technology operation, either by an internal unit of the securities company or by an outsider inspector, in order to inspect all of the potential risks on information technology. In case of inspection by an

management, operational management and internal control system which at least shall contain: (a) the policy and measure in writing; (b) the determination and amendment of such policy and measure each time has

information by unauthorized personnel [ii] internal control and [iii] risk management for undertaking precious metal derivatives brokerage including measure for controlling and monitoring performance of its

of interest and accessing inside information by unauthorized personnel [ii] internal control and [iii] risk management for undertaking precious metal derivatives brokerage including measure for

year at least the policy and indicated the concerned risks, arrangement the importance of information and computer system, specify the acceptable level of risk and specify measure or practice for risk

authorized to make decisions on company’s business operation on behalf of the board of directors; (5) “Department director” means any person who is responsible for the internal operation of a department in the

major operational disruption; (3) Procedures for communications with relevant internal and external parties which at minimum shall include the method and channel of communications and information

, executives, employees and others 8. Report on key operating results related to corporate governance 28 9. Internal control and related party transactions 33 Part 3: Financial Statements 36 Part 4

the intermediary shall be informed without delay; (5) internal control for the operation shall be established in accordance with the information technology governance policy, which contains at least the

and conditions: (1) there shall be management of risks arising from outsourcing thereof; (2) there shall be a preventive measure to ensure business continuity in case another intermediary fails to