Shanghai Zhenhua Heavy Industries Co.Ltd(600320) : annual internal control evaluation report

Company code: Shanghai Zhenhua Heavy Industries Co.Ltd(600320) 900947 company abbreviation: Shanghai Zhenhua Heavy Industries Co.Ltd(600320) Zhenhua B-share Shanghai Shanghai Zhenhua Heavy Industries Co.Ltd(600320) (Group) Co., Ltd

Internal control evaluation report in 2021

All shareholders of Shanghai Shanghai Zhenhua Heavy Industries Co.Ltd(600320) (Group) Co., Ltd.:

In accordance with the provisions of the basic norms of enterprise internal control and its supporting guidelines and other internal control regulatory requirements (hereinafter referred to as the enterprise internal control normative system), combined with the company’s (hereinafter referred to as the company’s) internal control system and evaluation methods, and on the basis of daily and special supervision of internal control, we evaluated the effectiveness of the company’s internal control on December 31, 2021 (the benchmark date of internal control evaluation report). I Important statement

It is the responsibility of the board of directors of the company to establish, improve and effectively implement internal control, evaluate its effectiveness and truthfully disclose the internal control evaluation report in accordance with the provisions of the enterprise’s internal control standard system. The board of supervisors shall supervise the establishment and implementation of internal control by the board of directors. The management is responsible for organizing and leading the daily operation of the enterprise’s internal control. The board of directors, the board of supervisors and the directors, supervisors and senior managers of the company guarantee that there are no false records, misleading statements or major omissions in the contents of this report, and bear individual and joint legal liabilities for the authenticity, accuracy and completeness of the contents of the report.

The objective of the company’s internal control is to reasonably ensure the legal compliance of operation and management, asset safety, authenticity and integrity of financial reports and relevant information, improve operation efficiency and effect, and promote the realization of development strategy. Due to the inherent limitations of internal control, it can only provide reasonable assurance for the realization of the above objectives. In addition, as changes in circumstances may lead to inappropriate internal control or reduced compliance with control policies and procedures, there is a certain risk to speculate the effectiveness of internal control in the future according to the internal control evaluation results. II Internal control evaluation conclusion 1 On the benchmark date of the internal control evaluation report, does the company have any major defects in the internal control of financial reporting

□ yes √ no

2. Evaluation conclusion of internal control over financial reporting

√ valid □ invalid

According to the identification of major defects in the company’s internal control over financial reporting, there are no major defects in the internal control over financial reporting on the benchmark date of the internal control evaluation report. The board of Directors believes that the company has maintained effective internal control over financial reporting in all major aspects in accordance with the requirements of the enterprise’s internal control standard system and relevant regulations. 3. Whether major defects in internal control over non-financial reporting are found

□ yes √ no

According to the identification of major defects in the company’s internal control over non-financial reports, the company found no major defects in the company’s internal control over non-financial reports on the benchmark date of the internal control evaluation report. 4. factors affecting the evaluation conclusion of internal control effectiveness from the base date of the internal control evaluation report to the date of issuance of the internal control evaluation report □ applicable √ not applicable

There are no factors affecting the evaluation conclusion of the effectiveness of internal control from the base date of the internal control evaluation report to the date of issuance of the internal control evaluation report.

5. whether the internal control audit opinion is consistent with the company’s evaluation conclusion on the effectiveness of internal control over financial reporting

√ yes □ No 6 Whether the disclosure of major defects in internal control of non-financial reports in the internal control audit report is consistent with the disclosure of the company’s internal control evaluation report √ yes □ no III Internal control evaluation (I) Scope of internal control evaluation

According to the risk oriented principle, the company determines the main units, businesses and matters included in the evaluation scope and high-risk areas. 1. The main units included in the evaluation scope include: since most of the company’s branches and subsidiaries are internal transactions, their transaction volume can be basically offset at the consolidation level; The business of each subsidiary company is relatively simple, mainly providing processing, labor, transportation, sales and other services to the group. Therefore, the internal control self-evaluation work focuses on the headquarters of the company, and the sample test of each subsidiary and branch included in the scope of consolidated statements is added during the test. The scope of this internal control evaluation includes the company’s headquarters and all subsidiaries and branches included in the scope of consolidated statements. 2. Proportion of units included in the scope of evaluation:

