Notification of the Office of Securities and Exchange Commission No. SorThor/Nor. 34/2547 Operational Control and Security of the Information Technology of Securities Company with the same level of standard. The

reporting of suspicious transactions. The policy mentioned in the first paragraph must be approved by the securities company’s Board of Directors, except for the company whose shareholding and functional

business undertaking is accurate, complete and current as well as functional and can be monitored effectively. There shall also be an adequate security system to prevent any unauthorized person from

person who is assigned by the board of directors to be the highest level responsible person in the management of a company. “ head of department ” means a person responsible for the work in the

to be the highest level responsible person in the management of a company; “ head of department ” means a person responsible for the work in the departmental level of a company; “ branch manager

inspecting unit…………………………………………………………… (2) Period of inspection.……………………………………………………… ……… (3) Scope of inspection (3.1) Audit engagements level…………………………………….…………… (Please specify the names of the engagement

. ( - 2 the Certified Investment and Securities Analyst (CISA) Level 1, or the Chartered Financial Analyst (CFA) Level 1 Work experience in Thailand or foreign countries for a total period of not less than

holding of shares in each level exceeds 75 percent of the total number of outstanding shares of such company; (9) “Office” means the Office of the Securities and Exchange Commission. Clause 2. In cases

securities companies or provided by training institutes approved by the Office; or (ii) being a lecturer, instructor or full-time teacher or guest lecturer at university-level educational institutions accepted

evaluation by the SEC Office regarding the management of the operational risk and the customer relationship risk not higher than the medium level or in an acceptable level, unless granted an exemption from the