursuant to the provisions of the Regulations of the Board of Directors, although the Committee may participate in the internal reporting and periodic control procedure established by the Board of Directors in relation thereto, in order verify the fairness and transparency of such transactions and, where applicable, compliance with the applicable legal criteria in order to make said delegation.
    
    Within the first six months following the close of each financial year of the Company, the Committee shall prepare an overview of the Related-Party Transactions with respect to which it has issued a report, which shall be made available to the shareholders through the Company’s corporate website on occasion of the call to the ordinary General Shareholders’ Meeting.
    
    The Committee shall also inform the Appointments Committee of Related-Party Transactions that might affect the classification of directors.
16. Report to the Board of Directors, prior to the Board’s decision thereon, regarding the creation or acquisition of interests in special purpose entities or entities domiciled in countries or territories that are considered to be tax havens, as well as regarding any other transactions or operations of a similar nature that, due to the complexity thereof, might diminish the transparency of the Group.
    
    By way of exception to the provisions of the preceding paragraph, if such transactions are carried out by listed country subholding companies of the Group or subsidiaries thereof, the audit committee or equivalent body of such listed country subholding company shall be responsible for issuing the corresponding report.
17. Report on the structural modifications and corporate transactions to be undertaken by the Company, analysing the economic terms and conditions thereof, including if appropriate the exchange ratio as well as the accounting impact thereof. By way of exception, these transactions shall not be subject to a prior report from the Committee if they are carried out by listed country subholding companies of the Group or subsidiaries thereof unless the Company participates therein.
18. Issue such other reports and take such other actions as may also fall within its purview pursuant to the Governance and Sustainability System or as may be requested by the Board of Directors or the chairman thereof.

Article 6. Powers regarding the Internal Audit and Risk Division

The Committee shall have the following main powers in this regard:

1. Ensure the independence and effectiveness of the Internal Audit and Risk Division and that it has sufficient resources and that its members have suitable professional qualifications to carry out its duties most efficiently.
2. Approve the annual activities plan of the Internal Audit and Risk Division, as well as its budget, which shall be sent to the chairman of the Company’s Board of Directors, for submission to the latter for review.
3. Propose to the Board of Directors, for approval thereby, after a report of the Appointments Committee, the appointment and removal of the head of Internal Audit.
4. Evaluate the operation of the Internal Audit and Risk Division and the performance of the director thereof, for which purpose the Committee shall obtain any opinion held by the chairman of the Board of Directors. To this end, the Committee may, if it so deems appropriate, facilitate regular evaluation by an independent third party, which verifies, inter alia, compliance with the requirements of the Global Internal Audit Standards.
   
   The evaluation shall be constructive and shall include an assessment of the level of compliance with targets and with standards for purposes of setting the variable components of the remuneration of the Chief Internal Audit and Risk Officer, in which determination the Committee must also participate.
   
   The conclusions from the assessment made by the Committee must be communicated by the secretary thereof, through the secretary of the Board of Directors, to the Chief Internal Audit and Risk Officer and to the Remuneration Committee, so that they may be properly taken into account when determining the remuneration thereof.

Article 7. Powers regarding the Internal Control and Risk Management Systems

The Committee shall have the following main powers in this regard:

1. Continuously review the internal control and risk management systems, such that the principal risks are properly identified, managed and reported.
2. Supervise the effectiveness of the internal control and risk control and management systems, for which purpose it shall obtain reports from the Internal Audit and Risk Division and from any other person hired for this purpose, in order to reach a sufficient understanding and arrive at a conclusion regarding the trustworthiness and reliability of the systems and, if appropriate, make potential proposals for improvement.
3. Obtain information regarding any significant deficiency in internal control that the statutory auditor detects while carrying out its audit work.
4. Endeavour to ensure that the Group’s risk control and management systems identify at least:
   1. The different types of financial (including contingent liabilities and other off-balance sheet risks) and non-financial (including operational, technological, legal, social, environmental, political and reputational risks, or risks relating to corruption) risks facing the Company and the Group.
   2. The establishment and review of the risk map and levels that the Company deems acceptable.
   3. The measures planned in order to mitigate the impact of identified risks in the event that they materialise.
   4. The information and internal control systems that will be used to monitor and manage the aforementioned risks, including contingent liabilities and other off-balance sheet risks.
5. Maintain appropriate relationships with the audit committees of the other companies of the Group.
6. Promote (within the limits of its powers) a culture in which risk is a factor that is taken into account in all decisions and at all levels within the Company.
7. Confirm, at the request of the Remuneration Committee, that variable remuneration plans include an appropriate assumption of risks.
8. Identify and evaluate emerging risks, like those arising from technological, environmental, social and regulatory changes, as well as reputational risks, including corruption-related risks, as well as existing alert mechanisms, periodically evaluating the effectiveness thereof.
9. Obtain creditable information as to whether the most significant risks are managed, controlled and maintained within the tolerance figures that have been established, and annually evaluate the list of the most significant financial and non-financial risks, as well as the various risk tolerance levels established in the risk guidelines and limits in order to, if appropriate, propose the adjustment thereof based on the information provided by the Company’s management and the Internal Audit and Risk Division.
10. At least annually, call a meeting with each of the heads of the businesses of the Group and of the relevant corporate areas to exercise the powers of the Committee to be informed of the trends of their respective businesses or corporate areas and the related risks, all without prejudice to the corporate and governance structure of the Group, pursuant to which each of the head of business or country companies directly and effectively manages the risks of its businesses.cada una de las sociedades cabecera de los negocios o países gestionar directamente y de forma eficaz los riesgos de sus negocios.
11. Report in advance on those aspects of risk control and management within its purview to be included in the Company’s annual corporate governance report and give notice thereof to the Board of Directors, through the Sustainable Development Committee, for an assessment of its conclusions.
12. Generally ensure that the General Risk Control and Management Foundations of the Iberdrola Group, the guidelines and the systems established with respect to internal control are effectively applied in practice.

