reviewing the adequacy of the internal control at least once a year. Extra revision may be necessary in case of any incidents which have significant impacts on the companies’ operations. Such assessment
clients, as defined in the table attached hereto. It should be required to monitor and analyze, based on the risk assessment of the organization, logs recorded from the use of critical information systems
is capable of efficiently preventing risk in information technology and it attain an assessment the risk in information technology in the better level. In Nevertheless, the securities company may
security as well as supervise, monitor and examine compliance with such policies, measures, and operating systems, and review the suitability thereof regularly; In the interest of meeting the aforesaid
risk management. 4. There should be an establishment of a compliance unit to supervise and monitor the operation that is independent from the management and other units. 5. Operation conducted with
) operating system for communications and services shall comply with the regulations under Chapter 1/1; (2) compilation and assessment of client information shall comply with the regulations under Chapter 2; (3
and the determination to drive the business towards sustainability, as deemed appropriate by the Company, to be used as guidelines for investors to understand and monitor future business directions of
on Standard Conduct of Business with respect to communication with and providing services to clients in the following matters: (1) compilation and assessment of client information shall comply with the