Risk Management and Internal Control Practice - Part 3 (2)
Source : JFU
25 November 2015

Setting a Policy as the Basis for C.2.4 Disclosure Statement

This note is the second part of Part 3 on the policy and disclosure statement. It also concludes our series of notes on compliance with the new risk management and internal control requirements under the Hong Kong Listing Rule.

Acknowledgement by the board - C.2.4(c)

The board acknowledges its responsibility for the design and implementation of the Systems and reviewing their effectiveness. Nevertheless, it should be emphasized that the Systems are designed to manage rather than eliminate the risk of failure to achieve business objectives, and can only provide reasonable assurance and not absolute assurance against material misstatement or loss.

Process used to review the effectiveness of the Systems - C.2.4(d)

To facilitate proper conduction of the regular review of the Systems, a handbook has been prepared as formal documentation of the Systems, with sections for respective unit, division or process "owners".

Apart from monthly work group meetings as explained in previous papers, an annual review is conducted, comprising the following elements, in order to assess the effectiveness of the Systems:

  1. a scope review to ensure the Systems cover all aspects of governance and management, together with operations, projects, units or entities of the business particularly those newly added ones during the year under review;

  2. a follow up review to ensure issues arising during the year have been properly disposed of, that is, recommendations reviewed, approved and implemented;

  3. a compliance review, that is, conduction of compliance tests on sample transactions, activities and events to confirm that the operation of the Systems conforms with the design.

The scope, follow-up and compliance reviews apply to financial controls, operational controls and compliance controls, under respective WG members.

Procedures and internal controls for handling and dissemination of inside information - C.2.4(e)

The board considers that all information in the following matters is regarded as potentially price sensitive inside information, the dissemination of which is subject to policies (see below) recommended per the SFC Guidelines by the Price Sensitive Inside Information Committee, as approved by the board:

  1. All financial information, historical reports or forecasts, including management accounts and performance reports of individual units, functional divisions, and entities before the board's explicit approval for release.

  2. All information, financial or otherwise, relating to special transactions or projects, before the board's explicit approval for release.

  3. All information as regards new products or research and development before the board's explicit approval for release.

  4. All information as regards assessment, concluded or in progress, on any risks arising from major changes in the business or its environment, before the board's explicit approval for release.

The general principle for controls over the dissemination of such information internally is "on a need to know" basis. Dissemination of such information externally is only permitted to the extent that the board has explicitly approved it for release by specified personnel and on specified channels.

The following is an overview of the PSI policy statements approved by the board:

  1. Introduction to the statutory regime for disclosure of price sensitive inside information that came into effect on 1 January 2013

    1. Highlights of the inside information regime
    2. Definition of inside information
    3. Timing of disclosure
    4. Meaning of "as soon as is reasonably practicable"
    5. Who is an "officer" under SFO?
    6. Manner of disclosure
    7. Examples
  1. Handling and disseminating Inside Information

    1. Protection of Inside Information
    2. Setting and reviewing policies and procedures
    3. Need to know policy
    4. Physical document management / information barriers
    5. Information technology controls
    6. Contact with external parties
    7. Leak investigation

  1. Insider list
  2. Individual confidentiality obligations
  3. Confidentiality agreements - advisors
  4. Umbrella agreements - regular advisors
  5. Tendering process


Please contact us
for more information

Tel: +(852) 3719 6000
© 2023 Digital Tools Company Limited, JFU Consultants (Hong Kong) Limited. All rights reserved. | Legal | Privacy