Article 8. Powers regarding the Process of Preparing Financial Information

The Committee shall have the following main powers in this regard:

1. Supervise the process of preparation and submission and the quality, clarity, consistency and integrity of the financial information with respect to the Company and its Group, while also ensuring that any interim financial information that may be published and the half-yearly financial reports and statements are prepared in accordance with the same accounting standards as the annual financial reports and, for such purpose, it shall consider the appropriateness of a limited review of the half-yearly financial reports by the statutory auditor.
   
   In particular, based on available sources of internal information (including reports from the Internal Audit and Risk Division, reports from other areas or departments or the analysis and opinion of the Company’s management team itself) and external information (including reports from experts or information received from the statutory auditor), the Committee shall reach its own conclusion as to whether the Company has properly applied the accounting policies.
2. Ensure compliance with legal requirements, the proper delimitation of the scope of consolidation and the correct application of such generally accepted accounting principles and domestic and international financial reporting standards as may be applicable with respect to the regulated financial information relating to the Company and its Group.
3. Evaluate any proposal made by the members of senior management regarding changes in accounting practices.
4. Analyse the reasons why the Company may itemise certain alternative information on returns in its public information instead of the measures directly defined by accounting rules, the extent to which useful information is provided to investors and the level of compliance thereof with best practices and international recommendations in this area.
5. Obtain information on significant adjustments identified by the statutory auditor or that result from revisions made by the Internal Audit and Risk Division and the position of the management team regarding said adjustments.
6. Timely and properly attend to, answer and take into account any requests sent by the National Securities Market Commission (Comisión Nacional del Mercado de Valores), ensuring that the same types of incidents previously identified in said requests are not repeated in the financial statements.
7. Check that the financial information included in the annual and interim financial reports published on the corporate website of the Company is continuously updated and that it coincides with the information that has been prepared by the Board of Directors and published, if appropriate, on the website of the National Securities Market Commission.
   
   If, after reviewing the financial information, the Committee is not satisfied with any aspect, it shall communicate its opinion to the Board of Directors through the secretary thereof and may submit a proposal to the Board of Directors, including, where appropriate, informing the National Securities Market Commission.

Article 9. Powers regarding the Auditing of Accounts

The Committee shall have the following main powers in this regard:

1. Approve, periodically review and ensure compliance with the Statutory Auditor Contracting and Relations Policy.
2. Propose to the Board of Directors, for submission to the shareholders at the General Shareholders’ Meeting, the appointment, re-election or removal of the statutory auditors of the separate financial statements of the Company and of the consolidated financial statements of its Group, taking responsibility for the process followed for the selection thereof, pursuant to the provisions of law and the Statutory Auditor Contracting and Relations Policy.
   
