Sinopec Shanghai Petrochemical Company Limited(600688) : 2021 annual internal control evaluation report

China Petroleum & Chemical Corporation(600028) Shanghai Petrochemical Co., Ltd

Internal control evaluation report in 2021

China Petroleum & Chemical Corporation(600028) all shareholders of Shanghai Petrochemical Co., Ltd.:

In accordance with the provisions of the basic norms of enterprise internal control and its supporting guidelines and other internal control regulatory requirements (hereinafter referred to as the enterprise internal control normative system), combined with the company's (hereinafter referred to as the company's) internal control system and evaluation methods, and on the basis of daily and special supervision of internal control, we evaluated the effectiveness of the company's internal control on December 31, 2021 (the benchmark date of internal control evaluation report). I Important statement

It is the responsibility of the board of directors of the company to establish, improve and effectively implement internal control, evaluate its effectiveness and truthfully disclose the internal control evaluation report in accordance with the provisions of the enterprise's internal control standard system. The board of supervisors shall supervise the establishment and implementation of internal control by the board of directors. The management is responsible for organizing and leading the daily operation of the enterprise's internal control. The board of directors, the board of supervisors and the directors, supervisors and senior managers of the company guarantee that there are no false records, misleading statements or major omissions in the contents of this report, and bear individual and joint legal liabilities for the authenticity, accuracy and completeness of the contents of the report.

The objective of the company's internal control is to reasonably ensure the legal compliance of operation and management, asset safety, authenticity and integrity of financial reports and relevant information, improve operation efficiency and effect, and promote the realization of development strategy. Due to the inherent limitations of internal control, it can only provide reasonable assurance for the realization of the above objectives. In addition, as changes in circumstances may lead to inappropriate internal control or reduced compliance with control policies and procedures, there is a certain risk to speculate the effectiveness of internal control in the future according to the internal control evaluation results. II Internal control evaluation conclusion 1 On the benchmark date of the internal control evaluation report, does the company have any major defects in the internal control of financial reporting

□ yes √ no

2. Evaluation conclusion of internal control over financial reporting

√ valid □ invalid

According to the identification of major defects in the company's internal control over financial reporting, there are no major defects in the internal control over financial reporting on the benchmark date of the internal control evaluation report. The board of Directors believes that the company has maintained effective internal control over financial reporting in all major aspects in accordance with the requirements of the enterprise's internal control standard system and relevant regulations. 3. Whether major defects in internal control over non-financial reporting are found

□ yes √ no

According to the identification of major defects in the company's internal control over non-financial reports, the company found no major defects in the company's internal control over non-financial reports on the benchmark date of the internal control evaluation report.

4. Factors affecting the evaluation conclusion of internal control effectiveness from the benchmark date of internal control evaluation report to the date of issuance of internal control evaluation report □ applicable √ not applicable

There are no factors affecting the evaluation conclusion of the effectiveness of internal control from the base date of the internal control evaluation report to the date of issuance of the internal control evaluation report. 5. Whether the internal control audit opinion is consistent with the company's evaluation conclusion on the effectiveness of internal control over financial reporting

√ yes □ No 6 Whether the disclosure of major defects in internal control of non-financial reports in the internal control audit report is consistent with the disclosure of the company's internal control evaluation report √ yes □ no III Internal control evaluation (I) Scope of internal control evaluation

According to the risk oriented principle, the company determines the main units, businesses and matters included in the evaluation scope and high-risk areas. 1. The main units included in the evaluation scope include: the company's headquarters, subsidiaries and secondary units. 2. Proportion of units included in the scope of evaluation:

Proportion of indicators (%)

The total assets of the units included in the evaluation scope account for 100% of the total assets in the company's consolidated financial statements

The total operating income of the units included in the evaluation scope accounts for 100% of the total operating income in the company's consolidated financial statements

3. The main operations and matters included in the scope of evaluation include:

All matters covered in the company's internal control manual. 4. High risk areas of focus mainly include:

The high-risk areas of focus mainly include production safety risk, macroeconomic risk, financial and financial derivatives business risk, procurement and supply chain management risk, human resources risk, scientific and technological innovation risk, environmental protection risk, market competition and price risk, investment risk, Party style and clean government (moral integrity) risk, etc. 5. The above units, businesses and matters included in the evaluation scope and high-risk areas cover the main aspects of the company's operation and management. Is there any major omission □ yes √ No 6 Is there a statutory exemption

□ yes √ No 7 Other explanatory matters

nothing

(2) Basis of internal control evaluation and identification standard of internal control defects

The company organizes and carries out internal control evaluation according to the enterprise internal control standard system and the company's current internal control manual and internal control inspection, evaluation and assessment methods. 1. Whether the specific identification standard of internal control defects is adjusted with that of previous years

□ yes √ no

The board of directors of the company distinguished the internal control of financial report from the internal control of non-financial report according to the identification requirements for major defects, important defects and general defects of the enterprise internal control standard system, combined with the factors such as the company's size, industry characteristics, risk preference and risk tolerance, and studied and determined the specific identification standards of internal control defects applicable to the company, which are consistent with the previous years. 2. Identification standard of internal control defects in financial reporting

The quantitative criteria for the evaluation of internal control defects in financial reporting determined by the company are as follows:

Index name major defect quantitative standard important defect quantitative standard general defect quantitative standard

Amount of misstatement amount of misstatement on the company's current year profits amount of misstatement on the company's current year profits amount of misstatement on the company's current year total profits: 5% or more of the total profits: 1% (inclusive) to 5% of the total profits: less than 1%

Description:/

The qualitative criteria for the evaluation of internal control defects in financial reporting determined by the company are as follows:

Qualitative standard of defect nature

Major defects 1 Directors, supervisors and senior management have committed fraud related to financial reporting.

