Foshan Nationstar Optoelectronics Co.Ltd(002449)
Compliance management system
Chapter I General Provisions
Article 1 in order to strengthen and standardize the compliance management of Foshan Nationstar Optoelectronics Co.Ltd(002449) (hereinafter referred to as “the company”), further improve the level of corporate governance and the ability to prevent risks, reasonably ensure the legal compliance of the company’s operation and management, and maintain the sustainable and steady development of the company, we hereby refer to the guidelines for compliance management of central enterprises This system is formulated in combination with the actual situation of the company, such as the guidelines for compliance management of Guangdong provincial enterprises (for Trial Implementation) and other relevant documents.
Article 2 the term “compliance” in this system refers to the operation and management behavior of the company and its employees in compliance with laws and regulations, regulatory provisions, industry standards, articles of association, rules and regulations, international treaties and rules.
The term “compliance risk” in this system refers to the possibility that the company and its employees may incur legal liabilities, be punished, cause economic or reputation losses and other negative effects due to non-compliance.
The term “compliance management” in this system refers to the organized and planned management activities, including system formulation, risk identification, compliance review, risk response, accountability, assessment and evaluation, compliance training and so on, aiming at the effective prevention and control of compliance risks and taking the operation and management behaviors of the company and employees as the object.
The affiliated company mentioned in this system refers to all wholly-owned, holding companies or companies with actual control under the company.
Article 3 the company shall follow the following principles in carrying out compliance management:
(I) principle of comprehensiveness: compliance management should cover all business areas, departments, affiliated companies and all employees of the company, and run through the whole process of decision-making, implementation and supervision.
(II) principle of importance: compliance management should highlight key areas, key links and key personnel on the basis of comprehensively promoting compliance management.
(III) principle of relative independence: compliance management should be objective and independent in terms of organizational structure, institutional setting, reporting path, etc.
(IV) principle of coordination and linkage: compliance management is coordinated and connected with risk management, internal control, discipline inspection and supervision, internal audit and other work.
(V) principle of continuous improvement: compliance management should achieve continuous improvement and improvement through compliance workflow design, implementation, evaluation and improvement of closed-loop management mechanism.
Article 4 this system is applicable to the headquarters of the company, and the affiliated companies carry out compliance management with reference to this system.
Chapter II Organization and responsibilities
Article 5 compliance management shall be jointly implemented by the board of directors, management and all employees of the company. The chairman of the company is the first person responsible for the company’s compliance. The board of directors is responsible for the establishment, improvement and effective implementation of the compliance system and the effectiveness of the company’s compliance. The risk management committee of the board of directors is responsible for the overall coordination of relevant compliance work. The management of the company is responsible for organizing and leading the daily operation of compliance management. The person in charge of the company’s compliance management is responsible for organizing and implementing the company’s compliance management, leading the compliance management department, and carrying out and promoting the company’s compliance management.
Article 6 the Party committee shall, in accordance with the relevant provisions of “three important and one major”, conduct pre research on major issues and important systems in compliance management.
Article 7 the board of directors of the company is the top leader and decision-making body of the company’s compliance management, and bears the ultimate responsibility for the construction of the company’s compliance management system and the effective implementation of compliance management in accordance with the provisions of laws, regulations and the articles of association. It specifically performs the following compliance responsibilities:
(I) promote the improvement of the company’s compliance management system;
(II) approve the company’s compliance management plan and basic system;
(III) decide on the appointment and removal of the person in charge of compliance management;
(IV) other compliance management matters stipulated by laws, regulations and the articles of association. Article 8 the risk management committee, as a special organization for compliance management of the board of directors, is mainly responsible for regularly reviewing the company’s compliance management report, studying and considering major matters of compliance management or putting forward opinions and suggestions, guiding, supervising and evaluating compliance management. It specifically performs the following compliance responsibilities:
(I) guide, supervise and evaluate the company’s compliance management;
(II) study and decide on solutions to major compliance risks or compliance matters; (III) review the annual compliance management report of the company;
(IV) duties authorized by the board of directors or specified by other systems.
Article 9 the board of supervisors is the supervision organization of the company’s compliance management, which supervises the performance of the compliance management responsibilities of the board of directors and the company’s management in accordance with laws, regulations and the articles of association. It specifically performs the following compliance responsibilities: (I) supervise the compliance of the decision-making and process of the board of directors;
(II) supervise the compliance management performance of directors and senior managers; (III) other compliance duties stipulated in the articles of association.