   The Committee shall not submit a proposal to the Board of Directors for appointment of an audit firm as the Company’s statutory auditor if it has evidence that such firm is affected by any circumstance of lack of independence, prohibition or disqualification pursuant to the legal provisions governing the audit of accounts, particularly if the total fees received for the provision of audit and non-audit services provided to the Company and to any other company of the Group by the statutory auditor or audit firm or by a member of its network during each of the last three consecutive financial years represent more than fifteen per cent of the total annual income of the statutory auditor or audit firm and of said network.
3. Propose to the Board of Directors the terms for contracting the statutory auditor in accordance with applicable legal provisions and the Statutory Auditor Contracting and Relations Policy.
4. Guide and propose to the competent governance bodies the appointment, re-election or removal of the statutory auditors of the other companies of the Group, unless they have corporate governance rules similar to those of the Company that assign such duties of guidance and proposal-making to their respective audit committees or similar bodies.
5. Ensure the independence of the statutory auditor and that it is not affected by any circumstances of prohibition or disqualification and, for such purpose:
   1. Verify that the Company and the statutory auditor comply with applicable regulations regarding the provision of non-audit services, the limits on the concentration of the statutory auditor’s business, the rules on professional fees and, in general, all other regulations established in order to ensure the independence of the statutory auditor.
   2. Establish an indicative ceiling on the fees that may be received each year by the statutory auditor for non-audit services.
   3. In the event of resignation of the statutory auditor, examine the circumstances that may have given rise thereto.
   4. On an annual basis and prior to the issuance of the audit report, issue a report in which the Committee shall set forth an opinion on the independence of the statutory auditor.
   5. Ensure compliance with the prohibitions upon completion of the audit work as provided by law.
6. Review the contents of the audit reports on the accounts and of the reports on the limited review of interim financial statements, if any, as well as other mandatory reports to be prepared by the statutory auditor, prior to the issuance thereof, in order to avoid qualified reports.
7. Assess the results of each audit of accounts and supervise the response of the members of senior management to the recommendations made therein.
8. On an annual basis, evaluate the activities performed by the statutory auditor pursuant to the provisions of the Statutory Auditor Contracting and Relations Policy.
9. Ensure that the statutory auditor carrying out the audit of the annual financial statements or of consolidated accounting documents assumes full responsibility for the audit report issued, even when the annual financial statements of the companies in which the Company has an interest have been audited by other statutory auditors.
10. Act as a channel of communication between the Board of Directors and the statutory auditor, causing it to hold an annual meeting with the Board of Directors to report thereto on the work performed and the accounting and risk status of the Company.
11. Ensure that the change in statutory auditor and any potential disputes with the outgoing auditor are disseminated by sending to the National Securities Market Commission (Comisión Nacional del Mercado de Valores) the appropriate notice of inside information or other relevant information.

Article 10. Powers regarding the Process of Preparing the Non-Financial Information

The Committee shall have the following main powers in this regard:

1. Based on available sources of internal information (including reports from the Internal Audit and Risk Division, reports from other areas or departments or the analysis and opinion of the Company’s management team itself) and external information (including reports from experts or information received from the independent assurance provider), supervise the process of preparing and presenting non-financial information, as well as the transparency and integrity of the contents thereof.
2. Report to the Sustainable Development Committee on the process of preparing and presenting the statement of non-financial information, as well as on the clarity and integrity of the content thereof. Said report shall be issued prior to the report that must be issued by the Sustainable Development Committee regarding the aforementioned statement of non-financial information and the preparation thereof by the Board of Directors.
3. Check that the non-financial information included in the annual and interim financial reports published on the corporate website of the Company is continuously updated and that it coincides with the information that has been prepared by the Board of Directors and published, if appropriate, on the website of the National Securities Market Commission (Comisión Nacional del Mercado de Valores).
   
   If, after reviewing the non-financial information, the Committee is not satisfied with any aspect, it shall communicate its opinion to the Board of Directors through the secretary thereof and may submit a proposal to the Board of Directors, including, where appropriate, informing the National Securities Market Commission.

Article 11. Powers regarding the Party Assuring the Statement of Non-Financial Information

The Committee shall have the following main powers in this regard:

1. Propose to the Board of Directors the appointment of the independent assurance provider responsible for assurance of the information contained in the statement of non-financial information.
2. Serve as a channel of communication and monitor the work of assuring the statement of non-financial information by the independent assurance provider, consult therewith regarding the process of preparation and presentation thereof and the clarity and integrity of the content thereof, and report on all of the above to the Sustainable Development Committee.

Article 12. Other Powers Entrusted to the Committee

The Committee shall also have the following powers:

1. Have direct access, in accordance with the provisions of the Regulations of the Compliance Unit, to grievances or reports submitted through the internal reporting channels provided by the Company that might have a material impact on the financial statements or internal control thereof and, if it so deems necessary, propose appropriate actions to reduce the risk of future occurrences thereof. To this end, the Compliance Unit shall inform it of the existence of the aforementioned grievances or reports and shall provide it with any documentation requested in relation to the processing of the case files.
2. Prior to the preparation of the annual financial statements and to the filing of the Corporate Income Tax return, obtain from the Company’s tax director, for transmittal to the Board of Directors, information on the tax practices and guidelines used by the Company during the financial year and on the level of compliance with the Corporate Tax Policy.
3. Based on the information received from the Company’s tax director, report to the Board of Directors on the tax practices and standards applied, and furthermore, in the case of transactions or matters that must be submitted to the Board of Directors for approval, regarding the tax consequences thereof when such consequences represent a significant issue.

