Securities code: By-Health Co.Ltd(300146) securities abbreviation: By-Health Co.Ltd(300146) Announcement No.: 2022012 By-Health Co.Ltd(300146)
2021 internal control self-evaluation report and relevant opinion announcement
The company and all members of the board of directors guarantee that the information disclosed is true, accurate and complete without false records, misleading statements or major omissions.
According to the provisions of the basic norms of enterprise internal control and its supporting guidelines and other internal control regulatory requirements (hereinafter referred to as the “enterprise internal control standard system”), combined with the internal control system and evaluation methods of By-Health Co.Ltd(300146) (hereinafter referred to as ” By-Health Co.Ltd(300146) ” and “the company”), on the basis of daily and special supervision of internal control, We evaluated the effectiveness of the company’s internal control on December 31, 2021 (the benchmark date of the internal control evaluation report). 1、 Important statement
It is the responsibility of the board of directors of the company to establish, improve and effectively implement internal control, evaluate its effectiveness and truthfully disclose the internal control evaluation report in accordance with the provisions of the enterprise’s internal control standard system. The board of supervisors shall supervise the establishment and implementation of internal control by the board of directors. The management is responsible for organizing and leading the daily operation of the enterprise’s internal control. The board of directors, the board of supervisors and the directors, supervisors and senior managers of the company guarantee that there are no false records, misleading statements or major omissions in the contents of this report, and bear individual and joint legal liabilities for the authenticity, accuracy and completeness of the contents of the report.
The objective of the company’s internal control is to reasonably ensure the legal compliance of operation and management, asset safety, authenticity and integrity of financial reports and relevant information, improve operation efficiency and effect, and promote the realization of development strategy. Due to the inherent limitations of internal control, it can only provide reasonable assurance for the realization of the above objectives. In addition, as changes in circumstances may lead to inappropriate internal control or reduced compliance with control policies and procedures, there is a certain risk to speculate the effectiveness of internal control in the future according to the internal control evaluation results.
2、 Conclusion on the effectiveness of internal control
According to the identification of major defects in the company’s internal control over financial reporting, there are no major defects in the internal control over financial reporting on the benchmark date of the internal control evaluation report.
According to the identification of major defects in the company’s internal control over non-financial reports, the company found no major defects in the company’s internal control over non-financial reports on the benchmark date of the internal control evaluation report.
There are no factors affecting the evaluation conclusion of the effectiveness of internal control from the base date of the internal control evaluation report to the date of issuance of the internal control evaluation report.
3、 Internal control evaluation
(I) scope of internal control evaluation the company determines the main units included in the evaluation scope according to the requirements of the basic norms and relevant supporting guidelines, starting from the business scale and actual operation of the company, taking risk as the guidance and combined with the data of the company’s annual consolidated financial statements. The units included in the scope of this evaluation are the parent company By-Health Co.Ltd(300146) and the wholly-owned subsidiary By-Health Co.Ltd(300146) Pharmaceutical Co., Ltd., whose data account for the data of the company’s consolidated statements in 2021 as follows:
Total operating income net assets
Consolidated statement 1296592671053651547431278117663032
(10000 yuan)
Implementation scope 871319987304901950983241196510.07
(10000 yuan)
Accounting for 67.20%, 69.33%, 68.61% and 111.26%
Specific businesses and matters and high-risk areas included in the scope of internal control system construction and self-evaluation this year include:
1. Corporate Governance: organizational structure, human resources, social responsibility and corporate culture;
2. Business process level: capital activities, investment management, procurement business, sales business, engineering projects, salary and welfare, expense management, financial report, comprehensive budget, contract management, internal information transmission and information system.
3. Focus on high-risk areas: capital activities, financial reporting, comprehensive budget, sales business, procurement management, fixed assets and inventory management.
The above units, businesses and matters included in the evaluation scope and high-risk areas cover the main aspects of the company’s operation and management, and there are no major omissions.
(II) basis of internal control evaluation and identification standard of internal control defects
The company organizes the evaluation of internal control according to the requirements of the enterprise’s internal control standard system and in combination with the company’s internal control related systems and evaluation methods.
