Luoyang Jalon Micro-Nano New Materials Co.Ltd(688357)
Risk assessment management system
Chapter I General Provisions
Article 1 in order to safeguard the legitimate rights and interests of the company’s shareholders, promote the company to improve operational efficiency, promote the implementation of the company’s development strategy, strengthen the standardization of the company’s internal control, enhance the awareness of preventing operational risks, timely identify the probability of risk occurrence, evaluate and determine the risk tolerance, This system is hereby formulated in accordance with the provisions of the company law, the securities law, the Listing Rules of the science and Innovation Board of Shanghai Stock Exchange, the articles of association, the basic norms of enterprise internal control and its application guidelines and other relevant laws, regulations, rules and rules.
Article 2 this system is applicable to the company and its wholly-owned and holding subsidiaries.
Article 3 risk assessment shall be conducted at least once a year, and the frequency of assessment shall be increased according to actual needs. When the following situations occur, the risk assessment shall be considered again:
(I) major changes in the business model of the enterprise;
(II) major changes in the information technology used by the enterprise;
(III) change of key personnel;
(IV) significant changes in the accounting standards applicable to the enterprise;
(V) merger and acquisition, use of financial instruments and other events involving complex accounting treatment requirements;
(VI) others.
Chapter II Risk Assessment Management System
Article 4 risk assessment refers to the process of timely identifying risks, systematically analyzing risks and reasonably determining risk response strategies in the process of production and operation. It is an important link in the implementation of internal control. The company sets up a risk assessment management team. The audit committee of the company is the leading organization of the company’s risk assessment management, and the risk assessment management team is the working organization of the company’s risk assessment. It is located in the audit department and is responsible for the company’s risk assessment management and risk control. The members of the risk assessment management team are composed of the head of the audit department, the head of the finance department, the head of the enterprise management department, the office director and relevant professionals.
Or assign special personnel to communicate information with the company’s risk assessment management team, report the risks and possible solutions in the operation process, and accept the guidance and task arrangement of the company’s risk assessment management team.
Chapter III setting of internal control objectives
Article 6 the company shall comprehensively, systematically and continuously collect relevant information according to the set internal control objectives, and timely conduct risk assessment in combination with the actual situation.
The internal control objectives set here mainly refer to the following five aspects: first, reasonably ensure the legality and compliance of enterprise operation and management; Second, maintain the safety of the company’s assets; Third, ensure the authenticity and integrity of financial reports and relevant information; Fourth, improve business efficiency and effect; Fifth, promote enterprises to realize their development strategy.
Article 7 in the process of information collection, the company shall make full use of information means to increase the amount of information collection and improve the accuracy and timeliness of information, so as to ensure the efficiency and effect of risk assessment.
Chapter IV Risk Identification
Article 8 when conducting risk assessment, the company shall strive to accurately identify the internal and external risks related to the realization of control objectives and determine the corresponding risk tolerance.
Risk tolerance refers to the risk limit that an enterprise can bear, including the overall risk tolerance and the acceptable risk level at the business level.
Article 9 when identifying internal risks, the company mainly focuses on the following factors:
(I) possible risks caused by factors such as the professional ethics of directors, supervisors, President and other senior managers and the professional competence of employees.
(II) possible risks caused by organizational structure, business mode, asset management, business process and other management factors.
(III) possible risks caused by independent innovation factors such as research and development, technology investment and information technology application. (IV) risks reflected by financial factors such as financial status, operating results and cash flow.
(V) potential risks that may be formed by safety and environmental protection factors such as operation safety, employee health and environmental protection. (VI) risks that may be caused by other relevant internal factors.
Article 10 when identifying external risks, the company mainly focuses on the following factors:
(I) the impact of economic factors such as economic situation, industrial policy, financing environment, market competition and resource supply on the company.
(II) restriction of laws, regulations, regulatory requirements and other legal factors on the operation of the company.
(III) the impact of social factors such as safety and stability, cultural tradition, social credit, education level and consumer behavior on the company’s normal business order and business habits.
(IV) threats posed by scientific and technological factors such as technological progress and process improvement to the company’s existing products, industries and production capacity.
(V) potential risks of natural disasters, environmental conditions and other natural and environmental factors to the company’s asset safety and sustainable profitability.
