Circular of the Ministry of Finance, the China Securities Regulatory Commission, the National Audit Office, the China Banking Regulatory Commission, and the China Insurance Regulatory Commission on Printing and Distributing the Basic Rules for Enterprise Internal Control
Circular of the Ministry of Finance, the China Securities Regulatory Commission, the National Audit Office, the China Banking Regulatory Commission, and the China Insurance Regulatory Commission
on Printing and Distributing the Basic Rules for Enterprise Internal Control
Circular of the Ministry of Finance, the China Securities Regulatory Commission, the National Audit Office, the China Banking Regulatory Commission, and the China Insurance Regulatory Commission on Printing and Distributing the Basic Rules for Enterprise Internal Control
Cai Kuai [2008] No.7
May 22, 2008
Chapter I General Provisions
Article 1 In order to strengthen and standardize enterprise internal control, enhance the operation and management level and risk prevention capabilities of enterprises, facilitate the sustainable development of enterprises, maintain the order of the socialist market economy and protect the public interest, these Rules are formulated in accordance with the Company Law of the People's Republic of China, the Securities Law of the People's Republic of China, the Accounting Law of the People's Republic of China and other laws and regulations .
Article 2 These Rules shall apply to any medium and large-size enterprise established within the territory of China.
The establishment and application of internal control by small enterprises and other entities may be governed by these Rules mutatis mutandis.
The standards for distinguishing medium and large-size enterprises from small enterprises shall follow the relevant provisions of the State.
Article 3 The term "internal control" as used herein means any process carried out by the board of directors, board of supervisors, management and employees of an enterprise to achieve control objectives.
The internal control objectives of an enterprise are to ensure, in a proper manner, the compliance of the operation and management thereof, the safety of its assets, and the truthfulness and integrity of its financial reports and related information, to enhance the efficiency and effectiveness of its operations, and to promote the realization of the strategic development thereof.
Article 4 When establishing and applying internal control, an enterprise shall adhere to the following principles:
1. The principle of comprehensiveness: internal control shall apply throughout the decision-making, implementation and supervision processes and shall cover various business and matters of the enterprise and its departments and offices;
2. The principle of significance: the enterprise shall, on the basis of comprehensive control, give more concern to significant business matters and high-risk areas;
3. The principle of checks and balances: when applying internal control, the enterprise shall implement mutual checks and mutual supervisions in governance structure, organizational setup and allocation of the relevant duties and responsibilities, business process and other areas while taking into account the relevant operational efficiency;
4. The principle of appropriateness: internal control shall correspond to the operational scale, the business scope, conditions for competition, risk level and other aspects of the enterprise and any relevant adjustments to internal control shall be made with the changes in the relevant circumstances; and
5. The principle of cost-benefit: when the enterprise applies internal control, the implementation costs and the anticipated benefits shall be considered in order to realize effective control at reasonable costs.
Article 5 Internal control established and applied by an enterprise shall include the following elements:
1. Internal conditions: internal conditions are the foundation on which the enterprise applies internal control and generally include, among others, governance structure, organizational setup and allocation of the relevant duties and responsibilities, internal audit, human resources policies, and the corporate culture of the enterprise;
2. Risk evaluation: risk evaluation means an activity in which the enterprise identifies in a timely manner and systematically analyze any risk related to the realization of internal control objectives in its operation so as to determine measures to deal with such risk;
3. Control activities: control activities are activities in which the enterprise on the basis of the results of risk evaluation takes corresponding control measures in order to limit any risk to an acceptable extent;
4. Information and communication: information and communication are processes in which the enterprise gathers and transmits information relating to internal control in a timely and accurate manner so as to ensure that the internal or external communication of such information can be effectively carried out; and
5. Internal supervision: internal supervision is an activity in which the enterprise supervises and inspects the establishment and application of internal control so as to evaluate the effectiveness of internal control and to make prompt corrections with respect to any defect discovered in internal control.
Article 6 An enterprise shall, in accordance with the relevant laws, regulations, and these Rules and their supporting measures, establish an internal control system and make arrangements for its application.
Article 7 An enterprise shall employ information technology to strengthen internal control and shall establish an information system consistent with its operation and management to facilitate the systematic integration of internal control process with the information system, to realize automatic control over its business and matters and to reduce or eliminate human factors.
Article 8 An enterprise shall establish an incentive and restriction mechanism for the application of internal control and include a performance assessment system into the application of internal control by all responsible departments and offices and all employees so as to facilitate the effective application of internal control.
Article 9 The relevant departments under the State Council may, in accordance with laws, regulations, and these Rules and their supporting measures, specify specific requirements for the implementation hereof in order to supervise and inspect the establishment and application of internal control by enterprises.
Article 10 Any accounting firm that accepts instructions from an enterprise to conduct internal control audit shall, in accordance with these Rules and their supporting measures and the relevant practice standards, carry out audit on the effectiveness of internal control and issue an auditor's report.
......