Yunnan Aluminum Co., Ltd
Self evaluation report on internal control in 2021 Yunnan Aluminium Co.Ltd(000807) all shareholders:
According to the provisions of the basic norms of enterprise internal control and its supporting guidelines and other internal control supervision requirements (hereinafter referred to as the enterprise internal control standard system), combined with Yunnan Aluminium Co.Ltd(000807) (hereinafter referred to as the company) internal control system and evaluation methods, on the basis of daily supervision and special supervision of internal control, We evaluated the effectiveness of the company's internal control as of December 31, 2021 (benchmark date of internal control evaluation report).
1、 Important statement
It is the responsibility of the board of directors of the company to establish, improve and effectively implement internal control, evaluate its effectiveness and truthfully disclose the internal control evaluation report in accordance with the provisions of the enterprise's internal control standard system. The board of supervisors shall supervise the establishment and implementation of internal control by the board of directors. The management is responsible for organizing and leading the daily operation of the enterprise's internal control. The board of directors, the board of supervisors and the directors, supervisors and senior managers of the company guarantee that there are no false records, misleading statements or major omissions in the contents of this report, and bear individual and joint legal liabilities for the authenticity, accuracy and completeness of the contents of the report.
The objective of the company's internal control is to reasonably ensure the legal compliance of operation and management, asset safety, authenticity and integrity of financial reports and relevant information, improve operation efficiency and effect, and promote the realization of development strategy. Due to the inherent limitations of internal control, it can only provide reasonable assurance for the realization of the above objectives. In addition, as changes in circumstances may lead to inappropriate internal control or reduced compliance with control policies and procedures, there is a certain risk to speculate the effectiveness of internal control in the future according to the internal control evaluation results.
2、 Internal control evaluation conclusion
According to the identification standard of major defects in the company's internal control over financial reporting, the company has no major defects in the internal control over financial reporting on the benchmark date of the internal control evaluation report. The company has maintained effective internal control over financial reporting in all major aspects in accordance with the requirements of the enterprise internal control standard system and relevant regulations.
According to the identification of major defects in the company's internal control over non-financial reports, the company found no major defects in the company's internal control over non-financial reports on the benchmark date of the internal control evaluation report.
There are no factors affecting the evaluation conclusion of the effectiveness of internal control from the base date of the internal control evaluation report to the date of issuance of the internal control evaluation report.
3、 Internal control evaluation
(I) evaluation scope of internal control
According to the risk oriented principle, the company determines the main units, businesses and matters included in the evaluation scope and high-risk areas. The units included in the evaluation scope include: the company's parent company and the main holding enterprises, a total of 18. The total assets of the units included in the evaluation scope account for 93.94% of the total assets in the company's consolidated financial statements, and the total operating revenue accounts for 90.20% of the total operating revenue in the company's consolidated financial statements. The main businesses and matters included in the evaluation scope include: decision-making mechanism, authorization management, subordinate enterprise control, compliance management, fund management, safety and environmental protection management, etc; The high-risk areas of focus mainly include financial management, fund management, sales and receivables, procurement logistics and payment, project management, legal affairs and compliance, etc. The self-evaluation covers the main aspects of the company's operation and management without major omissions.
(2) Internal control evaluation basis and internal control defect identification standard the board of directors of the company is divided into single defect identification and summary defect identification according to the identification requirements of the enterprise's internal control standard system for major defects, important defects and general defects, combined with the company's scale, industry characteristics, risk preference, risk tolerance and other factors. When identifying internal control defects, distinguish between internal control defects in financial reports and internal control defects in non-financial reports, and the identification standard is consistent with that in previous years. The specific identification standards of internal control defects determined by the company are as follows:
1. Identification standard of single internal control defect
The identification of a single internal control defect refers to the identification of each internal control defect found separately. When identifying defects, first make qualitative judgment, and then make quantitative judgment.