Proportion of indicators (%)

The total assets of the units included in the evaluation scope account for 95% of the total assets in the company’s consolidated financial statements

The total operating income of the units included in the evaluation scope accounts for 93% of the total operating income in the company’s consolidated financial statements

3. The main operations and matters included in the scope of evaluation include:

Budget management, procurement management, sales management, engineering project management, construction contract project management, financial management, fund management (including investment management), asset management, human resource management, information system management, etc. 4. High risk areas of focus mainly include:

Sales and accounts receivable management, inventory management 5 The above units, businesses and matters included in the evaluation scope and high-risk areas cover the main aspects of the company’s operation and management. Is there any major omission

□ yes √ No 6 Is there a statutory exemption

□ yes √ No 7 Other explanatory matters

None (II) Basis of internal control evaluation and identification standard of internal control defects

The company organizes and carries out internal control evaluation on the basis of daily and special supervision of internal control according to the enterprise internal control standard system and the company’s internal control system and evaluation methods.

The internal control evaluation of the company shall strictly follow the following principles. Principle of comprehensiveness: the evaluation work will include the design and operation of control, covering various businesses and matters of the company; Principle of importance: the internal control evaluation team will pay attention to important business units, major business matters and high-risk areas on the basis of comprehensive evaluation; Principle of objectivity: ensure the objectivity of the evaluation work from the perspective of personnel independence and ability, formulate a scientific and reasonable evaluation work plan, determine the evaluation method and strictly implement it after accurately revealing the economic and important business matters. 1. Whether the specific identification standard of internal control defects is adjusted with that of previous years

□ yes √ no the board of directors of the company has studied and determined the specific identification standards of internal control defects applicable to the company according to the identification requirements of the enterprise internal control standard system for major defects, important defects and general defects, combined with the company’s scale, industry characteristics, risk preference, risk tolerance and other factors, and distinguished the internal control of financial reports from the internal control of non-financial reports, which are consistent with the previous years. 2. Identification standard of internal control defects in financial reporting

The quantitative criteria for the evaluation of internal control defects in financial reporting determined by the company are as follows:

Index name major defect quantitative standard important defect quantitative standard general defect quantitative standard

Total net assets of misstatements ≥ 1%; Net assets ≥ 0.5% and 1.0%; Net assets 0.5%;

Total profit ≥ 5%, total profit ≥ 3% and total profit 3%

Note: if the quantitative standard involves multiple quantitative indicators, the board of directors of the company determines to apply it according to the lower principle.

If the quantitative standard involves multiple quantitative indicators, the benchmark of internal control defect identification standard (Quantitative) in 2021 is adjusted from the audited financial data of the previous year to the audited financial data of the current year, and the values of the financial indicators involved are the audited consolidated statement data of the company in the current year.

For internal control defects in financial statements, determine the potential misstatement rate according to the number of misstatement samples at the control point and the total number of samples taken, then calculate the potential misstatement amount at the control point according to the potential misstatement rate and the cumulative amount in the same direction of the corresponding accounting subjects, and then calculate the size of misstatement indicators according to the total potential misstatement amount in the corresponding business process of the evaluated unit, and then compare with the following classification standards of internal control defects in financial statements, Determine whether the internal control defect belongs to major defect, important defect or general defect.

The qualitative criteria for the evaluation of internal control defects in financial reporting determined by the company are as follows:

Qualitative standard of defect nature

Major defects include but are not limited to:

1. Fraud by directors, supervisors and senior managers, causing heavy losses and serious negative impact to the company;

2. The company corrects the reported or disclosed financial report due to major accounting errors in previous years;

3. The company’s Audit Committee (or similar institutions) and internal audit institutions have no effect on the supervision of internal control;

4. The external auditor found that there was a material misstatement in the current financial report, and the internal control operation failed to find the misstatement.