Article 10 the management of the company refers to the senior management of the company. The compliance management responsibilities of the company’s management mainly include:
(I) implement the decisions of the board of directors and establish and improve the company’s compliance management organization structure;
(II) determine the establishment and functions of the company’s compliance management department;
(III) examine and approve the company’s compliance management work plan, work plan and specific compliance management system;
(IV) clarify the company’s compliance management process to ensure that the compliance requirements are integrated into the business field;
(V) reasonably allocate relevant resources required for compliance management;
(VI) timely stop and correct the non-conforming business behavior, investigate the responsibility of the violators or put forward handling suggestions according to the relevant systems of the company;
(VII) other compliance management responsibilities determined by the articles of association, the board of directors or the risk management committee.
Article 11 the relevant person in charge or general counsel of the company shall be the person in charge of compliance management, which shall be appointed and removed by the board of directors. The main responsibilities include:
(I) organize the formulation of compliance management strategic plan;
(II) participate in major decisions of the company and put forward compliance opinions;
(III) lead the compliance management department to carry out work;
(IV) report major compliance management matters to the chairman and President;
(V) convene and preside over the compliance joint meeting;
(VI) organize the drafting of annual compliance management report;
(VII) other compliance management responsibilities determined by the articles of association, the board of directors or the risk management committee.
Article 12 the company shall scientifically and effectively establish three lines of defense for compliance risk management: each department of the company is the first line of defense against compliance risk, and the heads and employees of each department of the company shall bear the primary compliance responsibility within their scope of responsibility; The compliance management department is the second line of defense against compliance risks and the responsible unit for the construction of compliance management system; The competent department of audit and discipline inspection is the third line of defense against compliance risks, and carries out compliance risk prevention and control according to its responsibilities.
Article 13 the compliance management department of the company is the legal compliance department, which takes the lead in organizing, coordinating and supervising the compliance management and providing compliance support to other departments. Its main responsibilities include:
(I) draft the annual report and work plan of the company’s compliance management;
(II) draft the construction or change plan of the company’s compliance management system;
(III) coordinate the implementation of compliance work in key areas of the company;
(IV) participate in compliance review and risk response of major matters of the company;
(V) be responsible for compliance consultation related to the company’s production and operation, carry out forward-looking compliance research on important matters related to the company’s operation, and put forward compliance suggestions; (VI) be responsible for coordinating and promoting the identification, assessment, early warning and response of the company’s compliance risks, and putting forward compliance suggestions to the company’s management and other departments;
(VII) coordinate the construction of the company’s compliance culture, promote the publicity and training of compliance management, and strengthen the understanding and understanding of compliance by all staff;
(VIII) organize compliance inspection and assessment, supervise and urge rectification and continuous improvement; Establish the company’s compliance operation responsibility objective system, make an overall assessment of the implementation of the company’s compliance system in all fields and affiliated companies, and implement the reward and punishment system for compliance operation;
(IX) be responsible for the contact and coordination with the superior compliance management department;
(x) other work assigned by the risk management committee or the person in charge of compliance management.
Article 14 The competent department of audit and discipline inspection, as the supervision department, shall perform the supervision duties within the scope of its functions and powers. The specific duties include:
(I) the competent department of discipline inspection shall be responsible for the acceptance of letters and visits, case investigation, event handling, etc. of violations within the scope of its authority;
(II) the competent audit department is responsible for independent supervision and evaluation of the effectiveness of the compliance management system.
Article 15 all departments of the company are the responsible subjects of various specific compliance work, accept the supervision and guidance of the compliance management department and special departments in the compliance work, and perform the following compliance responsibilities:
(I) appoint the Department’s risk and compliance specialist to assist in coordinating the implementation of the Department’s compliance management;
(II) establish and improve the management systems and processes in the functional areas of the Department in accordance with the compliance requirements;
(III) carry out compliance risk identification and hidden danger investigation in the functional areas of the Department; (IV) organize the implementation of compliance risk response in the functional areas of the Department, and regularly organize compliance review;
(V) carry out compliance risk monitoring in the functional areas of the Department and issue compliance risk monitoring early warning;
(VI) participate in the annual compliance management evaluation of the company and organize the implementation of compliance self-assessment and inspection of the Department;
(VII) timely inform the compliance management department of compliance risks and violations found;
(VIII) organize the special compliance training of the Department and implement the construction of the company’s compliance culture;
(IX) organize and implement the Compliance Investigation of business partners within the scope of business; (x) cooperate with relevant departments of the company in the investigation of violations;
(11) Timely rectify the violations found in the process of compliance inspection, discipline inspection investigation and audit inspection;
(12) Guide the company’s compliance management in the functional areas of the Department.
