Thunder Software Technology Co.Ltd(300496)
Of internal control self-evaluation report
Review and evaluation opinions
Ya Hui He Zi (2022) No. 0110003
Asia Pacific (Group) Certified Public Accountants (special general partnership)
March 3, 2002
catalogue
Review and evaluation opinions of internal control self-evaluation report 1
Self evaluation report on internal control related to financial statements as of December 31, 2021 3
Review and evaluation opinions of internal control self-evaluation report
Yahui He Zi (2022) No. 0110003 Thunder Software Technology Co.Ltd(300496) all shareholders:
We have accepted the entrustment to verify the confirmation of the board of directors of Thunder Software Technology Co.Ltd(300496) (hereinafter referred to as Thunder Software Technology Co.Ltd(300496) company) on the effectiveness of internal control related to financial statements on December 31, 2021 The responsibility of the board of directors of Thunder Software Technology Co.Ltd(300496) company is to establish and improve internal control and maintain its effectiveness in accordance with the basic norms of enterprise internal control, and ensure that the attached self-evaluation report on internal control of Thunder Software Technology Co.Ltd(300496) company in 2021 truly and completely reflects the internal control related to the financial statements of Thunder Software Technology Co.Ltd(300496) company on December 31, 2021. Our responsibility is to express opinions on the effectiveness of internal control related to financial statements of Thunder Software Technology Co.Ltd(300496) company on December 31, 2021. We have carried out the assurance work in accordance with the provisions of other assurance business standards for Chinese certified public accountants No. 3101 – assurance business other than audit or review of historical financial information. In the process of assurance, we have implemented other procedures including understanding, testing and evaluating the rationality of internal control design and effectiveness of implementation related to financial statements, as well as other procedures we deem necessary. We believe that our assurance provides a reasonable basis for expressing opinions. Internal control has inherent limitations, and there is the possibility that misstatement may occur and not be found due to error or fraud. In addition, as changes in circumstances may lead to inappropriate internal control or reduce the degree of compliance with control policies and procedures, it is risky to speculate the effectiveness of internal control in the future according to the internal control assurance results.
We believe that Thunder Software Technology Co.Ltd(300496) company has effectively maintained the internal control related to financial statements established in accordance with the basic norms of enterprise internal control in all major aspects on December 31, 2021.
This assurance report is only used by Thunder Software Technology Co.Ltd(300496) company when disclosing the annual report, and shall not be used for any other purpose. China Certified Public Accountants of Asia Pacific (Group) certified public accountants:
(special general partnership) (project partner)
Chinese certified public accountant:
Beijing, China March 3, 2002
Thunder Software Technology Co.Ltd(300496)
Self evaluation report on internal control in 2021
Thunder Software Technology Co.Ltd(300496) all shareholders:
According to the provisions of the basic norms of enterprise internal control and its supporting guidelines and other internal control supervision requirements (hereinafter referred to as the enterprise internal control standard system), combined with the internal control system and evaluation methods of Thunder Software Technology Co.Ltd(300496) (hereinafter referred to as the company), on the basis of daily supervision and special supervision of internal control, Evaluated the effectiveness of the company’s internal control on December 31, 2021 (benchmark date of internal control self-evaluation report).
1、 Important statement
It is the responsibility of the board of directors of the company to establish, improve and effectively implement internal control, evaluate its effectiveness, and truthfully disclose the internal control self-evaluation report in accordance with the provisions of the enterprise’s internal control standard system. The board of supervisors supervises the establishment and implementation of internal control by the board of directors, and the management is responsible for organizing and leading the daily operation of the enterprise’s internal control. The board of directors, the board of supervisors and the directors, supervisors and senior managers of the company guarantee that there are no false records, misleading statements or major omissions in the contents of this report, and bear individual and joint legal liabilities for the authenticity, accuracy and completeness of the contents of the report.
The objective of the company’s internal control is to reasonably ensure the legal compliance of operation and management, asset safety, authenticity and integrity of financial reports and relevant information, improve operation efficiency and effect, and promote the realization of development strategy. Due to the inherent limitations of internal control, it can only provide reasonable assurance for the realization of the above objectives. In addition, as changes in the situation may lead to inappropriate internal control or reduced compliance with control policies and procedures, there is a certain risk to speculate the effectiveness of internal control in the future according to the results of internal control self-evaluation.