(1) Identification standard of internal control defects in financial reporting
① Qualitative criteria for the evaluation of internal control defects in financial reporting
The qualitative standard is mainly determined according to the nature, scope and characteristics of the direct or potential negative impact of the defect. If it belongs to any of the following circumstances and has a serious impact on the achievement of the company's objectives, it is directly recognized as a major defect. Specifically, it includes the following seven situations: fraud by directors, supervisors and senior managers; Restate the previously disclosed financial statements and correct major financial misstatements; It is found that there are significant misstatements in the current financial statements, but the internal control fails to find them in the operation process; The failure of internal control leads to significant loss of the group's assets; The supervision and inspection of internal control by the audit committee and the internal audit function is invalid; Key or important incompatible posts are not properly separated; Improper authorization management of information system may lead to illegal operation and fraud.
Defects that are not reasonably likely to lead to misstatement of financial statements are finally identified as "major defects", "important defects" or "general defects" through two qualitative judgment steps: "whether the importance of the defects is enough to attract the attention of relevant personnel responsible for supervising and managing the enterprise's financial statements" and "whether a sufficiently informed, competent and objective person will consider the defects as major defects".
② Quantitative criteria for the evaluation of internal control defects in financial reporting
For the defects that are reasonably likely to lead to the misstatement of the financial statements, the defect level shall be determined according to the influence degree of the possible misstatement and after comprehensive consideration of other factors. The impact degree of possible misstatement of defects is directly linked to the importance level of the financial statements, which is generally calculated by multiplying the audited total assets of the enterprise by 1. The estimated defect directly affects the amount of misstatement that may be caused by the accounting item, and the influence degree of the defect shall be determined according to the following judgment criteria.
Significant impact: the amount of misstatement that may be caused by defects exceeds (including) more than 100% of the importance level of the financial statements;
Significant impact: the amount of misstatement that may be caused by defects exceeds (including) more than 60% of the importance level of the financial statements, but does not reach 100%;
General impact: the amount of misstatement that may be caused by defects does not exceed 60% of the materiality level of the financial statements.
For internal control defects with judgment results of "significant impact" and "significant impact", if there is effective compensatory control in operation, it shall be recognized as "significant defect" or "general defect", otherwise it shall be recognized as "significant defect" or "important defect". Internal control defects whose judgment result is "general impact" are recognized as "general defects".
(2) Identification standard of internal control defects in non-financial reporting
① Qualitative criteria for the evaluation of internal control defects in non-financial reports
The qualitative standard is mainly determined according to the nature, scope and characteristics of the direct or potential negative impact of defects. The occurrence of any of the following six situations, which has a serious impact on the realization of the enterprise's objectives, should be directly identified as a major defect, specifically: lack of democratic decision-making procedures or unscientific major decision-making procedures; Serious violation of national laws and regulations; Serious loss of important management or technical personnel; Negative news frequently appeared in the media, and important well-known media at home and abroad released or reprinted major events of enterprises, which attracted extensive attention of the society; Lack of important systems or control, resulting in systematic failure of internal control; Major or important defects of previous years have not been rectified in time.