TITLE III. COMPOSITION

Article 13. Composition

1. The Committee shall be composed of a minimum of three and a maximum of five directors appointed by the Board of Directors upon a proposal of the Appointments Committee from among the non-executive directors who are not members of the Executive Committee. A majority of the directors who are members of the Committee shall be independent.
2. Within the aforementioned limits, the Committee may submit to the Board of Directors a proposal for amendment of the number of Committee members when it is deemed that such number will contribute to the more efficient operation of the Committee.
3. The Board of Directors and the Appointments Committee shall promote diversity in the composition of the Committee as a whole and shall endeavour to ensure that the members thereof have the expertise, qualifications and experience appropriate for the duties they are called upon to perform, and shall particularly take into account for the appointment thereof their knowledge and experience allowing them to sufficiently understand the various issues relating to financial and non-financial information, as well as the auditing of accounts.
   
   In addition, they shall endeavour to ensure that the members of the Committee collectively have appropriate knowledge and experience in accounting, auditing, financial, internal control and risk management (both financial and non-financial), business and energy sector issues and have an appropriate understanding of information technology and cybersecurity.
   
   This knowledge and experience in accounting and auditing matters, as a whole, shall entail:
   1. an understanding legal provisions on accounting and audit;
   2. the ability to assess and interpret the application of the above rules;
   3. experience in preparing, auditing, reviewing, analysing or evaluating financial statements with a certain level of complexity similar to those of the Company itself, or experience in supervising one or more persons involved in this work; and
   4. understanding of the internal control mechanisms relating to the process of preparing financial and non-financial information.

Article 14. Positions

1. The Board of Directors shall appoint a chair of the Committee from among the independent directors forming part thereof, who must be a director with the required capacity and sufficient availability to provide greater dedication to the Committee than the rest of the members thereof.
2. The Board of Directors shall also appoint a secretary of the Committee, who need not be a director.

Article 15. Duration

1. Members of the Committee shall be appointed for a maximum term of four years, and may be re-elected on one or more occasions for terms of the same length.
2. The chair of the Committee shall hold office for a maximum period of four years, after which period the director who has held office as such may not be re-elected as chair until the passage of at least one year from ceasing to act as such, without prejudice to the continuance or re-election thereof as a member of the Committee.
3. Committee members who are re-elected as directors of the Company by resolution of the shareholders at a General Shareholders’ Meeting shall continue as members and in
   their positions on the Committee, without the need for a new election, unless the Board of Directors resolves otherwise.

Article 16. Cessation of Office

Committee members shall cease to hold office:

1. When they cease to be directors of the Company.
2. When they cease to be non-executive directors, even if they continue as directors of the Company.
3. When they become members of the Executive Committee.
4. When, upon expiry of the term for which they were appointed, a meeting of the Board of Directors has been held and they have not been re-elected.
5. By resolution of the Board of Directors.

TITLE IV. TRAINING

Article 17. Orientation Programme

In order for new members of the Committee to be able to actively perform their duties as from their appointment, the Orientation Programme provided for in the Regulations of the Board of Directors shall be made available to them on the directors’ website.

Article 18. Training Programme

The Committee shall have a periodic training plan that ensures the updating of knowledge relating to its purview, and particularly in relation to new developments in accounting rules, the specific regulatory framework of the businesses of the Group’s companies, the processes for preparing financial and non-financial information, internal and external audit, the assurance of non-financial information, the management and supervision of risks, internal control, cybersecurity, and technological advances relevant to the Company.

TITLE V. OPERATION

Article 19. Annual Work Plan and Budget

1. Before the beginning of each financial year, the Committee shall approve an annual work plan that contemplates at least the following aspects:
   1. The specific goals established for the financial year relating to each of the powers of the Committee, especially those that might be new or relate to significant issues.
   2. Issues that should be dealt with on a recurring or one-time basis during the financial year.
   3. The planning of the training deemed appropriate for the proper performance of the duties thereof.
2. This planning shall take into account that the members of the Committee have responsibilities, mainly of supervision and advice, and should not intervene in the performance or management of matters within the authority of the Company’s management.
3. If the Board of Directors so deems appropriate, it may adopt an annual budget that can be made available to the Committee.

