Xinlun New Materials Co.Ltd(002341)
Compliance management system
Chapter I General Provisions
Article 1 in order to strengthen the compliance management of Xinlun New Materials Co.Ltd(002341) (hereinafter referred to as “the company”), establish and improve the company’s compliance management system, cultivate compliance culture, improve the level of compliance operation and management, effectively prevent compliance risks, and provide continuous guarantee for the realization of the company’s vision, This system is formulated in accordance with the company law of the people’s Republic of China, the securities law of the people’s Republic of China, the Xinlun New Materials Co.Ltd(002341) articles of association and other relevant laws, regulations and normative documents, and in combination with the actual situation of the company.
Article 2 the term “compliance” as mentioned in this system refers to that the operation and management behavior of the company and its employees comply with the requirements of laws and regulations, regulatory provisions, industry standards, articles of association, internal rules and regulations, international treaties and rules (hereinafter referred to as laws, regulations and rules).
The “compliance risk” mentioned in this system refers to the possibility that the operation and management behavior of the company and its employees will be subject to administrative or criminal punishment, economic or reputation loss and other negative effects due to violation of laws, regulations and rules.
The “compliance management” mentioned in this system refers to the organized and planned management activities, including system formulation, risk identification, compliance review, risk response, accountability, assessment and evaluation, compliance training and so on, aiming at the effective prevention and control of compliance risks and taking the operation and management behaviors of the company, subsidiaries and their employees as the object.
Article 3 the company shall carry out compliance management in accordance with the following principles:
(I) comprehensive coverage and focus. Compliance management shall cover all business lines, departments, subsidiaries and all employees of the company, and run through the whole process of decision-making, implementation, supervision and response. While fully covering, strengthen the compliance management of key areas, key links, key posts and key personnel.
(II) active compliance and collaborative cooperation. The company, subsidiaries and all employees shall actively abide by the compliance management system at work and actively seek compliance support when finding compliance risks. The company shall promote the coordination and connection between compliance management and legal risk prevention, audit, internal control, risk management and other work, so as to ensure the effective operation of compliance management system.
(III) objective independence and strengthened responsibility. The compliance management committee and its subordinate compliance management department shall independently perform compliance management responsibilities and objectively evaluate and deal with the behavior of the company and employees in strict accordance with laws, regulations and rules. The company shall establish a compliance responsibility system for all employees, clarify the compliance responsibilities of managers and employees at all posts, and supervise the effective implementation.
Chapter II compliance management responsibilities
Article 4 all employees of the company shall strictly abide by the compliance management policies and systems, actively identify, report and control the compliance risks in their daily work, and ensure compliance performance.
Article 5 the company shall establish a compliance management organization system with clear rights and responsibilities, and implement compliance management responsibilities through decision-making, supervision, management and implementation. Of which:
(I) the decision-making level refers to the board of directors;
(II) supervisory layer refers to the board of supervisors;
(III) management refers to the compliance management committee;
(IV) executive level refers to the compliance director, the compliance management department and other relevant personnel who need to perform compliance responsibilities.
Article 6 the compliance management responsibilities of the board of directors mainly include:
(I) approve the strategic plan of enterprise compliance management and the basic system of compliance;
(II) promote the improvement of compliance management system;
(III) decide on the establishment and functions of the compliance management committee;
(IV) decide on major matters related to compliance management.
Article 7 the compliance management responsibilities of the board of supervisors mainly include:
(I) supervise the compliance of the decision-making and process of the board of directors;
(II) supervise the performance of compliance management responsibilities by directors and senior managers of the company;
(III) propose to dismiss the directors and senior managers who are mainly responsible for causing major compliance risks;
(IV) other compliance management responsibilities specified in the company’s rules and regulations.