(VI) various risks caused by other relevant external factors.
Article 11 in the process of risk control of the company, various risks shall be classified and sorted out, and the risk list of the enterprise shall be formed according to the possible internal and external risk factors and the main risk factors listed in the application guidelines for internal control of enterprises, which shall be used as the basis for risk assessment.
Chapter V risk analysis
Article 12 the company shall adopt a combination of qualitative and quantitative methods to analyze and rank the identified risks according to the possibility of risk occurrence and its impact degree, so as to determine the focus of risk and the risks that need to be controlled first.
When conducting risk analysis, the company’s risk assessment management team shall fully absorb professionals to form a strong risk analysis team and carry out work in accordance with strict and standardized procedures to ensure the accuracy of risk analysis results.
Article 13 the qualitative analysis of risk should be based on science. It refers to the method of analyzing the nature of risk through subtle observation and analysis and with the help of daily experience and logical judgment. Generally, qualitative analysis shall be adopted when quantitative analysis is not required, or the data required for quantitative analysis cannot be obtained, and it is uneconomical to adopt quantitative analysis method due to cost-benefit principle.
Article 14 the company can set the importance level according to a certain proportion (usually 5%) of total assets, total profits and other indicators to conduct quantitative analysis of risks.
Chapter VI risk response
Article 15 the purpose of risk analysis is to deal with risks. The company shall weigh the risks and benefits and determine the risk response strategy according to the results of risk analysis and risk tolerance.
Article 16 the company shall regularly analyze and accurately grasp the risk preferences of directors, supervisors, general managers, other senior managers and employees in key positions, and take appropriate control measures in the scope of decision-making authority and authorized approval, so as to avoid heavy losses to the operation of the enterprise due to personal risk preferences.
Article 17 the company shall use the coping strategy of risk aversion to realize the effective control of risks.
Risk aversion refers to the company’s strategy to avoid or mitigate losses by abandoning or stopping business activities related to risks beyond risk tolerance.
Evasion is a kind of strategy. It is a sign of irresponsibility to the operation of the company. Risk aversion is the best annotation to the principle of sound operation of the company.
Article 18 the company shall use risk reduction strategies to achieve effective risk control. Risk reduction refers to the strategy that the company is prepared to take appropriate control measures to reduce risks or reduce losses and control risks within risk tolerance after weighing costs and benefits. The key of risk reduction strategy is to reduce the risk beyond the risk tolerance to the risk tolerance, so that the proportional relationship between risk and return can be organically unified.
Article 19 the company shall use the coping strategy of risk sharing to achieve effective risk control. Risk sharing refers to the strategy that the company is prepared to use the strength of others to control the risk within the risk tolerance by means of business subcontracting, insurance purchase, price adjustment, diversification of customers and suppliers, and taking appropriate control measures.
Article 20 the company shall use the coping strategy of risk tolerance to achieve effective risk control. Risk tolerance refers to the strategy that the company is not prepared to take control measures to reduce risks or reduce losses after weighing costs and benefits. The key of risk tolerance strategy is that there must be sufficient reasons to prove that the return after taking the risk can be greater than the loss caused by the risk. Generally, it should be used with caution.
Article 21 the company shall comprehensively apply the above coping strategies, continuously collect information related to risk changes in combination with different development stages and business expansion, continuously carry out risk identification and risk analysis, and adjust risk coping strategies in time.
Article 22 the company’s risk assessment shall make full use of the existing information system, establish a dynamic monitoring, review, analysis and prevention mechanism, form risk assessment documents on relevant matters, track and control, and ensure the communication and sharing of risk assessment information among relevant functional departments within the company.
Chapter VII supplementary provisions
Article 23 matters not covered in this system shall be implemented in accordance with relevant national laws, regulations, normative documents, articles of association and other relevant systems. If this system is inconsistent with relevant laws, regulations, normative documents and articles of association, relevant laws, regulations, normative documents and articles of association shall prevail.
Article 24 the system shall be interpreted and revised by the board of directors of the company.
Article 25 this system shall be implemented from the date of deliberation and approval by the board of directors of the company.
Luoyang Jalon Micro-Nano New Materials Co.Ltd(688357) March 9, 2002