Article 20. Schedule and Meetings

1. Once the annual meeting schedule of the Board of Directors has been approved, the chair and the secretary of the Committee shall prepare, within the first month of the financial year, a proposed annual schedule for the meetings of the Committee, ensuring that there are at least four meetings per year and that they are held on days prior to the meetings of the Board of Directors.
2. Preparation of the proposed schedule must consider the time to be devoted to the various duties of the Committee and must take into account the meeting schedule of the Board of Directors and the date for holding the General Shareholders’ Meeting, in order to prepare any reports or proposals to be submitted regarding the matters to be dealt with, as well as the report on the activities of the Committee referred to in Article 31 below.
3. The proposed schedule shall include the tentative agendas and any appearances that may be deemed necessary. This proposal shall systematically reflect the tentative agenda for the meetings, planning fixed sections for issues that are dealt with on a recurring basis, and other sections for issues that are only dealt with at particular meetings. Generally, risk supervision shall be included in the agenda for the Committee’s meetings, so that an analysis can be made throughout the year of all significant risks, including emerging risks, both financial and non-financial, the latter relating to aspects such as tax, cybersecurity, personal data protection, regulatory compliance, reputation, technology and the cyber- resilience capacity of the Group.
4. The secretary of the Committee shall send the proposed schedule to the secretary of the Board of Directors for validation and subsequent preparation of the meeting schedule of the corporate decision-making bodies, pursuant to the provisions of Article 29.7 of the Regulations of the Board of Directors. Once the proposed schedule is validated by the Office of the Secretary of the Board of Directors, the Committee shall approve the annual meeting schedule.
5. Where appropriate, the meeting schedule shall be supplemented with the scheduling of preparatory work sessions or meetings on specific issues.
6. The secretary of the Committee must notify the Secretary of the Board of Directors, for validation thereby, of any change in the dates, the items to be discussed or the appearances to be requested with respect to the annual plan for meetings of the Committee from time to time in effect.
7. The Committee shall meet upon the occasion of each date of approval of annual or interim financial information. Said meetings shall be attended by the Chief Internal Audit and Risk Officer and also by the statutory auditor when it issues a review report. At least a portion of said meetings with the statutory auditor shall take place without the presence of the Company’s management team, so that the members can discuss among themselves specific issues that arise during the reviews.
8. Without prejudice to the provisions of the preceding sections, the Committee shall meet as many times as the chair thereof deems is necessary to exercise the powers entrusted thereto, as well as when requested by at least two of its members. Prior to sending a call to a meeting not provided for in the meeting schedule of the corporate decision-making bodies, the secretary of the Committee shall send to the secretary of the Board of Directors for validation the date, agenda and any appearances that may be deemed necessary.
9. The chairman of the Board of Directors and the chief executive officer may request informational meetings with the Committee on an exceptional basis.

Article 21. Call to Meeting

1. The secretary of the Committee shall, by order of the chair thereof, call the Committee to meeting at least eight days in advance thereof, except in the case of urgent meetings.
2. The call to meeting shall be carried out by any means allowing for receipt thereof and shall include the agenda for the meeting and the documentation expected to be made available to the members of the Committee, which shall first be reviewed by the Office of the Secretary of the Board of Directors to ensure the consistency thereof with the meeting schedule of the corporate decision-making bodies and the Governance and Sustainability System.
3. No prior call to a meeting of the Committee shall be required when all of its members are present and unanimously agree to the holding of the meeting and to the items of the agenda to be dealt with.

Article 22. Place of the Meeting

1. Meetings of the Committee shall be held in person at the place designated in the call to meeting.
2. If so decided by the chair of the Committee on an exceptional basis, a meeting may be called to be held at several connected places or on-line by using remote communication systems that permit the recognition and identification of the attendees, permanent communication among them and participation in discussion and the casting of votes, all in real time, which meeting shall be deemed to be held at the registered office. The members of the Committee in attendance at any of such interconnected places shall be deemed to have attended the same meeting of the Committee for all purposes.

Article 23. Establishment of a Quorum

1. A valid quorum for Committee meetings shall be established with the attendance, in person or by proxy, of a majority of its members.
2. The chair of the Committee shall preside over the meeting. In the event of the vacancy, illness, incapacity or absence of the chair of the Committee, the meeting shall be chaired by the director having the longest length of service on the Committee, and if equal lengths of service, by the oldest.
3. The secretary of the Committee shall act as secretary for the meeting. In the event of vacancy, illness, incapacity or absence of the secretary of the Committee, the person appointed by the Committee for such purpose shall act as secretary.
4. Committee members may give a proxy to another member by communication using any of the means showing the receipt thereof, addressed to the secretary of the Committee and including the terms on which the proxy is given. However, they may not give a proxy in connection with matters affecting them personally or regarding which they are involved in any conflict of interest situation.
5. On an exceptional basis, based on the circumstances in each case, the chair of the Committee may authorise the attendance at the meeting of one or more members by using remote connection systems that permit the recognition and identification thereof, permanent communication with the place where the meeting is held, and their participation therein and the casting of votes, all in real time. Members connected remotely shall be deemed for all purposes to have attended the meeting of the Committee.

Article 24. Resolutions

1. Resolutions of the Committee shall be adopted by an absolute majority of the votes of the members present at the meeting in person or by proxy. In the event of a tie, the chair of the Committee shall have the tie-breaking vote.
2. All resolutions adopted shall be recorded in minutes signed by the chair and the secretary of the Committee or by the persons acting in their stead. They shall be approved at the same meeting or at the meeting held immediately thereafter, shall be made available to all of the directors and shall be entered in a book of minutes of the Committee.