Article 8 the company establishes a compliance management committee to coordinate the company’s compliance management. The compliance management committee performs the following compliance management responsibilities:
(I) formulate and implement the company’s compliance policies and systems, and establish and improve the compliance management system; (II) appoint and remove the compliance director, determine the establishment and functions of the compliance management department, and ensure the independence of the compliance director and the compliance management department;
(III) listen to reports on compliance management and major compliance matters, and guide, supervise and evaluate compliance management;
(IV) advocating and cultivating the company’s compliance culture;
(V) decide on the treatment of serious violators;
(VI) be responsible for other compliance management matters related to the functions of the Committee.
Article 9 the compliance director shall maintain independence and mainly perform the following compliance management responsibilities:
(I) lead the formulation of annual compliance management work plan, compliance management expense budget and staffing plan;
(II) organize, guide and urge the compliance management department to perform compliance responsibilities, and coordinate the appointment, removal, salary, rewards and punishment of compliance management personnel;
(III) supervise the compliance of the company’s internal management system and business rules, participate in major decisions and put forward compliance opinions;
(IV) check the compliance status of the company, investigate, deal with and transfer violations in accordance with the division of responsibilities and procedures;
(V) report major compliance management matters to the board of directors and the compliance management committee.
Article 10 the compliance management committee has a compliance management department, which independently performs the following duties:
(I) draft compliance management plan and basic system and promote their implementation;
(II) organize compliance risk identification and early warning, organize the establishment of compliance risk database, and participate in compliance review and risk response of major events of the enterprise;
(III) organize or participate in compliance inspection, violation accountability and compliance assessment, evaluate the compliance of systems and processes, and urge the rectification and continuous improvement of violations;
(IV) provide daily compliance advice and consultation for all departments and subsidiaries of the company, and assist employees of the company to accurately understand relevant laws, regulations and rules;
(V) organize compliance training, compliance publicity and implementation and other activities to promote the company to establish a compliance culture;
(VI) other compliance management responsibilities specified in the company’s rules and regulations.
Article 11 the compliance management department shall set up a compliance inspection team to independently perform the following duties:
(I) carry out compliance inspection and investigation and issue relevant reports;
(II) dispose, rectify and inspect the risks found in the audit process;
(III) receive the compliance report information of employees, formulate the investigation plan, carry out the investigation and issue the investigation report;
(IV) put forward handling opinions for the responsible department or person of the violation or event.
Article 12 all departments and subsidiaries of the company shall set up compliance liaison officers. The company shall provide professional training for compliance liaison officers to improve their compliance management performance ability. The main responsibilities of the compliance liaison officer include:
(I) be responsible for reporting compliance work to the competent leader or compliance director;
(II) be responsible for or assist in organizing, promoting and supervising the compliance work of the Department and subsidiary;
(III) be responsible for or assist in organizing the review of compliance risks in business and promoting rectification;
(IV) assist in handling violations of its department or subsidiary;
(V) perform other compliance duties arranged by the company.
Article 13 all departments and subsidiaries of the company shall be primarily responsible for compliance management matters in this field. The content of compliance management mainly includes:
(I) implement the company’s relevant compliance management rules, regulations and policies to ensure the effective implementation of compliance requirements;
(II) strengthen the compliance risk management concept of “business must comply”, identify, evaluate and respond to compliance risks involved in business areas, and be responsible for compliance review of daily work in business areas;
(III) accept, assist and cooperate with compliance inspection, and complete compliance summary and plan as required;
(IV) organize professional compliance training in business field;
(V) investigate and analyze the compliance risks inquired and prompted, and feed back the results in time;
(VI) cooperate to complete other compliance management work of the company.
Chapter III compliance management and operation
Article 14 the company shall continue to pay attention to the current situation of compliance risk, continuously improve the compliance management system, determine the key areas, key links and key posts of compliance management according to the operation and management, formulate special compliance management policies for high-risk matters, and timely update the compliance requirements according to the changes of laws, regulations and rules and regulatory dynamics.
Article 15 the company shall issue compliance behavior guidelines, embed compliance requirements into business processes, and urge employees to comply with them.
Article 16 the company shall establish necessary mechanisms and processes to identify compliance requirements, analyze the gap between business status and compliance requirements and the possible causes of violations, evaluate the possibility of risks and the severity of consequences, and determine the priority of compliance risk management in combination with business development strategy, market environment and risk tolerance.
