Self evaluation report on internal control in 2021
Jiangxi Sanxin Medtec Co.Ltd(300453) according to the enterprise internal control standard and its supporting guidelines and other internal control supervision requirements (hereinafter referred to as the "enterprise internal control standard system"), combined with the internal control system and evaluation methods of the company (hereinafter referred to as the "company"), on the basis of daily and special supervision of internal control, The board of directors evaluated the effectiveness of the company's internal control on December 31, 2021 (benchmark date of internal control evaluation report). 1、 Important statement
It is the responsibility of the board of directors of the company to establish, improve and effectively implement internal control, evaluate its effectiveness and truthfully disclose the internal control evaluation report in accordance with the provisions of the enterprise's internal control standard system. The board of supervisors shall supervise the establishment and implementation of internal control by the board of directors. The management is responsible for organizing and leading the daily operation of the enterprise's internal control. The board of directors, the board of supervisors and the directors, supervisors and senior managers of the company guarantee that there are no false records, misleading statements or major omissions in the contents of this report, and bear individual and joint legal liabilities for the authenticity, accuracy and completeness of the contents of the report.
The objective of the company's internal control is to reasonably ensure the legal and reasonable compliance of operation and management, asset safety, authenticity and integrity of financial reports and relevant information, improve operation efficiency and effect, and promote the realization of development strategy. 2、 Internal control evaluation conclusion
According to the identification standard of major defects in the company's internal control over financial reporting, the company has no major defects in the internal control over financial reporting on the benchmark date of the internal control evaluation report. The board of Directors believes that the company has maintained effective internal control over financial reporting in all major aspects in accordance with the requirements of the enterprise's internal control standard system and relevant regulations.
According to the identification of major defects in the company's internal control over non-financial reports, the company found no major defects in the company's internal control over non-financial reports on the benchmark date of the internal control evaluation report.
There are no factors affecting the evaluation conclusion of the effectiveness of internal control from the base date of the internal control evaluation report to the date of issuance of the internal control evaluation report. 3、 Internal control evaluation (I) scope of internal control evaluation
According to the risk oriented principle, the company determines the main units, businesses and matters included in the evaluation scope and high-risk areas. The main units included in the evaluation scope include the company and its subsidiaries. The total assets of the units included in the evaluation scope account for 100% of the total assets in the company's consolidated financial statements, and the total operating revenue accounts for 100% of the total operating revenue in the company's consolidated financial statements; The main businesses and matters included in the evaluation scope include: governance structure, organizational structure, human resources, corporate culture, monetary fund management, procurement management, sales management, investment management, related party transactions, technology management, raised funds management, information disclosure management, etc; The high-risk areas of focus mainly include: major investment decisions, related party transactions, research and development, etc. 1. Internal environment (1) governance structure
In accordance with the requirements of the company law, the securities law and relevant regulations and the provisions of the articles of association, the company has established a standardized corporate governance structure and rules of procedure, defined the responsibilities and authorities in decision-making, implementation and supervision, and formed a scientific and effective division of responsibilities and check and balance mechanism. The general meeting of shareholders, the board of directors and the board of supervisors exercise decision-making power, executive power and supervision power respectively according to their duties. The general meeting of shareholders enjoys the legal rights stipulated in laws and regulations and the articles of association, and exercises the decision-making power on major matters such as the company's business policy, fund-raising, investment and profit distribution according to law. The board of directors is responsible to the general meeting of shareholders and exercises the company's business decision-making power according to law. The board of directors is responsible for the establishment, improvement and effective implementation of internal control. The board of supervisors shall supervise the establishment and implementation of internal control by the board of directors. The audit committee is responsible for reviewing the company's internal control, supervising the effective implementation of internal control and self-evaluation of internal control, and coordinating internal audit and other related matters. The management is responsible for organizing and implementing the resolutions of the general meeting of shareholders and the board of directors, and presiding over the daily operation and management of the company. The above-mentioned institutions of the company have clear rights and responsibilities, mutual independence, mutual checks and balances and standardized operation. (2) Organizational structure
According to the needs of business operation and management, the company has established securities investment department, administration department, finance department, material control department, audit department, technology department and other departments to effectively monitor and manage its subsidiaries; Clarify the responsibilities and authorities of each department, and implement the performance salary system of year-end performance appraisal; On the basis of the basic organizational framework of internal control determined by the governance structure, the company has established a functional organization to meet the needs of the company's operation and management, formed an effective operation mode suitable for the actual situation of the company, and the organizational division of labor is clear, the functions are sound and clear. (3) Internal audit