② Quantitative standard for evaluation of internal control defects in non-financial reporting
The non-financial quantitative standards comprehensively consider the possible or existing impact from the five dimensions of strategy, enterprise operation, personnel health and safety, ecological environment and enterprise reputation. If multiple dimensional objectives are affected, the dimensional objectives with the greatest impact will be selected for judgment. The specific quantitative standards are as follows:
Impact strategic objectives business objectives personnel health ecological environment corporate reputation objectives
Safety objective
For the direct economic loss of the enterprise strategy, the safety life of the enterprise, the amount of the enterprise's safety, environmental protection and goal realization exceeds the property accident, resulting in particularly significant social responsibility, professional ethics and significant impact, the importance of financial statements, the death of adults or major sudden business conditions and other negative news, which can bring 100% of the level of the enterprise to death, Or cause three environmental incidents to be continuously reported and affected by the national media. In terms of fatal consequences, it will cause serious injuries to the daily people (including) of the enterprise, and be often operated and sustained by the industry or regulatory authorities; Or major adverse events are concerned and investigated by major adverse organizations, or there are group events with major impact level I (extra large) or level II potential accidents (Major) that have a significant impact on the development of enterprises, resulting in major adverse effects
The direct economic loss to the enterprise strategy did not cause the death of the enterprise. The amount of the enterprise's safety, environmental protection and goal realization exceeded the financial loss, resulting in a major sudden social responsibility, professional ethics and great impact. The importance of financial statements, the business status of less than three people and other negative news may cause 60% of the enterprise level, but three people were injured, resulting in being reported by the provincial media, If the strategic deviation of the affected industry fails to reach the major adverse effect above the importance (included), the provincial government department requires to report the established goal, 100% of the level, and minor injury; Or enterprise impact report, or class III (I, but it will not cause general impact on the daily operation of the enterprise) group events, which will have a good impact on the overall operation and sustainable development of the enterprise (a enterprise reputation will cause great impact, not slight failure and great impact)
The direct economic loss to the enterprise strategy does not cause personnel. The amount of the enterprise's safety, environmental protection and goal realization does not exceed the death or serious general sudden social responsibility, professional ethics, minor or minor important injury to the financial statements, or the general impact of negative news such as the operation status of environmental matters, which will not affect the safety level of less than 3 people, It is affected by media reports below the provincial level, causing 60% of strategic objectives and daily injury to enterprises; Or the enterprise has an adverse impact on the road, or the level IV petition mark deviates from the normal operation, and there are continuous common and prominent problems, which has a slight or hidden danger to the sound development of the enterprise (b reputation causes slight or minor damage and minor impact)
Note: for internal control defects with judgment results of "significant impact" and "significant impact", if there is effective compensatory control in operation, it shall be recognized as "significant defect" or "general defect", otherwise it shall be recognized as "significant defect" or "important defect". Internal control defects whose judgment result is "general impact" are recognized as "general defects".
2. Summary and identification standards of internal control defects
The summary identification of internal control defects refers to the combined identification of internal control defects found. When summarizing and identifying, we should summarize and combine the internal control defects of the same process at all levels, first make quantitative judgment, and then make qualitative judgment to evaluate the impact on the enterprise objectives.
(1) Quantitative standard: the combination of internal control defects in the same process is also divided into financial report and non-financial Report internal control defects. The quantitative identification standard is consistent with that of a single defect.
(2) Qualitative criteria: the combination of internal control defects identified as having "significant impact" and "significant impact" through quantitative judgment summary shall also be subject to qualitative judgment. If there is effective compensatory control in operation, it shall be identified as "significant defect" or "general defect", otherwise it shall be identified as "significant defect" or "significant defect".
(III) identification and rectification of internal control defects
1. Identification and rectification of internal control defects in financial reporting
According to the above identification standards of internal control defects in financial reports, the company did not have major defects and important defects in internal control of financial reports in the previous year and this reporting period.
2. Identification and rectification of internal control defects in non-financial reports
According to the above identification standards of internal control defects in non-financial reports, no major defects and important defects in the company's internal control over non-financial reports were found during the reporting period.
A total of 62 general defects were found in the self-evaluation of last year, and the rectification has been completed by the end of March 2021. A total of 42 general defects were found in this year, and the rectification has been completed by the reporting date. In 2022, the company will continue to improve the construction of internal control system, enhance the execution of internal control, find out the weak links of internal control in time, effectively improve the company's risk prevention ability, and contribute to the authenticity of financial reports Integrity, as well as the realization of the company's strategy and business objectives, so as to promote the steady and healthy development of the company.
4、 Description of other major matters related to internal control
During the reporting period, the company has no other major matters related to internal control that need to be explained.
Yunnan Aluminium Co.Ltd(000807) board of directors
March 21, 2022