Shenzhen Hepalink Pharmaceutical Group Co.Ltd(002399) : internal control self-evaluation report

Shenzhen Hepalink Pharmaceutical Group Co.Ltd(002399)

Self evaluation report on internal control in 2021

Shenzhen Hepalink Pharmaceutical Group Co.Ltd(002399) all shareholders:

In accordance with the provisions of the basic norms of enterprise internal control and its supporting guidelines and other internal control regulatory requirements (hereinafter referred to as the “enterprise internal control normative system”), combined with the internal control system and evaluation methods of the company (hereinafter referred to as the “company”), on the basis of daily and special supervision of internal control, We evaluated the effectiveness of the company’s internal control on December 31, 2021 (the benchmark date of the internal control evaluation report).

1、 Important statement

According to the provisions of the enterprise’s internal control standard system, it is the responsibility of the board of directors of the company to establish, improve and effectively implement internal control, evaluate its effectiveness, and truthfully disclose the internal control evaluation report. The board of supervisors shall supervise the establishment and implementation of internal control by the board of directors. The management is responsible for leading the daily operation of the enterprise’s internal control. The board of directors, the board of supervisors and the directors, supervisors and senior managers of the company guarantee that there are no false records, misleading statements or major omissions in the contents of this report, and bear individual and joint legal liabilities for the authenticity, accuracy and completeness of the contents of the report.

The reasonable objectives of the company’s internal control ensure the legal compliance of operation and management, asset safety, authenticity and integrity of financial reports and relevant information, improve operation efficiency and effect, and promote the realization of development strategy. Due to the inherent limitations of internal control, it can only provide reasonable assurance for the realization of the above objectives. In addition, as changes in circumstances may lead to inappropriate internal control, or reduce the degree of compliance with control policies and procedures, it is risky to speculate the effectiveness of internal control in the future according to the internal control evaluation.

2、 Internal control evaluation conclusion

According to the identification of major defects in the company’s internal control over financial reporting, there are no major defects in the internal control over financial reporting on the benchmark date of the internal control evaluation report. The board of Directors believes that the company has maintained effective internal control over financial reporting in all major aspects in accordance with the requirements of the enterprise’s internal control standard system and relevant regulations. According to the identification of major defects in the company’s internal control over non-financial reports and the benchmark date of the internal control evaluation report, the company has not found any major defects in the internal control over non-financial reports.

Factors affecting the evaluation conclusion of control effectiveness of the Department.

3、 Internal control evaluation

(I) internal control rating

According to the risk oriented principle, the company determines the main units, businesses and matters included in the evaluation scope and high-risk areas. The units included in the evaluation scope include the company and all subsidiaries. The assets of the units included in the evaluation scope account for 100% of the total assets in the company’s consolidated financial statements, and the total operating revenue accounts for 100% of the total operating revenue in the company’s consolidated financial statements.

The main operations and matters included in the scope of evaluation include:

Corporate Governance: organizational structure, development strategy, human resources, social responsibility and corporate culture; Business process level: capital activities, procurement business, asset management, sales business, research and development, engineering projects, guarantee business, financial report, comprehensive budget, contract management, information disclosure, related party transactions, raised funds, major investment, management of foreign branches (subsidiaries) in China, compliance supervision, internal information communication and information system, etc.

The high-risk areas of focus mainly include sales business, procurement business, research and development, contract management, the group’s management of foreign subsidiaries, compliance supervision, human resources, etc.

The units, businesses and matters within the above evaluation scope and high-risk areas cover the main aspects of the company’s operation and management, and there are no major omissions.

(II) basis of internal control evaluation and identification standard of internal control defects

The company organizes and carries out internal control evaluation according to the enterprise internal control standard system and enterprise accounting standards.

The board of directors of the company studied and determined the specific identification standards of internal control defects applicable to the company according to the identification requirements of major defects, important defects and general defects of the enterprise internal control standard system, combined with the factors such as the company’s scale, industry characteristics, risk preference and risk tolerance, and distinguished the internal control of financial reports from the internal control of non-financial reports. The identification standards of internal control defects determined by the company are as follows:

1. Identification standard of internal control defects in financial reporting

The quantitative criteria for the evaluation of internal control defects in financial reporting determined by the company are as follows:

Based on the principle of whether it directly affects the financial report, the company divides the importance of misstatement of financial statements into major defects, major defects and general defects. Quantitative indicators of defects include: potential misstatement of total assets, potential misstatement of operating income, potential misstatement of total profits and potential misstatement of owner’s equity.

