Report to Management and Those Charged with Governance regarding

Deficiencies in Internal Control

Private and confidential
To management and those charged with governance of SmartSoft LLC
31/11/2022
Dear Sirs,
Following our recent audit of your company, we are writing to advise you of various matters
which came to our attention.

We set out on the attached schedule the areas of significant deficiency which we noted, together
with our recommendations. These recommendations have already been discussed with you.

As the purpose of the audit is to form an opinion on the company’s financial statements, you
will appreciate that our examination cannot necessarily be expected to disclose all shortcomings
of the system and, for this reason, the matters raised may not be the ones which exist.

We should appreciate your comments as to how you propose to deal with matters raised in this
letter. If you require any further information or advice, please contact us.

We have prepared this letter for your use only. It should not be disclosed to a third party and
we can assume no responsibility to any person to whom it is disclosed without our written
consent.

We would like to take this opportunity to thank you and your staff for your help and
cooperation during the course of our audit.

We consider the following deficiencies in SmartSoft LLC internal control to be material

weakness:

• We consider that the Company has inadequate documentation of internal control

process documentation, there are not policies or procedures in a written form that cover
internal control issues and act as guidelines for staff of the company.

• The Company has limited number of personnel, and due to this fact there are inherent
limitations to segregation of duties among Companies personnel. Presently a single
individual prepares significant part of the Companies operations, acts as director of the
Company as well as the loan officer, assists accountant on outsource to make accounting
entries in accounting software. Also the same person makes all bank payments without
second level authorization.

1
Recommendations

• We recommend necessary internal controls to be identified in the Company and

documented in official policies and procedures of the Company and all personnel of the
Company to act in accordance with control procedures identified.

• The company did not write orders for the issued bonuses and we advised them to start
compiling such documents in the future.

• The Company need to employee more employees and segregate duties among these
employees, so it will be able to implement controls inside the Company therefore
minimize risk of unauthorized transactions and risks of human error.

Yours faithfully,
Gotcha Tcholokava