2、 Internal control evaluation conclusion
According to the identification of major defects in the company’s internal control over financial reporting, on the benchmark date of the internal control self-evaluation report, the company has no major defects in the internal control over financial reporting. The board of Directors believes that the company has maintained effective internal control over financial reporting in all major aspects in accordance with the requirements of the enterprise’s internal control standard system and relevant regulations. According to the identification of major defects in the company’s internal control over non-financial reports, the company found no major defects in the company’s internal control over non-financial reports on the benchmark date of the internal control self-evaluation report.
Between the benchmark date of internal control self-evaluation report and the date of issuance of internal control self-evaluation report, the company has no factors affecting the evaluation conclusion of internal control effectiveness.
3、 Internal control evaluation
(I) evaluation scope of internal control
According to the principle of risk orientation, the company determines the main units, businesses and matters included in the evaluation scope, as well as high risk activities, information and communication and internal supervision.
The main businesses and matters included in the scope of evaluation are as follows:
1. Control environment
The quality of the control environment directly determines whether the company’s control systems can be effectively implemented. The company’s control environment not only reflects the scientificity of the governance structure and the checks and balances of the functional institutions, but also fully reflects the attitude of the board of directors and management towards the company’s control. The company actively creates a good culture and control environment in order to provide a broader space for the development of the enterprise. It is mainly reflected in the following aspects:
(1) Development strategy
In terms of business development strategy, the company takes the intelligent operating system technology as the core, focuses on the key technologies of artificial intelligence, assists and accelerates the productization and technological innovation in the fields of intelligent system, intelligent Internet of things and new generation connected vehicles, and empowers the intelligent industry.
In terms of profit model, the company is committed to upgrading from charging technology development service fees to charging product and IP sales revenue, and gradually expand new profit model.
(2) Governance structure
During the reporting period, the company continued to improve the corporate governance structure, establish and improve the company’s internal control system and promote the standardized operation of the company in accordance with the provisions of laws, regulations and normative documents such as the company law, the securities law, the guidelines for the governance of listed companies, the guidelines for the standardized operation of companies listed on the gem of Shenzhen Stock Exchange and so on. It has established a corporate governance structure composed of the general meeting of shareholders, the board of directors, the board of supervisors and the company’s management, and formed a mutual coordination and balance mechanism with clear rights and responsibilities and standardized operation among the power organs, decision-making organs, supervision organs and management. The general meeting of shareholders is the highest authority of the company, which exercises the voting rights on major matters such as business policies, financing, investment and profit distribution according to law; The board of directors shall be responsible to the general meeting of shareholders, exercise the company’s business decision-making power according to law, establish and improve the company’s internal control system and supervise the implementation of the company’s internal control system.
The board of directors of the company has established four special committees: strategy, audit, remuneration and assessment and nomination, formulated corresponding working rules, and clarified their rights and responsibilities, decision-making procedures and rules of procedure. The board of directors employs the Secretary of the board of directors to handle the daily affairs of the board of directors and be responsible to the board of directors. In addition, in order to improve the decision-making quality and supervision function of the board of directors, the board of directors of the company has 9 directors, including 3 independent directors, and has formulated the independent director system. The company sets up a board of supervisors to supervise the performance of the board of directors and the management, including reviewing the company’s periodic reports prepared by the board of directors and putting forward written review opinions, inspecting the company’s finance, supervising the behavior of directors and senior managers in performing their duties Put forward suggestions on the removal of directors and senior managers who violate laws and regulations or resolutions of the general meeting of shareholders; The company regularly holds the general manager’s office meeting, formulates the overall development strategic plan and annual business plan of the enterprise, formulates the specific rules and regulations of the company, presides over the daily operation and management of the enterprise, and deliberates the proposals or work reports submitted to the board of directors, the special committees under the board of directors and the board of supervisors and other important matters.
(3) Management system
In accordance with the requirements of laws and regulations and the articles of association, the company has formulated the rules of procedure of the general meeting of shareholders, the rules of procedure of the board of directors, the rules of procedure of the board of supervisors and other relevant systems at the level of corporate governance, which is the legal person of the company
Combined with the actual operation of the company and relevant laws and regulations, the company has formulated a series of systems and processes such as financial management system, human resource management system and project management system, which provides institutional guarantee for the orderly development of all-round and all-level work and continuous growth of performance.