Important defects include but are not limited to:

1. Failure to select and apply accounting policies in accordance with generally accepted accounting standards;

2. Failure to establish anti fraud procedures and control measures;

3. No corresponding control mechanism has been established or implemented for the accounting treatment of unconventional or special transactions, and there is no corresponding compensatory control;

4. There are one or more defects in the control of the financial reporting process at the end of the period, and it can not reasonably ensure that the prepared financial statements achieve the goal of authenticity and accuracy.

General defects are other internal control defects related to financial reporting except for major defects and important defects.

3. Identification standard of internal control defects in non-financial reporting

The quantitative criteria for the evaluation of internal control defects in non-financial reporting determined by the company are as follows:

Index name major defect quantitative standard important defect quantitative standard general defect quantitative standard

Affected amount net assets ≥ 1%; Net assets ≥ 0.5% and 1.0%; Net assets 0.5%;

Total profit ≥ 5%, total profit ≥ 3% and total profit 3%

Note: if the quantitative standard involves multiple quantitative indicators, the board of directors of the company determines to apply it according to the lower principle. If the quantitative standard involves multiple quantitative indicators, the benchmark of internal control defect identification standard (Quantitative) in 2021 is adjusted from the audited financial data of the previous year to the audited financial data of the current year, and the values of the financial indicators involved are the audited consolidated statement data of the company in the current year. The qualitative criteria for the evaluation of internal control defects in non-financial reporting determined by the company are as follows:

Qualitative standard of defect nature

Major defects include but are not limited to:

1. The formulation and implementation of the company’s strategy have a significant impact on the company’s operation and are unable to achieve important operating objectives or key performance indicators;

2. Inadequate decision-making procedures lead to major mistakes;

3. Violation of national laws and regulations and major punishment;

4. Serious loss of middle and senior managers and senior technicians;

5. Public negative reports have a significant impact on the company’s reputation and image.

Important defects 1 Moderate impact on the formulation and implementation of the company’s strategy, moderate impact on the company’s operation, and partial negative impact on the achievement of operational objectives or key performance indicators;

2. Inadequate decision-making procedures lead to important mistakes;

3. Violating the internal rules and regulations of the enterprise, resulting in large amount of losses;

4. Serious loss of business personnel in key positions;

5. Public negative reports have an important impact on the company’s reputation and image.

General defects 1 It has a slight impact on the formulation and implementation of the company’s strategy, has a slight impact on the company’s operation, slows down the operation, but has only a slight impact on the achievement of the operation objectives;

2. Inefficient decision-making procedures;

3. Violation of internal rules and regulations, resulting in general amount loss;

4. Serious loss of business personnel in general posts;

5. Public negative reports have little impact on the company’s reputation and image.

(3) Identification and rectification of internal control defects 1 Identification and rectification of internal control defects in financial reporting 1.1 Major defects

Whether the company has any major defects in internal control over financial reporting during the reporting period

□ yes √ no 1.2 Important defects

Whether the company has any significant defects in internal control over financial reporting during the reporting period

□ yes √ no 1.3 General defect

In daily operation, there may be general defects in internal control. Since the company’s internal control has a dual supervision mechanism of self-evaluation and internal audit, corrective actions shall be taken once the defects are found and confirmed to make the risk controllable. 1.4. After the above rectification, on the benchmark date of the internal control evaluation report, does the company have any major defects in the internal control of financial reporting that have not been rectified

□ yes √ no

1.5. After the above rectification, on the benchmark date of the internal control evaluation report, does the company have any important defects in the internal control of financial reporting that have not been rectified

□ yes √ No 2 Identification and rectification of internal control defects in non-financial reporting 2.1 Major defects

Whether the company found any major defects in internal control over non-financial reporting during the reporting period

□ yes √ no

2.2. Important defects

During the reporting period, did the company find any non-financial reports

- Advertisment -