Listed Company_ Internal Control System_V1

Under the Listing Rules of Hong Kong Exchanges and Clearing Limited (HKEX), listed companies are required to conduct an internal assessment every year to ensure the normal operation of the company’s risk management and internal control system, which is designed to provide reasonable, though not absolute, assurance against material misstatement or loss and to manage rather than eliminate risks of failure to achieve business objectives. The assessment result shall be disclosed in the annual report for public viewing.

According to the Corporate Governance Code, listed companies that fail to conduct the internal assessment are required to disclose the reasons in their annual reports.

Email Us for Details

Service procedure:

We pledge to:

Provide a quotation within 48 hours

Provide a report within one month from the first day of the site visit

Enquire now

We use the COSO framework to assess the risk management and internal control system of our corporate clients in five aspects: control environment, risk assessment, control activities, information and communication, and monitoring activities

We give an accurate estimate of the reporting schedule based on the complexity of the internal control system and the meeting time of the relevant personnel

We offer quality services at a reasonable price, and are willing to listen to our clients and adjust our services flexibly

We have years of experience in internal assessment and are familiar with the preparation of audit reports. Thus, we are able to assist companies in meeting the disclosure requirements of the Listing Rules

We conduct investigations objectively with the aim of ensuring transparency, plugging loopholes and optimising the internal control system

FAQ

Q: What is an internal control system?
A: According to HKEX, a risk management and internal control system, which is an integral part of the Group’s management system, is based on the Committee of Sponsoring Organizations of the Treadway Commission (COSO) Internal Control – Integrated Framework (2013). Key control procedures and measures include:

– Establishing a structure with defined authority and proper segregation of duties
– Monitoring the strategic initiative and performance
– Designing an effective accounting and information system
– Handling and dissemination of inside information
– Ensuring swift actions and timely communication with stakeholders
– Encouraging reporting on serious concern about malpractice
– Ensuring controls and reviews of IT application systems as well as principal operations

Q: Can we hire you for an internal assessment for a business located outside Hong Kong?
A: Yes, the Listing Rules of Hong Kong provide only the framework for internal control requirements, not the controls themselves. The actual internal controls are designed to suit the industry and the company’s mode of operation. Therefore, our experience is also applicable to businesses around the world.

Q: Do we have to pay extra if we need to amend the report later?
A: The process of auditing internal controls is very rigorous and all limitations of internal controls are communicated to the management on an ongoing basis during the process, so there is very little chance of error. The limitations identified in the current year will be reassessed in the following year to ensure that all limitations are eliminated.

Case study:

While carrying out an internal control assessment of the computer system security for one of our clients, we discovered that some of the system accounts could not identify the actual users during system conversion. There were even signs of shared system accounts. These operations had the potential to affect the segregation of duties of internal controls, so the management was pleased that we were able to identify the problem for the company and prevent the risk of non-compliance immediately.

Free Consultation