Article 25. Conflicts of Interest

When matters to be dealt with at a meeting of the Committee directly affect one of its members or persons related thereto and, in general, when such member is subject to a conflict of interest situation (upon the terms established in the Regulations of the Board of Directors), including a conflict relating to Related-Party Transactions (as such term is defined in the Regulations of the Board of Directors), such member must leave the meeting until a decision is made, and such member shall be subtracted from the number of Committee members for purposes of calculating the quorum and majorities with respect to the matter at hand.

Article 26. Attendance of Guests

1. Any director of the Company may be asked to attend the meetings of the Committee at the request of the chair of the Committee, addressed for such purpose to the chairman of the Board of Directors.
2. In addition, the chair of the Committee may make a reasoned request to the chairman of the Board of Directors, through the secretary thereof, for the attendance at meetings of the Committee of any member of management or professional of the Company and of the other companies of the Group or a director thereof, as well as of any member of the management decision-making bodies of the companies in which they have an interest whose appointment has been proposed by the Company, provided that there is no legal impediment thereto.
3. In order to organise appearances in the most effective way, the chair of the Committee should consider the issues to be dealt with at each meeting, the schedule of meetings, and the various responsibilities of the persons whose appearance is requested.
4. Persons who are not members of the Committee may not attend meetings thereof when the matters dealt with are outside the scope of the powers or duties of such persons.
5. The Committee, through its chair, may request the presence at its meetings of both the Company’s statutory auditor as well as the statutory auditor of any company within the Group, provided that there is no legal impediment thereto. The Company’s statutory auditor shall not attend the decision-making portion of the Committee’s meetings.
6. The presence of members of management, professionals or other directors, whether executive or not, as well as third parties, at meetings of the Committee shall be on an occasional basis and only when required, after an invitation from the chair of the Committee, shall be strictly limited to those items on the agenda for which they are called, and they shall not attend the decision-making portion of the Committee’s meetings except in specific cases for which sufficient justification shall be recorded in the minutes of the meeting. The secretary shall record the entries and exits of guests at meetings in the minutes.
7. Efforts shall be made to concentrate and reduce the number of annual appearances at the Committee by the same guest, to the extent possible.
8. The chair of the Committee may authorise the remote attendance of guests using the communication systems described in Article 23.5 above, if the chair so deems appropriate.

Article 27. Evaluation

1. Within the framework of the annual evaluation provided for in the Regulations of the Board of Directors, the Committee shall coordinate the evaluation of the Committee’s performance in order to strengthen the operation thereof, for which purpose it shall ask the opinion of directors who are not members of the Committee.
2. The Committee shall implement the measures formulated by the Board of Directors based on the results of the evaluation of the Committee, which may take the form of a plan for continuous improvement of its operation, recommendations or an action plan for the correction of any deficiencies that have been identified.
3. In the interest of greater transparency, the report referred to in Article 31 below shall state the extent to which the evaluation has caused significant changes in the organisation and procedures of the Committee.

TITLE VI. COMMITTEE ADVICE AND PARTICIPATION, RIGHT TO INFORMATION AND DUTIES OF COMMITTEE MEMBERS

Article 28. Advice

1. The Committee may, through the secretary of the Board of Directors, freely access any information or documents available at the Company relating to the matters that are within the Committee’s area of authority and that it deems necessary to perform its duties.
2. The Committee may also seek, at the Company’s expense, cooperation or advice from outside professionals, which, once approved, shall be reported to the secretary of the Board of Directors. The Committee shall sufficiently evaluate the independence of such advisor and shall ensure that potential conflicts of interest do not prejudice the independence of the outside advice received. Outside professionals must address their reports directly to the chair of the Committee. The rules set out in Article 26 above shall apply to the attendance of outside professionals at meetings of the Committee, to the extent applicable.

Article 29. Participation and Right To Information of the Members of the Committee

1. In order to promote a diversity of opinions that enriches the analysis and proposals of the Committee, the chair of the Committee shall ensure that all of the members freely participate in the deliberations, without being affected by internal or third-party pressures, and shall encourage constructive dialogue among them, promoting free expression and a critical attitude, for which purpose the Board of Directors and the Appointments Committee shall endeavour to ensure that the chair of the Committee has sufficient leadership skills and appropriate communication abilities.
2. To properly carry out the powers of the Committee, the chair thereof shall promote the establishment of an effective and regular two-way channel of communication (which shall also involve the other members of the Committee to the extent deemed appropriate) with the management team, with the Internal Audit and Risk Division and with the statutory auditor upon the terms provided in Title VII of these Regulations.
3. The chair of the Committee, in collaboration with the secretary of the Committee, shall channel and provide the information and documentation required to the other members of the Committee sufficiently in advance of each meeting so that they can properly analyse it and prepare for the meeting.

