In July 2002, the US Congress passed the "Sarbanes-Oxley Act", setting regulations on internal control and information disclosure for listed companies in the US. In June 2008, the Chinese Ministry of Finance(MOF), the National Audit Office, and all three major industry regulators: the China Securities Regulatory Commission (CSRC), the China Banking Regulatory Commission(CBRC), and the China Insurance Regulatory Commission(CIRC) jointly launched “Basic Standard for Enterprises Internal Control” which became effective from July 1, 2009 for listed companies. In April 2010, the above five ministries jointly launched “Implementation Guidelines for Enterprise Internal Control” (the “Implementation Guidelines”) including Application Guidelines for Enterprise Internal Control, Guidelines for Assessment of Enterprise Internal Control and Guidelines for Audit of Enterprise Internal Control. Since January 1, 2011, the Implementation Guidelines became effective for companies listed both domestically and abroad. Since January 1, 2012, the Implementation Guidelines became effective for companies listed on the main board of the Shanghai Stock Exchange and Shenzhen Stock Exchange. Sinopec, a company listed on 4 stock exchanges (Shanghai, Hong Kong, New York and Longdon), has established a team for internal control led by the Chairman, President and CFO to promote the Company’s construction of internal control system in 2003. Special organizations have been set up within headquarters and all subsidiaries/branches respectively, responsible for the implementation and management of internal control.
In accordance with laws and regulations and considering the current operation and management status of the Company, centering on the Company’s development strategy, compliance goal, assets security goal, financial report goal, operational effect and efficiency goal, Sinopec comprehensively systemized all businesses and major events and finished compilation of “Internal Control Manual” (“the Manual”). The Manual includes several parts, such as internal environment, risk assessment, control activities, information and communication, and internal monitoring. The internal control covered both whole entity-level controls and process-level controls, thus all-element internal control was realized. Meanwhile, subsidiaries/branches are requested to work out detailed implementation rules along with each practical situation and finally form a two-level internal control system with Sinopec characteristics. After compilation and test in 2003 and the trial implementation in 2004, the Board of Directors approved the Manual at the end of 2004. And the manual was comprehensively implemented in Sinopec since January 1, 2005.
In order to strictly conduct internal control system and ensure efficiency of the system, the Company formulated internal control self-assessment and evaluation method, constructed “headquarter-subsidiaries/branches” two levels evaluation system. Headquarter annually organizes internal control evaluation, and subsidiaries/branches regularly practice internal control self-assessment and evaluation. Besides, self-assessment and evaluation results will be included in evaluation system towards subsidiaries/branches and their management level. In 2011, the Company evaluated the internal control performance within all subsidiaries/branches (including IT control system) and solved the existing deficiencies.
In line with domestic and abroad supervision requirements, the Company made a self-assessment on the effectiveness of the internal control, which concluded that the Company’s internal control system was well-established and effectively fulfilled in 2011, an effective anti-fraud mechanism has been established, which can provide reasonable assurance regarding the realization of the Company’s development strategy and every internal control goal, the Company’s financial statements are prepared in accordance with generally accepted accounting principles, and the information is disclosed in according with the regulatory requirements. The independent auditor of the Company has issued a report on the effectiveness of the Company’s internal control over financial reporting.
In 2012, the Company will persist in the “Internal Control Manual”, and step forward on perfecting internal control system according to the supervision requirements like “Basic Standard for Enterprise Internal Control” and other guidance.