The audit committee under the board of directors of the company is responsible for the communication, supervision and verification of internal and external audit of the company. The company sets up the audit department as the internal audit department to inspect and supervise the authenticity and integrity of the company's financial information and the establishment and implementation of internal control system. The audit department is equipped with full-time auditors to audit and supervise the business activities, internal control, financial revenue and expenditure and the use of raised funds of the company and its subsidiaries, issue internal audit reports, put forward opinions and suggestions on improving internal control and internal management, and promote and ensure the effective operation of the internal control system. Supervise and inspect the effectiveness of the company's internal control design and operation, evaluate the efficiency and effect of internal control design and implementation, and promote the continuous improvement and improvement of internal control quality. Report the internal control defects found in the audit or investigation to the board of supervisors, the audit committee or the management according to the degree of the problems, and urge relevant departments to take positive measures to rectify them. During the reporting period, the internal control work was effectively carried out to ensure the healthy and orderly development of the company. (4) Human resource management
The company's human resources actively introduce excellent talents to the company through online recruitment, social recruitment, campus recruitment, headhunting recruitment and internal recommendation, and take talents as the most important factor for the development of the company. In terms of interview process and evaluation indicators, conduct strict selection, focusing on personality values, development potential and professional skills. The company provides induction training, technical training and third-party organization training for employees; The company attaches importance to employees' career development and provides employees with multi-directional career development channels. According to the operation and development strategy, the company has established a human resources system or process in line with the actual situation of the company, and has stipulated and strictly implemented the management of employee employment, training, job rotation, assessment, reward and punishment, promotion and elimination. Further improve the company's incentive and punishment mechanism, and adopt the way of setting salary and bonus based on post, linking with the company's benefits and employees' work performance, so as to improve employees' awareness of competition; Strengthen the management of employees and improve the effective reward and punishment mechanism through the objective evaluation of employees' working ability and working attitude; It has mobilized the enthusiasm of employees and promoted the development and growth of the company. (5) Corporate culture
The company continues to adhere to the concept of "leading Party construction and promoting engineering construction" and deeply practice the talent concept of "striving for people". Through various forms of training, communication meetings and manager exchange groups, the company has integrated the corporate culture into the grass-roots level and deeply rooted in the hearts of the people. The company always adheres to the core values of "pragmatic innovation and win-win cooperation", and makes contributions to the progress of health cause while pursuing a better life for all employees. The company is honest and trustworthy, has established a perfect employee training plan, endows employees with full rights and responsibilities, actively creates a corporate culture atmosphere suitable for talent competition and development, provides platforms and opportunities for all employees to develop talents and realize value, instills the core content of corporate culture into employees' thoughts, and makes the company a first-class talent team, A modern enterprise with high cohesion.
2. Risk assessment
The company has established a systematic and effective risk assessment system according to the strategic objectives and development plan and in combination with the characteristics of the industry: according to the principle of "clear rights and responsibilities and mutual checks and balances", and according to the operating characteristics of the company, the company has established a risk control structure composed of the general meeting of shareholders, the board of directors, the board of supervisors, the management and other corporate governance structures, as well as internal audit and internal control of business departments, And clearly divided the functions of risk assessment and risk countermeasures at all levels. According to the set control objectives, regularly convene the heads of all functional departments to carry out risk identification and risk assessment, and timely take corresponding measures according to the assessment results to make the risk controllable. Predict, identify and respond to daily events or behaviors affecting the enterprise level and all important business processes, and deal with the business risks, environmental risks and financial risks that the company may encounter; Control the enterprise risk within an acceptable range to ensure the sustainable development of the company. Although the company has established sound risk assessment procedures, it should still pay attention to the following risks:
(1) National policy risk
The medical device industry is not only a key industry encouraged and supported by the state, but also an industry with a high degree of national supervision, including industry access, production conditions, quality standards, etc. Major changes in relevant national regulatory policies may lead to new changes in the competition pattern of the whole industry, which will bring new challenges to the production and operation of the company.
(2) Quality control risk
The company's main products are national class III medical devices. Their safety and effectiveness are related to people's health and life. They are key national supervision and management devices. China has strictly examined the establishment of relevant enterprises and the production and sales qualification of products, and established a systematic management and market access system. Foreign countries also have strict standards for the market access of medical devices. If the company cannot continuously and effectively implement the control systems and measures related to quality management, or the product has quality problems, it will damage the reputation of the company and affect the operation of the company.
