Rainbow Digital Commercial Co.Ltd(002419)
Internal control report 2021
Rainbow Digital Commercial Co.Ltd(002419) all shareholders:
In accordance with the provisions of the basic norms of enterprise internal control and its supporting guidelines and other internal control regulatory requirements (hereinafter referred to as the "enterprise internal control normative system"), combined with the internal control system and evaluation methods of the company (hereinafter referred to as the "company"), on the basis of daily and special supervision of internal control, We evaluated the effectiveness of the company's internal control as of December 31, 2021 (benchmark date of internal control evaluation report). 1、 Important statement
It is the responsibility of the board of directors of the company to establish, improve and effectively implement internal control, evaluate its effectiveness and truthfully disclose the internal control evaluation report in accordance with the provisions of the enterprise's internal control standard system. Establish and implement the internal control of the board of supervisors. The management is responsible for organizing the daily operation of the company's internal control.
The board of directors, the board of supervisors and the directors, supervisors and senior managers of the company guarantee that there are no false records, misleading statements or major omissions in the contents of this report, and bear individual and joint legal liabilities for the authenticity, accuracy and completeness of the contents of the report.
The objective of the company's internal control is to reasonably ensure the legal compliance of operation and management, asset safety, authenticity and integrity of financial reports and relevant information, improve operation efficiency and effect, and promote the realization of development strategy. Due to the inherent limitations of internal control, it can only provide reasonable assurance for the realization of the above objectives. In addition, as changes in circumstances may lead to inappropriate internal control or reduced compliance with control policies and procedures, there is a certain risk to speculate the effectiveness of internal control in the future according to the internal control evaluation results.
2、 Internal control evaluation conclusion
According to the identification of major defects in the company's internal control over financial reporting, there were no major defects in the internal control over financial reporting on the benchmark date of the internal control evaluation report. The board of Directors believes that the company has maintained effective internal control over financial reporting in all major aspects in accordance with the requirements of the enterprise's internal control standard system and relevant regulations.
According to the identification of major defects in the company's internal control over non-financial reports, the company found no major defects in the company's internal control over non-financial reports on the benchmark date of the internal control evaluation report.
There are no factors affecting the evaluation conclusion of the effectiveness of internal control from the base date of the internal control evaluation report to the date of issuance of the internal control evaluation report.
3、 Internal control evaluation
(I) evaluation scope of internal control
According to the risk oriented principle, the company determines the main units, businesses and matters included in the evaluation scope and high-risk areas. The units included in the evaluation scope include Rainbow Digital Commercial Co.Ltd(002419) parent company and its main subsidiaries. The total assets of the units included in the evaluation scope account for 100% of the total assets in the company's consolidated financial statements, and the total operating revenue accounts for 100% of the total operating revenue in the company's consolidated financial statements; The main businesses and matters included in the evaluation scope include the company level, human resources, capital management, investment promotion and procurement management, asset management, sales management, strategic development, engineering project management, financial report, comprehensive budget management, contract management, information system, digital operation management, customer relationship management, logistics management, internal supervision, etc; The scope of internal control evaluation focuses on safety risk, strategy formulation and implementation risk, investment and M & a risk, quality risk, etc. The above units, businesses and matters included in the evaluation scope and high-risk areas cover the main aspects of the company's operation and management, and there are no major omissions.
(II) basis of internal control evaluation
The basis for the company's internal control evaluation mainly includes the basic norms of enterprise internal control, guidelines for the application of enterprise internal control, guidelines for the evaluation of enterprise internal control and other relevant provisions jointly issued by the Ministry of Finance and other five ministries and commissions, and the objective evaluation of the company's internal control system in combination with the relevant rules and regulations of the company's internal control and adhering to the principle of risk orientation.
(III) identification standard of internal control defects
According to the requirements of the basic norms of enterprise internal control and supporting application guidelines and evaluation guidelines, based on the construction project of risk management and internal control system, and combined with the factors such as group size, industry characteristics and risk level, the evaluation standards for internal control defects applicable to the company are studied and determined, which are consistent with that of the previous year, Internal control defects are divided into major defects, important defects and general defects. The identification criteria are as follows:
Major defects refer to the combination of one or more control defects, which may cause the enterprise to seriously deviate from the control objectives. When there are any one or more major defects in internal control, the conclusion that the internal control is invalid shall be made in the internal control evaluation report.
Important defect refers to the combination of one or more control defects, whose severity is lower than that of major defects, but it may still cause the enterprise to deviate from the control objectives. The severity of important defects is lower than that of major defects, which will not seriously endanger the overall effectiveness of internal control, but it should also attract the full attention of the board of directors and managers. General defects refer to other control defects except major defects and important defects.
The classification of the above internal control defects also needs the help of a set of identification standards that can be followed and the professional judgment of the internal control evaluators. In order to further facilitate the judgment of the level of internal control defects, the company has formulated corresponding recognition standards for financial reporting defects and non-financial reporting defects respectively:
1. Identification standard of internal control defects in financial reporting
(1) Qualitative criteria
Defects with the following characteristics can be considered as major defects:
① The defect involves the fraud of the company's management;
② This defect indicates that the internal oversight body has not performed its basic functions;
③ The defect indicates serious misstatement or omission in the financial report;
④ This defect indicates that the internal control environment related to financial reporting is ineffective.