Evaluation index and standard

Potential misstatement of total assets of evaluation grade potential misstatement of operating income potential misstatement of total profits potential misstatement of owner’s equity potential misstatement

Misstatement of major defects ≥ misstatement of total assets ≥ misstatement of operating revenue ≥ misstatement of total profits ≥ 5% of total owner’s equity 10% of total owner’s equity 5%

0.6% of total assets, 5% of total profits of total operating income ≤ important defects of total owner’s equity ≤ misstatement 2% of total assets or ≤ misstatement business misstatement 2% of total profits ≤ misstatement 1% of total owner’s income, 10% of total equity

General defect misstatement < misstatement of total assets < misstatement of operating revenue < misstatement of total profits < 2% of total owner’s equity < 5% of total owner’s equity < 2% of total

For the above quantitative indicators, the company adopts the principle of “the higher the identification result”, that is, the highest degree of misstatement identified by the above quantitative indicators is used as the quantitative indicator for the identification of internal control defects in financial reporting. The financial index value referred to in the quantitative standard is the audited consolidated statement data of the company’s misstatement year.

The qualitative criteria for the evaluation of internal control defects in financial reporting determined by the company are as follows:

Defects with the following characteristics are recognized as major defects:

(1) Invalid internal control environment;

(2) Directors, supervisors and senior managers abuse their power and commit corrupt or illegal acts such as embezzlement, bribery and misappropriation of public funds;

(3) Major violations of the company’s accounting statements, financial reports and information disclosure;

(4) The certified public accountant shall issue three audit reports other than unqualified opinions on the company’s financial statements.

Important defects refer to misstatements and omissions that cannot be prevented, discovered and corrected in time, either alone or in combination with other defects, although the level of importance in the financial report is not reached or exceeded, but should still be paid attention to by the board of directors and the management.

General defects refer to other control defects other than the above major defects and important defects.

2. Identification standard of internal control defects in non-financial reporting

The quantitative criteria for the evaluation of internal control defects in non-financial reporting determined by the company are as follows:

According to the absolute amount of direct property loss that may be caused by defects, it is divided into major defects, important defects and general defects. The financial index value referred to in the quantitative standard is the audited consolidated statement data of the year in which the company’s losses occurred.

Direct property loss amount of defect identification

Major defect loss ≥ 10% of total profit

5% of total profit of major defects ≤ loss < 10% of total profit

General defect loss < 5% of total profit

The qualitative criteria for the evaluation of internal control defects in non-financial reporting determined by the company are as follows:

Defects with the following characteristics are recognized as major defects:

(1) Violation of relevant laws, regulations or regulatory requirements of the country where the operation is located, and the circumstances are very serious, resulting in severe punishment by the regulatory department or other very serious legal consequences;

(2) There are major defects in safety production management and environmental protection management, and safety and environmental protection accidents occur frequently, resulting in serious consequences;

(3) There are major defects in quality management, and major quality problems cause investigation or litigation by the government or regulatory authorities;

(4) It may cause serious problems in business or services, affect the delivery of multiple key products or services, and have a continuous and significant impact on the company’s production and operation;

(5) The negative impact has affected a wide range, attracted wide public attention at home and abroad, and had a serious negative impact on the company’s reputation and stock price.

Defects with the following characteristics are recognized as important defects:

(1) Violation of relevant laws, regulations or regulatory requirements of the country where the operation is located, and the circumstances are relatively serious, resulting in more serious punishment or other serious legal consequences by the regulatory authority;

(2) There are important defects in safety production management and environmental protection management, resulting in major safety and environmental protection accidents, resulting in more serious consequences;

(3) There are important defects in quality management, and major quality problems lead to bulk returns;

(4) It may cause important problems in products or services, affect the delivery of one or more products or services, and have a significant impact on the production and operation of the company;

(5) The negative impact will spread inside and outside the industry, attract public attention, and have a great negative impact on the company’s reputation in some areas.

General defects refer to other control defects other than the above major defects and important defects.

(III) identification and rectification of internal control defects

1. Identification and rectification of internal control defects in financial reporting

According to the above identification standards of internal control defects in financial reporting, the company has no major defects and important defects in internal control of financial reporting during the reporting period.

2. Identification and rectification of internal control defects in non-financial reporting

According to the above identification standards of internal control defects in non-financial reports, no major defects and important defects in the company’s internal control over non-financial reports were found during the reporting period.

(IV) description of other major matters related to internal control

1. Rectification of internal control defects in the previous year

□ applicable √ not applicable

2. Internal control improvement measures and risk response plan for the next year

In 2021, the global epidemic situation was repeated and the economic environment was complex and changeable. The company continued to deepen the global layout of the whole heparin industry chain and new drug research and development, deepen and improve the system and mechanism, and improve the operation and management efficiency. In 2022, the company will continue to deepen the construction and optimization of business processes and internal control system, accelerate the transformation drive of digital business, further improve various internal control systems, standardize the implementation of internal control systems, strengthen the supervision and inspection of internal control, strengthen internal control management through the pre, in-process and post control of various risks, effectively prevent various risks and promote the efficient, healthy and sustainable development of the company

3. Description of other major matters related to internal control

During the reporting period, the company did not explain other major matters related to internal control.

Chairman (authorized by the board of directors): Li Li Shenzhen Hepalink Pharmaceutical Group Co.Ltd(002399) April 11, 2002

- Advertisment -