notify the incidents to the regulatory agencies in time, the intermediaries shall design a plan for communication with relevent persons either inside or outside companies in accordance with possible

of directors and executives of a securities company; (2) “Investor Contact” means any person who has duties to contact, solicit, advise or prepare a plan of trading or investment in securities for

business operation and has the duty to convey the goals under the missions, strategies, policies, and operating plan at the enterprise level to the information technology-related goals under the supervision

Notification of the Office of Securities and Exchange Commission No. SorThor/Nor. 34/2547 Operational Control and Security of the Information Technology of Securities Company with the same level of standard. The

of Intermediary to Handle Clients’ Complaints and participation in the SEC Office’s project to resolve disputes by arbitration. 4.3 Having a business plan and an operating system for establishing a

undertaking; and; (c) allow its business to be conducted with fiduciary duties. (2) determine clearly and harmoniously the mission, strategy, policy and operational plan of the company and its business units

company by taking into account the appropriateness and acceptable risk level. The securities company should specify the details on the designation or approval for such action clearly in writing, and monitor

such board of directors; (1) management of information technology risks which covers identification, assessment, and control of risks within the organization’s acceptable level; (2) allocation and

inspecting unit…………………………………………………………… (2) Period of inspection.……………………………………………………… ……… (3) Scope of inspection (3.1) Audit engagements level…………………………………….…………… (Please specify the names of the engagement

business continuity plan (Business Continuity Plan: BCP) which is consistent with the policy stipulated in (1) approved by senior management and board of directors or working group that is assigned in