Article 16 the compliance management department shall guide the affiliated companies to establish corresponding compliance management system and improve the compliance management of the affiliated companies according to the requirements of state-owned assets supervision. Chapter III key points of compliance management
Article 17 the company shall, according to the changes of the external environment and in combination with its own reality, highlight key areas, key links and key personnel on the basis of comprehensively promoting compliance management, and effectively prevent compliance risks.
Article 18 the key areas of compliance management refer to the business areas that have a great impact on the company’s business performance, have a high probability of compliance risks and will cause great losses to the company.
The company has listed the compliance management in key areas into the long-term key work of the company’s operation and management, and all relevant departments shall make unremitting efforts to the compliance risk control in their respective key areas.
Article 19 each department shall take the key areas of compliance management highly related to its own business as the focus of its compliance work, formulate or improve relevant management and business processes, urge its own department and other personnel handling relevant business to strictly comply with relevant compliance requirements, and arrange special personnel for daily and regular compliance inspection, If any compliance risk is found, it shall be reported to the head of the Department and the compliance management department in time.
Chapter IV daily affairs of compliance management
Article 20 establish and improve the compliance management system, formulate the compliance code of conduct generally observed by all employees, formulate a special compliance management system for the compliance risks in key areas, or continuously optimize the system norms in business areas in combination with the compliance requirements, strengthen the compliance and implementation of the system, effectively play the role of guidance, promotion and guarantee of the system, and ensure the effective implementation of the system in the company.
Article 21 all departments of the company shall continue to identify and pay attention to the dynamics of external norms, timely carry out the internalization of external regulations, and regularly carry out system review, modification (Revision), abolition, etc., so as to ensure the continuous effectiveness of their own compliance work. The compliance management department shall assist all departments to carry out the internalization of external regulations.
Article 22 the company shall establish a compliance risk control mechanism with the compliance risk closed-loop management process as the core, and its overall framework shall include five links: compliance risk identification, compliance risk positioning and evaluation, compliance risk response, compliance risk monitoring and compliance system inspection and evaluation.
Article 23 all departments of the company are responsible for widely and continuously collecting internal and external initial information related to compliance risk management, including predicting possible risks and historical risk events such as litigation cases, violations of rules and disciplines, audit findings and loss accidents in business operation. The compliance management department shall regularly collect relevant compliance risk information from each department, sort out and summarize, comprehensively and systematically sort out the compliance risks existing in the operation and management activities in key areas, and systematically analyze and evaluate the possibility, impact and potential consequences of compliance risks according to the company’s risk assessment standards. If the compliance management department believes that there is a high compliance risk that may damage the interests of the company, and the relevant departments cannot provide a reasonable explanation, the compliance management department has the right to require the relevant departments to suspend the implementation.
In case of the promulgation of the new compliance law or significant changes in the business environment, the compliance management department shall organize irregular compliance risk assessment.
Compliance risk identification and assessment can be combined with the relevant work of the company’s comprehensive risk management.
Article 24 the company shall formulate corresponding and effective compliance risk control measures according to its own conditions and external environment and control strategies such as risk avoidance, risk transfer and risk mitigation. For high-risk events, the risk management committee shall take the overall leadership, the person in charge of compliance management shall take the lead, and relevant departments shall cooperate to formulate risk management plans to minimize risks and reduce losses. The compliance management department shall sort out the risk control measures for various compliance risks in key areas, and clarify various risk management measures or control plans.
Article 25 for the high risks with risk mitigation and control strategies, the compliance review mechanism shall be considered to control the relevant risks. For risks that can be controlled by internal control processes, compliance review should be regarded as a necessary procedure in the business process.
Article 26 the company shall establish a problem reflection and accountability mechanism for violation of compliance. The compliance management department shall establish an effective violation reporting mechanism and reflection channels to ensure that all employees can report any violation in the company in real name or non real name through violation reporting mailbox, telephone, email and other channels, or through any effective channel convenient for themselves. After receiving the information reflected by relevant problems, the compliance management department shall organize a preliminary verification. After the preliminary verification, if it falls within the responsibility scope of the competent department of audit or discipline inspection, the relevant events shall be transferred to the competent department of audit or discipline inspection, and the relevant departments shall conduct corresponding investigation and treatment according to the company’s system
