Compliance report on internal control of insurance companies

Actively construct the framework of enterprise internal control standard system

Basic norms are at the highest level in the enterprise internal control standard system and play a controlling role. They describe the framework structure that an enterprise must establish to establish and implement the internal control system, and stipulate the definition, objectives, principles and elements of internal control, which are the basic basis for formulating application guidelines, evaluation guidelines, verification guidelines and enterprise internal control systems.

The basic norms are divided into seven chapters and fifty articles. The chapters are: general principles, internal environment, risk assessment, control activities, information and communication, internal supervision and supplementary provisions.

The goal of internal control. The basic norms point out that internal control is a process implemented by the board of directors, the board of supervisors, the managers and all the staff to achieve the control objectives. The objectives of internal control are located in five aspects, including: reasonably ensuring the legal compliance of enterprise management, asset safety, authenticity and integrity of financial reports and related information, improving operating efficiency and effectiveness, and promoting the realization of enterprise development strategy. The goal orientation of internal control is a scientific choice made after comparing the internal control objectives of enterprises in other countries and economies with the reality of Chinese enterprises.

Principles of internal control. The Basic Code establishes five basic principles for enterprises to establish and implement internal control: first, the principle of comprehensiveness requires that internal control should run through the whole process of decision-making, implementation and supervision, covering all kinds of businesses and matters of enterprises and their subordinate units; Second, the principle of materiality requires that internal control should pay attention to important business matters and high-risk areas to effectively prevent major risks; The third is the principle of checks and balances, which requires internal control to form mutual restraint and supervision in governance structure, institutional setup, power and responsibility distribution and business processes. , while taking into account operational efficiency; The fourth is the principle of adaptability, which requires internal control to adapt to the business scale, business scope, competition situation and risk level of the enterprise, and adjust with the change of the situation; Fifth, the principle of cost-benefit, which requires internal control to weigh the implementation cost and expected income, and achieve effective control at an appropriate cost.

Elements of internal control. The basic norms establish a five-element internal control framework: first, the internal environment, which generally includes governance structure, institutional setup and power and responsibility distribution, internal audit, human resources policy, corporate culture and so on. , is an important basis for enterprises to implement internal control, indicating that enterprises should start with the governance structure before implementing internal control. If modern enterprises do not have a good governance structure, internal control will be ineffective. 2. Risk assessment refers to the process of identifying and systematically analyzing the risks related to the realization of internal control objectives in business activities and reasonably determining the risk response strategies, which is an important link for enterprises to implement internal control. Thirdly, control activities refer to the corresponding control measures taken by enterprises according to the results of risk assessment, which is an important means for enterprises to implement internal control. Fourthly, information and communication means that enterprises should collect and transmit information related to internal control in a timely and accurate manner to ensure effective communication between enterprises and the outside, which is an important condition for enterprises to implement internal control. Fifth, internal supervision means that enterprises should supervise and inspect the establishment and implementation of internal control, evaluate the effectiveness of internal control, find the defects of internal control and improve them in time. This is an important guarantee for enterprises to implement internal control.

Application guidelines occupy a dominant position in the internal control system, mainly including two aspects:

The first is the application guide for the main business and matters of the enterprise. At present, the exposure draft basically covers fund management, procurement, sales, fixed assets, inventory, engineering projects, intangible assets, investment, financing, budget, cost, guarantee, contract agreement, business outsourcing, subsidiary control, preparation and disclosure of financial reports, human resources policy, information system control, derivatives, enterprise mergers and acquisitions and related transactions. These are the most common and relevant transactions of enterprises. With the gradual deepening of soliciting opinions, the composition of specific projects may need to be adjusted.

The second is the application guide for special enterprises or industries. For example, commercial banks, insurance companies, securities companies, trust companies, fund companies, futures companies and other financial enterprises, because of their special business, involve financial risks and have a great relationship with economic development and financial security. In terms of internal control, in addition to following the general internal control requirements, it is also necessary to stipulate special application guidelines, which constitute an integral part of application guidelines. This is a very important institutional arrangement, and its positioning is not only the reliability of financial reports, but also the risk control of enterprises, which is broader than the Sarbanes-Oxley Act of the United States.

Further reading: How to buy insurance, which is good, and teach you how to avoid these "pits" of insurance.