• Font Size:
  • S
  • M
  • L

Amended Article

Title:

Regulations Governing the Establishment of Internal Control Systems by Service Enterprises in Securities and Futures Markets  CH

Amended Date: 2024.04.22 
Article 8 In addition to setting out control activities for different operating cycles based on the nature of its business, a service enterprise shall also consider its actual needs and include controls over the following activities in its internal control system:
1. Seal use management.
2. Management of the receipt and use of negotiable instruments.
3. Budget management.
4. Property management.
5. Management of endorsements/guarantees.
6. Management of liability commitments and contingencies.
7. Delegation of duties and implementation of deputy system.
8. Management of financial and non-financial information.
9. Management of related party transactions.
10. Management of the preparation process of financial statements, including management of the application of International Financial Reporting Standards, procedures for professional accounting judgments, and processes for making changes in accounting policies and estimates.
11. Supervision and management over subsidiaries.
12. Compliance system.
13. Management of financial examination reports.
14. Management of protection of financial consumers, provided this does not apply to the enterprises that are excluded under Article 3, paragraph 2 of the Financial Consumer Protection Act.
15. Customer data confidentiality.
16. Handling of material events (e.g. a material violation, or a likelihood of suffering material loss).
17. Whistleblower system.
18. Management of outsourcing of operations.
19. Other matters designated by the competent authority.
In addition to controls over the activities under the preceding paragraph, a service enterprise that is a public company, or that is designated by the competent authority, shall also include in its internal control system the management of procedure for board of directors meetings and the management of shareholder services.
The internal control system of a service enterprise that has established an audit committee pursuant to the provisions of the Securities and Exchange Act shall include the management of audit committee meeting operations.
The internal control system of an enterprise whose stock is exchange-listed or traded over-the-counter shall include controls over the following operations:
1. Management of the operations of the remuneration committee.
2. Management of the prevention of insider trading.
The internal control system of a service enterprise whose stock is exchange-listed or traded over the counter shall include the management of sustainability information.
If a service enterprise is a financial institution as defined in the Money Laundering Control Act, its internal control system shall include mechanisms for preventing money laundering and countering terrorism financing, and shall include management of compliance with applicable laws and regulations, including mechanisms for managing the identification and measurement of, and monitoring for, money laundering and terrorism financing.
A service enterprise under the preceding paragraph which has established a domestic or foreign branch office (or subsidiary) shall formulate an overall group plan for preventing money laundering and countering terrorism financing, including policies and procedures for information sharing within the group for the purpose of preventing money laundering and countering terrorism financing that are in accordance with the laws and regulations of the place where the branch office (or subsidiary) is located.
Article 14 A service enterprise's internal audit unit shall, based on the results of the risk assessment, prepare an annual audit plan which, except as otherwise required by the competent authority, shall include matters to be audited monthly; the internal audit unit shall scrupulously implement the annual audit plan, so as to assess its internal control system, and prepare audit reports annexed with working papers and relevant materials.
A service enterprise shall include at least the following as audit items in its annual audit plan for each year:
1. Matters relating to compliance with applicable laws, regulations, and bylaws.
2. The control activities for major financial or business activities, such as for acquiring or disposing of assets, engaging in derivatives transactions, management over making endorsements/guarantees for others, and management of related party transactions.
3. Supervision and management over subsidiaries.
4. Management of the preparation process of financial statements, including management of application of the International Financial Reporting Standards and procedures for professional accounting judgments and processes for making changes in accounting policies and estimates.
5. Inspection of information and communications security.
Each annual audit plan of a financial service enterprise as defined in the Financial Consumer Protection Act shall also include management of the protection of financial consumers, in addition to the audit items of the preceding paragraph.
Each annual audit plan of a service enterprise that is a public company, or that is designated by the competent authority, shall also include management of the procedure for board of directors meetings, in addition to the audit items of the preceding two paragraphs.
Each annual audit plan of a service enterprise whose stock is exchange-listed or traded over-the-counter shall also include management of the operations of the remuneration committee, in addition to the audit items of the preceding three paragraphs.
Each annual audit plan of a service enterprise whose stock is exchange-listed or traded over the counter shall include the management of sustainability information.
The annual audit plan of a service enterprise that has established an audit committee pursuant to the provisions of the Securities and Exchange Act shall also include the management of audit committee meeting operations.
If a service enterprise is a financial institution as defined in the Money Laundering Control Act, its annual internal audit plan shall include prevention of money laundering, countering of terrorism financing, and management of compliance with applicable laws and regulations.
A service enterprise shall have its annual audit plan, and any amendments thereto, passed by the board of directors.
Where a service enterprise has established the position of independent director, when it submits its annual audit plan for deliberation by the board of directors pursuant to the preceding paragraph, the board of directors shall take into full consideration each independent director's opinion; when an independent director has an objection or reservation, the objection or reservation shall be recorded in the minutes of the meeting of the board of directors.
The audit reports, working papers, and relevant materials under paragraph 1 shall be retained for no less than 5 years.
Info
Article 39 These Regulations shall enter into force from the date of issuance.
The 21 December 2011 amendments shall enter into force 3 months after the date of issuance, except Article 8, paragraph 1, subparagraph 14 and Article 14, paragraph 3, which shall enter into force from 30 December 2011.
The provisions amended and issued on 22 September 2014 shall enter into force from 1 January 2015.
Article 28-1 introduced in the 30 May 2018 amendments shall enter into force 6 months after the date of issuance.
Article 8, paragraph 5 and Article 14, paragraph 6 amended on 22 April 2024 shall enter into force from 1 January 2025.