Internal control defects are divided into major defects, important defects and general defects. The board of directors of the company has studied and determined the identification standards applicable to the company’s internal control defects with reference to the identification requirements for internal control defects in the basic norms and relevant supporting guidelines, combined with the company’s scale, operation, industry characteristics, risk level and other factors. The specific identification standards are as follows:
1. Identification criteria for defects in internal control over financial reporting
The recognition standard of internal control defect of financial report directly depends on the importance of financial report misstatement that may be caused by the existence of internal control defect.
(1) Qualitative criteria
Whether the defect is reasonably likely to cause the company’s internal control to fail to prevent or detect and correct the misstatement of financial reports in time; The amount of potential misstatement that may be caused by the defect alone or in combination with other defects. The following circumstances may indicate that the company has significant defects in internal control related to financial reporting:
A. Fraud by directors, supervisors and senior managers;
B. The company corrects the published financial report;
C. The certified public accountant finds that there is a material misstatement in the current financial report, but the internal control fails to find the misstatement in the operation process;
D. The supervision of the company’s audit committee and internal audit institutions on internal control is invalid.
In case of any of the above circumstances, it can be determined that the company has major defects that need to be disclosed to the public.
(2) Quantitative standard
When implementing the quantitative evaluation of internal control defects, it is necessary to quantitatively evaluate the defects found in combination with the importance level and tolerable error of the company’s annual consolidated financial statements.
A. Materiality level: the company adopts 5% of the total profits in the annual consolidated statements as the quantitative index of materiality level;
B. Tolerable error: the company adopts 75% of the importance level of this year as the quantitative index of tolerable error.
In the process of internal control defect evaluation, the company analyzes and evaluates the internal control defects found with reference to the above qualitative and quantitative indicators.
When the potential impact of internal control defects on the financial statements exceeds the importance level, the defects are recognized as major defects; When the potential impact amount of internal control defect on the financial statements exceeds the tolerable error but is lower than the materiality level, the defect is recognized as a material defect; Otherwise, the defect is recognized as a general defect. 2. Identification standard of internal control defects in non-financial reporting
Internal control over non-financial reporting refers to the internal control over other objectives other than financial reporting objectives. These objectives generally include legal compliance, strategic business objectives, asset safety, etc.
(1) Qualitative criteria
A. Major defects: serious violation of laws, regulations, rules and regulations, resulting in the investigation of relevant departments and regulators, and being ordered to withdraw from the industry or revoke the business license; Failure to achieve all operational objectives or key business indicators, illegal operation, resulting in suspension of operation and serious over budget in terms of time, manpower or cost; Irreparable safety production accidents or serious quality problems, resulting in significant losses of assets and potential large-scale legal proceedings.
B. Major defects: violation of laws, regulations, rules and regulations, resulting in investigation by relevant departments and regulatory institutions, and ordered to suspend business for rectification; Unable to achieve some operational objectives or key business indicators, limited by the regulatory authorities, and greatly exceeding the budget in terms of time, manpower or cost; A large number of remedial measures need to be taken in case of major safety production accidents or general quality problems, resulting in asset losses.
C. General defects: violation of laws, regulations, rules and regulations, resulting in investigation and punishment by relevant departments and regulators; The business operation is affected to some extent and exceeds the budget in terms of time, manpower or cost; In case of safety production accidents or individual quality problems, remedial measures need to be taken.
(2) Quantitative standard
When implementing the quantitative evaluation of internal control defects, it is necessary to quantitatively evaluate the defects found in combination with the importance level and tolerable error of the company’s annual consolidated financial statements.
A. Materiality level: the company adopts 5% of the total profits in the annual consolidated statements as the quantitative index of materiality level. B. Tolerable error: the company adopts 75% of the importance level of this year as the quantitative index of tolerable error.