(2) Quantitative standard
The quantitative standard for determining the importance of misstatement (including omission) in the company's consolidated statements based on the consolidated statement data announced in the latest year.
The evaluation criteria for internal control defects of the company are as follows:
Defect grade price evaluation standard quantitative evaluation standard 1 quantitative evaluation standard 2 quantitative evaluation standard 3
Major defects: the annual financial statements may be misstated by more than 50 million, misstated by more than 30 million and fraudulently caused by the defect or defect combination, and the loss is greater than the annual operating profit of 10 million
Report 5% of 0.5% of the importance level income of the financial statements
The importance level of the financial statements with significant defects is 20% the misstatement is greater than 10 million, the misstatement is greater than 5 million, and the small fraud leads to more than 100. The misstatement of the annual financial statements caused by the defect or defect combination may be less than 50 million and located at 30 million, and located at 10 million and less than 10 million is the loss of the annual operating income and annual operating profit
= 0.1% - 0.5% 1% - 5% of the importance level of financial statements
General defect: the annual financial statement misstatement caused by the defect or defect combination may be less than 10 million, the misstatement is less than 5 million and the fraud is less than 100 million, and the loss is less than the annual operating profit
Financial Statement materiality level 20% 1% of 0.1% of revenue
Note: the monetary unit in the table is RMB; "Less than" in the table does not include this number, and "greater than" includes this number.
2. Identification standard of internal control defects in non-financial reporting
With reference to the evaluation criteria of internal control defects in financial reports, the evaluation criteria for determining the importance of internal control defects in non-financial reports of the company are as follows:
Control target dimension major defect important defect general defect
The orderly expansion of the company's business scale, the orderly expansion of the company's business scale, the orderly expansion of the company's business scale, the serious negative impact caused by the relatively serious negative impact, the general negative impact caused by the corporate strategy, and the company can not eliminate this impact, The company can eliminate these influences in a long time and within a certain period of time; To eliminate such effects; Such impact;
The continuity of business structure to the company's business structure, the continuous optimization of the company's business structure, and the continuous optimization of the company's business structure have a serious negative impact, resulting in a more serious negative impact and a general negative impact
And the company can't eliminate this impact. The company can eliminate this impact within a certain period of time; To eliminate such effects; Two kinds of influence;
The steady improvement of the company's profitability, the steady improvement of the company's profitability and the improvement of the company's profitability have caused serious negative impact, resulting in more serious negative impact, general negative impact and public impact, and the company cannot eliminate this impact, The company can eliminate these influences in a long time and within a certain period of time; To eliminate such effects; Such impact;
The implementation of the strategic plan is strict, the implementation of the strategic plan is large, and the implementation of the strategic plan has some serious mistakes in the implementation of the strategic plan, which can not be remedied, and it needs to pay a large degree of mistakes and make up for them; The cost can be compensated; The fixed price can be compensated;
It has a severe impact on the annual operating profit, a great impact on the annual operating profit, a heavy adverse impact on the annual operating profit, or an adverse impact on the annual operating profit, or an annual impact, or an annual operating profit reduction of 3000, an annual operating profit reduction of 5 million yuan to reduce less than 5 million yuan;
More than 10000 yuan; Up to 30 million yuan;
If it has a serious impact on cash flow, it will not have a great adverse impact on cash flow, have an adverse impact on cash flow, have a profit making impact, and have an impact on total cash flow, The total cash inflow is reduced by the total cash inflow, or the cash inflow is reduced, or the total cash outflow is less, or the total cash outflow is increased, and the total cash outflow is increased by 30 million yuan to increase by more than 60 million yuan; More than 30 million yuan and less than 60 million yuan;
following;
Major investment mistakes, major investment mistakes, general investment mistakes, direct economic losses of 10 million yuan, direct economic losses of 1 million yuan, economic losses of more than 200000 yuan, investment projects of less than 10 million yuan, or investment of less than 1 million yuan, Or the investment effect plan of the investment project is delayed for 6 months, the project is delayed for 3 months compared with the plan, the implementation is delayed for more than 1 month compared with the plan, or the return on investment is implemented for more than 6 months, and the implementation is implemented for less than 3 months, or the investment is reduced by more than 40% compared with the expectation; Or the rate of return on investment is lower than expected, and the rate of return is 20% to 30% to 40% lower than expected; 30% (including 20%);
Have a heavy impact on the asset turnover capacity, have a great impact on the asset turnover capacity, have a great adverse impact on the asset turnover capacity, and have a great adverse impact on the operation turnover capacity, resulting in a total adverse impact on the total assets, resulting in a decrease in the total asset turnover rate by 20%, and a decrease in the turnover rate by 10% to 20% or less;
On; (including 10%);
Cause common business / service, cause some impact on the daily business of enterprises in important business / service, or business / service interruption, or business / service interruption needs to cause continuous business interruption in individual business / service, and it takes more than half a year to recover the interruption for more than three months and less than half a year, or business / service interruption needs to