2. The responsibilities, authorities, qualifications and rules of procedure of the audit committee are unclear or not strictly implemented, and the audit committee's supervision of the company's external financial report and internal control is invalid.

3. Major misstatement found by the external auditor in the audit of this year, and the company's internal control operation failed to find the misstatement.

4. Revise the published financial report, except in accordance with the requirements of regulatory authorities.

Important defects 1 The control defects in the selection of financial accounting system, such as the company's failure to select and apply accounting policies in accordance with generally accepted accounting standards, or the random change of accounting policies and accounting estimates, or the improper preparation basis of financial statements, lead to major misstatement in the financial report.

2. The control defect of preventing fraud and fraud, the key business areas are not effectively balanced and supervised, and there is no corresponding compensatory control.

There are defects in the process control of the financial report at the end of the period, such as the failure to check the assets, check the current accounts, and withdraw the asset impairment according to the regulations, resulting in major misstatement in the financial report.

3. The general control and application control of the information system related to financial report are not designed or implemented in accordance with the requirements of internal control, and there is no corresponding compensatory control, resulting in major misstatement of financial report.

4. Changes in business or management that are critical to the financial reporting process (such as restructuring, mergers and acquisitions, overseas investment, etc.), lack of risk assessment and control measures, resulting in major misstatement of the financial report.

5. Non recurring and non systematic transactions, such as non monetary transactions, debt restructuring, accounting error adjustment and other control defects, resulting in major misstatement of the financial report.

General defects are other defects except major defects and important defects.

Description:/

3. Identification standard of internal control defects in non-financial reporting

The quantitative criteria for the evaluation of internal control defects in non-financial reporting determined by the company are as follows:

Index name major defect quantitative standard important defect quantitative standard general defect quantitative standard

Amount of misstatement effect of amount of misstatement on the company's profit of the current year effect of amount of misstatement on the company's total profit of the current year: 5% or more effect: 1% (inclusive) to 5% effect on total profit of the company: less than 1%

Description:/

The qualitative criteria for the evaluation of internal control defects in non-financial reporting determined by the company are as follows:

Qualitative standard of defect nature

Major defects 1 The division of responsibilities and authorities between the management (board of directors and board of supervisors) and the management is improper, and the rules of procedure are unclear or not strictly implemented.

2. The company lacks democratic decision-making procedures.

3. Violation of national laws and regulations, resulting in significant economic losses and reputation impact on the company.

4. Major defects in internal control evaluation have not been rectified and still have a significant impact on the current period.

Important defects 1 Failing to send shareholder representatives, directors and supervisors to the investment enterprise in accordance with the procedures prescribed by the company, or the dispatched personnel fail to perform their duties in accordance with the procedures and authorities prescribed by the company.

2. The company has not established a reporting and complaint system or the system has not been effectively implemented, resulting in the failure of normal use of reporting channels, disclosure of secrets by reporting investigators, retaliation against informants, etc.

3. The risk assessment before the implementation of the company's major projects is not in place, the formulated response measures are not feasible or the implementation is not in place, which may lead to the deviation of the project from the expected objectives and the company suffers great losses.

4. The company suffers great loss due to lack of control system.

5. The general control and application control of non-financial reporting related information system are not designed or implemented in accordance with the requirements of internal control, and there is no corresponding compensatory control.

6. Major defects in internal control have not been effectively rectified within a reasonable period of validity, and the defects still have a significant impact on the current period.

7. Major defects in the company's internal control have not been effectively rectified within a reasonable period of validity, and the defects still have a significant impact on the current period.

General defects are other defects except major defects and important defects.

Description: / (III) Identification and rectification of internal control defects 1 Identification and rectification of internal control defects in financial reporting 1.1 Major defects

Whether the company has major defects in internal control over financial reporting during the reporting period □ yes √ no 1.2 Important defects

Whether the company has significant defects in internal control over financial reporting during the reporting period □ yes √ no 1.3 General defect

1.4. After the above rectification, on the benchmark date of the internal control evaluation report, does the company have any major defects in the internal control of financial reporting that have not been rectified □ yes √ no 1.5 After the above rectification, on the benchmark date of the internal control evaluation report, whether the company has any important defects in the internal control of financial reporting that have not been rectified □ yes √ No 2 Identification and rectification of internal control defects in non-financial reporting 2.1 Major defects

Whether the company found any major defects in internal control over non-financial reporting during the reporting period □ yes √ no 2.2 Important defects

Whether the company found any significant defects in internal control over non-financial reporting during the reporting period □ yes √ no 2.3 General defect

None 2.4 After the above rectification, on the benchmark date of the internal control evaluation report, does the company find any major defects in the non-financial reporting internal control that have not been rectified □ yes √ no 2.5 After the above rectification, on the benchmark date of the internal control evaluation report, whether the company finds any important defects in non-financial reporting internal control that have not been rectified □ yes √ no IV Description of other major matters related to internal control 1 Rectification of internal control defects in the previous year □ applicable √ not applicable 2 Operation of internal control in this year and improvement direction in the next year

□ applicable √ not applicable 3 Description of other major events

□ applicable √ not applicable

Chairman (authorized by the board of directors): Wu Haijun China Petroleum & Chemical Corporation(600028) Shanghai Petrochemical Co., Ltd

- Advertisment -