Article 17 the company shall establish a compliance risk early warning mechanism, timely release early warning information and formulate emergency plans according to its own risk situation and business reality. The compliance risk emergency plan shall specify the composition, handling process, communication mechanism, emergency measures and resource allocation guarantee of the emergency working group.
Article 18 the company shall establish and improve the compliance risk response mechanism, select response strategies, evaluate the response status, formulate and implement response plans, ensure that timely and appropriate control and disposal measures are taken for all kinds of compliance risks identified and evaluated, and control the compliance risks within an acceptable range.
Article 19 the company shall supervise the implementation process of the compliance risk response plan, check the implementation progress, make necessary adjustments in time to ensure the implementation of the plan, regularly summarize and analyze the compliance risk response, and evaluate the implementation effect of the response plan.
Article 20 the company shall establish a compliance risk database, continuously pay attention to the business development and the changes of laws, regulations and rules, take the business process as the main line and risk control as the guidance, clarify the internal and external compliance requirements, risk causes, risk events, risk levels, responsible departments, control measures, etc., and dynamically adjust the compliance risk database, Continuously improve compliance risk management.
Article 21 the company shall strengthen the compliance control of key areas and key links, and take the compliance review as a necessary procedure for formulating rules and regulations, making major decisions, signing important contracts, operating major projects and other operation and management behaviors.
Article 22 the company shall establish and improve the reporting and investigation mechanism according to the regulatory requirements and the actual business situation, and receive reports and complaints from employees, customers or third parties through hotlines, mailboxes and other forms. The company shall fully protect the informants, provide anonymous reporting methods, and prohibit retaliation.
Article 23 the company shall formulate investigation plan, carry out violation investigation and output investigation report according to the received reporting clues and found violation clues.
Article 24 the company shall establish a comprehensive and effective accountability system for violations, clarify the violations, refine the punishment standards, and strictly identify and investigate the direct responsible persons and management responsible persons who violate the compliance requirements or fail to fulfill the compliance obligations; If the case constitutes a crime, it shall be transferred to the judicial organ for handling according to law.
Article 25 the company shall establish a compliance inspection mechanism to check whether the compliance system is perfect, whether the implementation of the system is in place, and whether the operation of the compliance management system is effective.
Chapter IV compliance management guarantee
Article 26 the company shall determine the compliance evaluation indicators and formulate the compliance evaluation scheme, incorporate the compliance management work and the compliance risk management level into the annual comprehensive evaluation of the heads of departments and subsidiaries, other directly responsible persons and personnel in key risk positions, and take the compliance evaluation results as an important basis for performance evaluation, promotion and appointment, evaluation and selection of excellence, etc.
Article 27 the company shall establish and improve the internal compliance communication mechanism to ensure that all departments, subsidiaries and all employees realize timely and effective communication on compliance matters.
Article 28 the company shall strengthen the informatization construction of compliance management, improve the compliance management process through informatization means, and realize the digitization of the record, storage and analysis of compliance management process.
Article 29 the company shall formulate a code of business conduct, uphold a zero tolerance attitude towards violations, establish a bridge of integrity and compliance with business partners, employees and competitors, and establish a good compliance image.
Article 30 the company shall take the compliance culture as an important part of the company’s culture, establish an institutionalized and normalized compliance training mechanism, actively carry out compliance publicity and implementation activities, improve the compliance awareness and ability of all employees, establish the values of integrity and compliance, and lay a solid ideological foundation for compliance operation and management.
Chapter V supplementary provisions
Article 31 the system shall be interpreted and revised by the compliance management committee of the company.
Article 32 in case of any matter not covered in this system or any conflict between the laws, regulations, administrative rules and normative documents promulgated or modified after the system comes into force and this system, the provisions of laws, regulations, administrative rules and normative documents shall prevail.
Article 33 the system shall come into force from the date of deliberation and approval by the board of directors of the company.