In the process of internal control defect evaluation, the company analyzes and evaluates the internal control defects found with reference to the above qualitative and quantitative indicators. When the potential impact of internal control defects on the financial statements exceeds the importance level, the defects are recognized as major defects; When the potential impact amount of internal control defect on the financial statements exceeds the tolerable error but is lower than the materiality level, the defect is recognized as a material defect; Otherwise, the defect is recognized as a general defect. (III) procedures and methods of internal control evaluation
In the process of internal control system construction and self-evaluation, the company comprehensively combed the business processes and rules and regulations within the implementation scope of internal control norms, found the risk points of main business processes, nodes and control points, prepared the list of corresponding problems or vulnerability risks, proposed improvement measures and standardized them, and formulated the methods and standards for testing, inspection and evaluation of internal control. The company’s internal control evaluation is carried out in strict accordance with the basic norms, relevant supporting guidelines and the procedures specified in the company’s internal control evaluation measures, including the following aspects:
1. Implement the risk assessment process: Interview with the middle and senior leaders of the company, collect risk information, sort out and analyze it, identify the high-risk areas faced by the company, guide the annual internal control construction and self-evaluation, and clarify the scope and focus of work;
2. Conduct process interviews to understand the current internal control status of the company’s business processes and identify the information of key control points. Link the risk control information with the Department / post, clarify the risk control responsibilities, and effectively implement the company’s internal control management requirements;
3. Carry out walk through test, verify the authenticity of the process and relevant control point information learned in the interview, evaluate the design effectiveness of internal control, and identify the design defects of internal control;
4. Carry out internal control test, take a certain number of samples according to the occurrence frequency of key control activities, evaluate the implementation effectiveness of internal control, and find the implementation defects of internal control;
5. In the process of internal control construction and evaluation, starting from the inherent risks and control objectives of the process, find the weak links of internal control, form the summary table of audit findings and the rectification plan of audit findings, track the implementation of the rectification work, retest the rectification results, and verify the effectiveness of the rectification results.
During the evaluation process, we adopted appropriate methods such as individual interview, walk through test and sampling to widely collect evidence of whether the company’s internal control design and operation are effective, truthfully fill in the evaluation working paper, and analyze and identify internal control defects. 4、 Overall situation of internal control system
With the joint efforts of the board of directors, management and all employees of the company, the company has established a relatively complete and continuously effective internal control system, and established necessary internal control measures from the company level to all business process levels, so as to provide reasonable guarantee for the legal compliance of the company’s operation and management, asset safety, the authenticity and integrity of financial reports and relevant information.
(I) internal environment
1. Organizational structure
In accordance with the requirements of the company law, the securities law and the laws and regulations of the CSRC on listed companies, the company has continuously improved and standardized the corporate governance structure and rules of procedure, ensured the standardized operation of the general meeting of shareholders, the board of directors, the board of supervisors and other institutions, and formed a scientific and effective division of responsibilities and check and balance mechanism. The general meeting of shareholders, the board of directors and the board of supervisors exercise decision-making power, executive power and supervision power respectively according to their duties.
(1) In accordance with the company law and other relevant laws and regulations and the articles of association, the company has prepared the rules of procedure of the general meeting of shareholders, the rules of procedure of the board of directors, the rules of procedure of the board of supervisors, the working system of independent directors and the working rules of the general manager, and revised them in due time.
(2) The board of directors has an audit committee and a nomination, remuneration and assessment committee, and establishes corresponding work implementation rules.
(3) The company sets up a board of supervisors to supervise the performance of the board of directors and the management, including reviewing the company’s periodic reports prepared by the board of directors and putting forward written review opinions; Check the company’s finance; Supervise the acts of directors and senior managers in performing their duties of the company, and put forward suggestions on the removal of directors and senior managers who violate laws, administrative regulations, the articles of association or the resolutions of the general meeting of shareholders; When the acts of directors and senior managers harm the interests of the company, they shall be required to correct them and report to the general meeting of shareholders or relevant competent authorities of the state when necessary. The company has formulated the decentralization manual, which divides the responsibilities and authorities of the company’s headquarters, functional departments, subsidiaries and production plants, including operation management, production management, technology R & D management, information management, financial management, investment management, human resources management, securities affairs management, legal affairs management, public affairs management Audit management, etc.
(4) Through regular or irregular general manager office meetings, the company formulates the company’s overall development strategic plan, annual business plan and investment plan, financial budget and final settlement plan, profit distribution plan, internal management organization setting plan, basic management system, employment, salary, assessment, reward and punishment and dismissal of the company’s employees, and formulates the company’s specific regulations, Review proposals or work reports and other important matters submitted to the board of directors, professional committees under the board of directors and the board of supervisors.
2. Human resources
Strengthen the construction and management of human resources, accelerate the construction of internal talent echelon and talent reserve, put the training of project leaders and department successors in the first place, and take effective measures to further activate the organization to provide strong support for the sustainable development of the company.
3. Social responsibility
By-Health Co.Ltd(300146) has always adhered to the responsibility concept of “integrity is more important than intelligence”, July 31, 2018