||6. Amended on 28 October 2020 per Order No. Jin-Guan-Bao-Zong-Zi 10904941711 of the Financial Supervisory Commission.
||Article 8 The internal control procedures referred to in Article 6 herein shall contain at least the following particulars:
1.Controls on accounting, information, personal data protection, anti-money laundering and countering the financing of terrorism (AML/CFT) and other operations relating to business solicitation and businesses approved by the competent authority.
2.Management of financial examination reports.
3.Mechanism for handling major contingencies.
4.Other matters designated by the competent authority.
Insurance broker companies that provide the services of risk planning, reinsurance planning and claim application must establish appropriate operating procedures for such services.
If a bank approved by the competent authority to operate concurrently insurance broker business provides risk planning and insurance claim services, it shall establish proper operating procedures for those services.
The accounting procedure referred to in Subparagraph 1 of Paragraph 1 hereof shall contain at least the following operating procedures:
1.Cashier management: Operating procedure for receipts and payments.
2.Accounting management: Operating procedure for account management and the preparation of balance sheet and income statement.
Article 17 Auditors shall conduct a routine audit on different management units of the company at least once every year, and a special audit as deemed necessary. However, this requirement does not apply to banks that have been approved to adopt a risk-based
internal auditing system by the competent authority in accordance with Implementation Rules of Internal Audit and Internal Control System of Financial Holding Companies and Banking Industries.
Auditors shall include the implementation status of compliance system into the routine audit or special audit of business and management units.
Article 19 Auditors shall continually follow up on any examination opinions or audit deficiencies brought up by the competent authority, independent auditor, or auditors, or self-evaluation, and on matters requiring further improvement as specified in the
statement on internal controls, and submit a written report on the status of improvement actions taken to the management, board of directors (council) and supervisors(board of supervisors),or audit committee and include those items as important factors for
consideration in determining reward/disciplinary for and performance evaluation of each unit.
Internal audit reports shall be submitted to the supervisors (board of supervisors), or audit committee for review. In addition, a company shall, within five months after the end of each fiscal year, submit a report on the irregularities and deficiencies found
in previous year’s internal audits as well as improvement actions taken to the competent authority. However in case a material violation or irregularity is found in an internal audit, the company shall submit the related internal audit report to the competent
authority within one month from the end of the audit.