Article 30. Duties of Committee Members

1. Committee members must act with independence of judgement and action with respect to the rest of the organisation and perform their work with the utmost diligence and professional competence. In particular, attendance at meetings of the Committee shall be preceded by the sufficient dedication of its members to analyse and evaluate the information received.
2. In exercising their powers, the members of the Committee shall comply with the provisions of these Regulations and applicable law on professional scepticism and critical attitude regarding the conclusions reached by the executive directors and members of the Company’s management team and other persons outside of the Committee, acknowledging the arguments for and against, and with each of the members, and the Committee as a whole, forming their and its own position.
3.  Committee members are subject as such to all of the duties of a director set forth in the Regulations of the Board of Directors, to the extent they are applicable to the responsibilities discharged by the Committee.

TITLE VII. RELATIONSHIPS

Article 31. Relations with the Shareholders at the General Shareholders’ Meeting

1. The Committee shall report to the shareholders at the General Shareholders’ Meeting with respect to the matters raised therein by the shareholders on matters within its purview, and particularly those indicated in paragraph d) of Article 5 above.
2. Pursuant to the provisions of the Regulations of the Board of Directors, the Activities Report of the Board of Directors and of the Committees thereof, which shall include information regarding the operation and the activities of the Committee during the preceding financial year, shall be made available to the shareholders and the other Stakeholders for purposes of the call to the ordinary General Shareholders’ Meeting.
3. In particular, the section of the Activities Report of the Board of Directors and of the Committees thereof regarding the Committee must allow the shareholders and other interested parties to understand the activities performed by the Committee during the financial year in question, for which reason the publication must contain at least the following aspects:
   1. Description of the most significant aspects of the regulation to which the Committee is subject.
   2. Composition of the Committee during the financial year, including the classification and seniority of each of the members thereof, as well as the significant abilities in terms of knowledge and experience contributed by each member.
   3. The standards used to determine and the rationale explaining the composition of the Committee, particularly in relation to the appointment of members who are not independent directors.
   4. Meetings held during the financial year and number of attendees, including whether non- members of the Committee have been invited, indicating, if appropriate, the number of meetings that such persons have attended.
   5. Number of meetings held with the internal auditor and with the external auditor, and at how many meetings, or at what times thereof, neither members of management nor executive directors were present.
   6. Duties, work performed in practice and significant activities during the period (reporting those that have been performed with the assistance of external experts), describing any change therein during the financial year and referring specifically to the regulation governing them, relating to:
      1. financial and related non-financial information and the mechanisms associated with internal control;
      2. risk management and control, both financial and non-financial;
      3. the Internal Audit and Risk Division;
      4. the statutory auditor;
      5. internal reporting channels;
      6. follow-up on the action plans of the Committee; and
      7. the nature and scope of any communications with the regulators.
   7. Evaluation of the operation and performance of the Committee, as well as of the methods used to assess the effectiveness thereof and whether there has been any significant change during the financial year as a result thereof.
   8. Information regarding the Committee’s opinion on the independence of the statutory auditor.
   9. Independence and conflicts of interest of external advisors, experts and consultants and the services provided thereby and the remuneration thereof.
   10. Information regarding which domestic or international practical guides on audit committees are being followed, if any, and to what extent.
   11. Significant deviations from the procedures adopted or improprieties of which the Board of Directors has been notified in writing in areas within the purview of the Committee.

Article 32. Relations with the Board of Directors

The chair of the Committee shall inform the Board of Directors, at the next meeting thereof following the meetings of the Committee, of the matters dealt with and the resolutions adopted during its meetings.