(3) Management risks brought by business integration and scale expansion
With the development of the company's M & a business and the development of new business fields, higher requirements are put forward for the company's management level. The company may face challenges and risks in business integration and improving the overall operation efficiency. 3. Control activities
(1) Establish and improve the system
Establish and improve the internal organizational structure that meets the requirements of modern enterprise system, form a scientific decision-making, implementation and supervision mechanism, and gradually realize a modern enterprise management system with clear rights and responsibilities and scientific management. Establish an effective risk control system, strengthen risk management, improve the efficiency and effect of the company's business activities, and ensure the healthy operation of the company's business activities; Avoid or reduce risks, plug loopholes, eliminate hidden dangers, prevent and timely detect and correct various errors and fraud, and protect the safety and integrity of the company's assets; Ensure that all economic matters are truly and completely reflected, and make the preparation of financial and accounting reports comply with the accounting law, accounting standards for business enterprises and other relevant provisions. According to the requirements of enterprise management and based on the basic system of the company, a series of systems covering sales, production, material procurement, engineering, human resources and financial management have been formulated, and the scope of responsibilities and work flow of each department have been clarified to ensure that all work has rules to follow and orderly management, forming a standardized management system. (2) Main control measures
Separation control of incompatible positions: various internal control systems formulated by the company clearly stipulate the responsibilities of each position and department functions, fully implement the principle of post responsibility and internal containment, reasonably divide responsibilities, strictly implement the separation of incompatible positions, form a mutual check and balance mechanism, and prevent the failure of internal control and fraud.
Authorization approval control: various internal control systems formulated by the company define the scope, authority, procedures, responsibilities and other relevant contents of authorization approval. The management at all levels within the unit must exercise corresponding functions and powers within the scope of authorization, and the handling personnel must also handle economic business within the scope of authorization, so that the superior cares about the subordinate and the subordinate is responsible to the superior. Accounting system control: to strengthen financial and accounting, strengthen financial supervision, and achieve the purpose of ensuring asset safety and improving enterprise economic benefits. According to various accounting policies and financial management systems, the Finance Department of the company shall carry out accounting treatment for the increase and decrease of assets such as bills, inventories and fixed assets, determine the custodian or management department for physical assets, strictly restrict the access and disposal of assets by unauthorized personnel, and control the combination of regular property inventory and irregular random inspection to ensure the consistency between accounts and reality.
Budget control: the company implements a comprehensive budget management system, defines the responsibilities and authorities of each responsible unit in budget management, and standardizes the budget preparation, approval, release and implementation procedures. The financial department analyzes the budget implementation on a monthly basis, and communicates with the business department to find out the reasons for the budget implementation deviation; Regular business meetings shall be held to achieve pre discussion, in-process control and post analysis, so as to ensure the effective implementation of the budget. (3) Main control activities
The company comprehensively applies the above control measures in the following main business activities, pays attention to high-risk areas such as sales, cost, capital, procurement and investment, and effectively controls various businesses and matters to promote the effective operation of internal control.
Sales management: the company has established a nationwide sales system, which divides the sales market into several sales areas, and specifically implements the sales tasks into the daily performance evaluation of the sales areas and sales representatives, so as to fully mobilize the enthusiasm of sales personnel and expand the market share of the company's products. The company has established a relatively perfect sales process control. The sales management department of the company is responsible for signing sales contracts, order processing, implementing sales policies and collecting payment for goods; The delivery department performs the delivery task according to the delivery notice issued by the sales management department, collects complete delivery documents, and feeds back the delivery information to relevant departments; The company has also formulated a sales management system to strictly standardize the processes such as market development and sales policy formulation, customer credit rating and credit management, order management, product pricing, product delivery and return, collection, contract execution monitoring and contract document management.
Procurement management: the company has formulated relevant procurement management systems, formulated the main control processes such as procurement plan and implementation management, supplier management and payment settlement, and stipulated the operation procedures of supplier development and review, signing of material procurement contract, ordering and acceptance of materials, treatment of defective and sluggish materials, financial treatment and other links, Strengthen the control over the preparation and approval of procurement plan, authorization management, supplier selection, procurement mode selection, determination of procurement price, procurement price comparison management, signing of procurement contract, acceptance and regular reconciliation with suppliers, so as to plug the loopholes in procurement and reduce procurement risks. The company continuously improved the procurement management information system, realized information processing in the links of purchase requisition, warehousing and payment for goods, and reasonably guaranteed the purchase quality, improved the logistics speed and controlled the procurement cost from the aspects of material quality, price, service and delivery date.
Asset management: in order to better protect the safety and integrity of assets, the company has established relatively perfect rules and regulations for the purchase, storage, use, maintenance and disposal of assets, such as fixed asset management system, low value consumables management system, inventory management system, etc. the company has established post responsibility system for physical asset management, which can be used for the acceptance and warehousing of physical assets Key links such as receiving, issuing, storage and disposal are controlled, and measures such as division of responsibilities, regular physical inventory, property records and account verification are taken to ensure the safety of the company's property. These rules and regulations have been effectively implemented, thus fundamentally ensuring the safety and integrity of assets.
Monetary Fund Management: for the revenue and expenditure of monetary funds, the company shall separate the fund revenue and expenditure handling and bookkeeping posts; Regularly or irregularly count monetary funds and bank reconciliation to ensure cash flow