At the same time, according to the guidelines for the standardized operation of GEM listed companies and the requirements of the board of directors, the company has also formulated the internal audit management system, information security management system and other internal control management systems related to security management and process control.
(4) Human resources policy
The company has established scientific personnel management policies such as employment, training, evaluation, promotion and elimination, and specially formulated a series of process systems such as salary management, performance appraisal and recruitment management. The company continues to optimize the performance appraisal management system and employment information management system, strengthen the construction of training, performance, salary and other supporting systems, and further improve the adaptability of employees.
(5) Corporate culture
The company continues to devote itself to the construction of corporate culture, strengthen the publicity and implementation of the corporate spirit, corporate mission, corporate vision, corporate purpose, business philosophy, corporate code of conduct and employee code of conduct through the internal network platform, and fully apply them to work practice, so that employees can understand the appearance and connotation of corporate culture, take customers as the center, and adhere to the principle of unity and struggle, Adhere to the core values of taking technology as the core competitiveness, advocate the spirit of seeking truth and pragmatism, forge ahead, openness and equality, unity and cooperation, strengthen the construction of internal culture, consciously internalize in the heart, externalize and practice, practically integrate knowledge and practice, and create a good atmosphere for the development of corporate culture.
(6) Internal audit
The company has established an internal audit department under the board of directors in accordance with the requirements of the guidelines for the standardized operation of companies listed on the gem, equipped with full-time personnel, and formulated internal audit systems and norms such as the internal audit management system. The audit department is responsible to the audit committee of the board of directors, and regularly or irregularly supervises and inspects the company’s business activities, the implementation of internal control system and the effectiveness of internal control. The internal audit department shall prepare working papers and audit reports according to the internal audit procedures of the enterprise for the internal control defects found in the supervision and inspection, and has the right to report directly to the board of directors, its audit committee and the board of supervisors for the major internal control defects found in the supervision and inspection.
2. Risk assessment
The company has established a systematic and effective risk assessment system according to the strategic objectives and development ideas and combined with the characteristics of the industry. To comprehensively identify and control the possible risks related to the company’s internal business objectives and laws and regulations, and to comprehensively identify and control the risks related to the company’s internal business policies and regulations, so as to comprehensively identify and control the possible risks in the market. In the process of establishing and improving the internal control system, the company adheres to the risk oriented principle, timely rectifies the problems found, optimizes the company’s internal control and improves the company’s internal control management. The management believes that doing a good job in the construction of internal control is not to deal with the inspection of the regulatory authorities, but the internal need to prevent business risks and improve the level of operation and management. It is the inevitable choice for the company to improve internal control and promote standardization, and it also meets the actual needs of the company.
3. Internal control activities
In order to ensure the realization of various internal control objectives, the company has established relevant control activities, mainly including transaction authorization control, responsibility division control, voucher and record control, asset contact and record use control, internal audit control, electronic information system control, etc. (1) Transaction authorization control
According to the size of the transaction amount and the nature of the transaction, the company gives different approval authorities to the responsible personnel in accordance with the provisions of the articles of association and relevant management systems. The department level by level authorization approval system shall be adopted for frequent sales business, procurement business, expense reimbursement of normal business, purchase of fixed assets, financing within the scope of authorization, etc; For non recurring business transactions, such as foreign investment, equity transfer, related party transactions and other major transactions, the transaction amount according to the transaction amount shall be approved by the general meeting of shareholders, the board of directors and the general manager of the company.
(2) Responsibility division control
Based on the principle of “incompatible duties shall not be performed by the same person”, the company reasonably sets up the division of functions, scientifically divides the responsibilities and authorities, and separates the approval from incompatible duties such as business handling, business handling and accounting records, accounting records and property custody, business handling and business audit, authorization approval and supervision and inspection through the approval of rights and responsibilities and hierarchical responsibility A mechanism of mutual checks and balances in line with rights and responsibilities.
(3) Voucher and record control
All vouchers are signed or sealed, and their integrity and non repeatability are confirmed through the system or manual pre numbering mechanism. Important documents and important blank vouchers shall be kept by special personnel, and a registration book shall be set up to be recorded by special personnel. All transactions shall be reviewed, approved, recorded and settled through the internal division of labor of the accountant, and vouchers shall be prepared in time to record the transactions. After registration, the vouchers shall be filed in order.
(4) Asset exposure and record use control
The company has formulated monetary capital, inventory, equipment, fixed assets and other assets