GENERAL PLANNING AND PRELIMINARY RISK ASSESSMENT

Information
Engagement Information
1. Entity's Legal Name

2. Business Registration Number

3. Tax Identification Number

3. Industry

4. Date of Incorporation

5. City on Incorporation

6. Registered Address

7. Principal Place of Business (Head Office)

8. Reporting Currency

9. Name of Parent Company (If a Subsidiary Company in a Group of Companies)

10. Name of Subsidiary Company (If a Parent Company in a Group of Companies)

KYC - Client and Business Operations

1. Is the company listed on a stock exchange and subjected to disclosure requirements?

2. Does the Company have nominee shareholders/Directors?

3. Names of shareholders, percentage ownership, and nature of related party transactions (if any).

4. Names of key management, title, and nature of related party transactions (if any).

5. Names of Those Charged with Governance, title, and nature of related party transactions (if any).
6. Describe the nature of the entity's revenue sources/streams and revenue recognition policies.

7. List the Company's major customers, suppliers, and/or significant business arrangements?

8. Is the Company considered a holding Company?

9. Have there been any significant changes in the entity's business activities or operations during the last fiscal p

10. Has management performed an evaluation of the entity's ability to continue as a going concern? Describe ma

11. Has management made any significant estimates? Describe management's basis for their assessment.

KYC - Industry, Regulatory, and Other External Factors

1. Describe the industry conditions, addressing demand, capacity, competition, technology, cyclical or seasonal a

2. Describe other relevant external factors that affect the entity's business, such as general economic activity, int
revaluation.

KYC - Investing and Financing Activities

1. Describe the Company's investment activities.

2. List any merger, acquisition, or divestiture activity, as well as any significant capital investments, planned or re

3. Describe debt structure; significant leases of property, plant, or equipment; and other relevant financing inform

4. Number of Common Shares Authorized

5. Number of Common Shares Issued and Outstanding

6. Number of Preferred Shares Authorized

7. Number of Preferred Shares Issued and Outstanding

Accounting and Other Related Concerns

1. Name the entity's the financial reporting framework.

2. What is the Company's revenue recognition policy?

3. Has the entity entered into any transactions with related parties? If so, please describe the nature of those tra

4. Has management identified any significant, unusual, or complex transactions, events, or matters that have affe
statements?

5. Have there been any changes in accounting principles and methods of applying those principles during the las

6. What are the IT applications that the entity is using in different business process and how they function (i.e. IT
purchases, etc.)?

7. Does the Company have an internal audit function?

Client Response
ASSESSMENT OF CONTROL PROCESSES AND ENTITY-LEVEL CONTROLS
For those questions deemed not applicable, simply respond with "N/A."
Information
Specific Processes to be Documented
Instruction: Please provide descriptions of how the following cycles are initiated, processed, and recorded in the acc
1. Treasury (including process for completing bank reconciliations and controls over processing and recording
receipts and disbursements)

2. Human Resources (including new hires, promotions, terminations, and payroll processing)

3. Revenue

4. Purchases (including accounts payable expenditure, and capital expenditure)

5. Financial Reporting Close Process (including manual journal entries)

Specific Control Areas/Transactional Processes to be Documented

Instruction: Please provide descriptions of controls over the following processes (or reference to other documents as
1. Controls over significant or unusual transactions.

2. Controls over journal entries and adjustments made in the period-end financial reporting process.

3. Controls related to significant management estimates.

Specific Control Areas to be Documented

Instruction: Please provide descriptions of controls over the following processes (or reference to other documents as
1. Is management aware of any actual or suspected fraud or allegations of fraudulent financial activities that could a
the company?

2. Describe the Company's controls over identifying risks of material misstatement due to fraud.

Control Environment: The control environment reflects the tone set by top management and the overall attitude, a
of internal control and the emphasis placed on control in the Company's policies, procedures, methods, and organiz
1. Does the organization have a code of conduct or ethics policy? If yes, describe how the policy is communicated
please provide a copy.

2. Document the disciplinary process for violations of the code of conduct or ethics policy (if any).

3. Document all incentive programs and provide copies of applicable agreements that could provide motivation
improper financial reporting (bonus programs, etc.)

4. Are all related party transactions involving BOD members documented?

5. Are there policies and procedures for authorization and approval of significant transactions? Please documen
procedures.

Risk Assessment: Risk assessment is the Company's identification and analysis of relevant risks (both internal and
1. Are there processes in place to identify relevant risks? If so, please describe the process, including how managem
estimates the significance and likelihood of occurrence and deciding the actions to address those risks.

Control Activities: Control activities are the policies and procedures that help ensure that management's directives
1. Is there appropriate involvement by management in reviewing significant transactions, accounting estimates
unusual transactions? Please describe.

Control Activities: Information and communication systems support the identification, capture, and exchange of inf
responsibilities.
1. Describe any controls in place over the IT system to mitigate access by unauthorized users and the risk of errors.

Control Activities: Monitoring is a process that assesses the quality of internal control performance over time.
1. Describe the activities that the Company uses to monitor internal controls (Does management review co
processes to ensure that controls are being applied as expected? How often? How is this review documented?
are exceptions addressed?)

2. Are procedures in place to detect when controls are overridden? Please describe.
 Client Response

he accounting system (or reference to other documents as available):

ents as available):

ents as available):

ude, awareness and actions of the Board of Directors ("BOD"), management, owners, and others concerning the importance
rganizational structure.
 al and external) to the achievement of its objectives, forming a basis for determining how the risks should be managed.

ctives are carried out.

e of information in a form and time frame that enable management and other appropriate personnel to carry out their

e.