Article 33. Relations with the Internal Audit and Risk Division

1. Pursuant to the provisions of these Regulations, the Committee’s relations with the Internal Audit and Risk Division shall respect the independence thereof.
2. The Committee shall ensure that the members of the Internal Audit and Risk Division have access to the documentation and to the staff necessary for the performance of their duties in accordance with the Governance and Sustainability System and that the information required for the performance of their duties and the appropriate technical tools are provided to them without any impediment.
3. The Committee shall ensure that the profiles of the members of the internal audit function are appropriate and that they have professional qualifications that are widely recognised in the market, and that the Internal Audit and Risk Division is able to carry out its work objectively and independently.
4. The Committee shall ensure that the Internal Audit and Risk Division has the necessary human, financial and technological resources, including the hiring or participation of experts for audits or work requiring special qualifications for the performance thereof.
5. The Committee shall guide the activities of the Internal Audit and Risk Division, ensuring that it exercises its powers proactively and that its activities are mainly focused on significant risks to the Company and the other companies of the Group, gathering periodic information regarding the activities it carries out.
6. It shall monitor the annual activities plan of the Internal Audit and Risk Division to verify at least the following:
   1. That significant incidents and changes that occur during the implementation thereof are reported.
   2. In relation to internal audit functions:
      1. That the conclusions reached by Internal Audit are appropriate, that the action plans contained in the various reports are being implemented as agreed and within the timetable provided, and that the Committee is timely informed regarding the progress thereof.
      2. That the members of senior management take into account the conclusions and recommendations contained in the reports of Internal Audit.
      3. That any differences that may have arisen with the Company’s senior management have been resolved, or otherwise have been submitted for the consideration of the Committee.
      4. That the conclusions of its reports, prepared on the basis of the annual activities plan or other specific requests that may have been made or approved by the Committee, are submitted within the established periods or with the established frequency. Said conclusions must include both the weaknesses or irregularities detected and the action plans for resolving them and monitoring the implementation thereof.
      5. That there is sent to the Committee for acknowledgement an annual activities report that must contain at least a summary of the internal audit activities performed and reports issued during the financial year, explaining what work provided for in the annual plan has not been carried or performed without being provided for in the initial plan, and shall include an inventory of the weaknesses, recommendations and action plans.
   3. In relation to risk functions:
      1. That there is compliance with the risk strategy of the Company and its Group and that it covers the most significant risks.
      2. That the risk control and management systems operate effectively and properly identify, manage, mitigate and quantify the main risks (financial and non-financial) and they are maintained within pre-determined tolerance figures.
      3. That taking into account the provisions of the General Risk Control and Management Foundations of the Iberdrola Group, there is proper coordination with other functions vested with powers regarding the management, supervision and assurance of risks.
7. The Chief Internal Audit and Risk Officer shall have direct and effective access to the Committee.
8. The Internal Audit and Risk Division shall be the customary body for communication between the Committee and the rest of the Company’s organisation (without prejudice to the provisions of these Regulations and the Regulations of the Board of Directors regarding the duties entrusted to other areas, and particularly to the Office of the Secretary of the Board of Directors), and it shall be the division responsible for preparing the information requested by the Committee within the purview of such division.
9. The Committee, through its chair, may request the presence of the Chief Internal Audit and Risk Officer during certain portions of the Committee meetings at which aspects that are related to the scope of its powers are discussed, all in accordance with the provisions of Article 26 above.
10. The chairman of the Board of Directors, based on the proposal made by the Committee, shall propose to the Board of Directors the approval of a basic regulation on internal audit governing, among other aspects, the nature, powers, organisation and duties of the members of the Company’s Internal Audit function.
11. For the performance of the duties assigned to the Committee in these Regulations in connection with the Internal Audit and Risk Division, the Company’s Chief Internal Audit and Risk Officer shall establish the appropriate framework of relations of coordination and information with the internal audit areas or divisions of the other companies of the Group.

Article 34. Relations with the Statutory Auditor

1. The Committee’s relations with the Company’s statutory auditor shall respect the independence thereof, in accordance with the provisions of these Regulations.
2. The Committee shall regularly gather from the statutory auditor information regarding the audit plan and the results of the implementation thereof, shall follow up on all recommendations proposed by the statutory auditor, and may require its cooperation whenever it deems it necessary.
3. The Committee shall request of the statutory auditor, on an annual basis, a certificate of independence of the firm as a whole and of the team members participating in the process of auditing the annual financial statements of the Group’s companies, as well as information regarding non-audit services of any kind provided by the statutory auditor or by persons related thereto pursuant to the provisions of the applicable laws on auditing of accounts. In addition, the statutory auditor shall include in the annual certification that it sends to the Committee a statement in which it reports on compliance with the application of the internal procedures of quality assurance and protection of independence that have been implemented.
4. The Committee must authorise any hiring of the Company’s statutory auditor for any non- audit services prior to the approval thereof by the relevant body.
5. The Committee shall receive information on the hiring by companies of the Group of professionals coming from any of the Group’s audit firms.

Article 36. Relations with the Audit Committees of other Companies of the Group

1. The relationships of the Committee with the audit committees of other companies of the Group shall be governed by the provisions of the General Framework for Relations of Coordination and Information among the Audit Committees of Iberdrola, S.A. and its Group approved by the Board of Directors, upon a proposal of the Committee.
2. This coordination and information relationship shall be channelled through the chairs of the audit committees of the Company and of the relevant company belonging to the Group, with the purpose of informing the Committee of the matters handled by such committees that might have a potentially significant impact on the Group.
3. The audit committees established at other companies of the Group must have their own regulations defining the principles of conduct and the rules of internal operation thereof, and whose scope, in compliance with the level of guarantees required by the Company’s Governance and Sustainability System as well as with the principles of coordination and information that must govern the relationships among the audit committees of companies established at companies of the Group for the proper discharge of their duties, must be in agreement with the contents of these Regulations, without prejudice to any amendments that may be required taking into account the circumstances of each company.
4. Any information from or appearance by any member of management, professional or director of any company belonging to the Group with an audit committee that is requested by the Committee in the performance of its duties shall be processed and carried out through the audit committee of the affected company, whose chair shall report directly to the chair of the Committee in accordance with the provisions of Article 26 above.
5. The audit committees established at other companies of the Group shall ensure the independence and effectiveness of their respective internal audit areas or divisions.