Zhejiang Heren Technology Co., Ltd.
2025 Annual Internal Control Self-Assessment Report
To all shareholders of Zhejiang Heren Technology Co., Ltd.:
In accordance with the provisions of the "Basic Norms for Enterprise Internal Control" and its supporting guidelines, as well as other internal control regulatory requirements (hereinafter referred to as the "Enterprise Internal Control Normative System"), combined with the company's internal control system and evaluation methods, we have assessed the effectiveness of the company's internal controls as of December 31, 2025, based on daily supervision and special supervision of internal controls.
1. Important Statement
According to the provisions of the Enterprise Internal Control Normative System, it is the responsibility of the company's board of directors to establish, improve, and effectively implement internal controls, evaluate their effectiveness, and truthfully disclose the internal control evaluation report. The management is responsible for organizing and leading the daily operation of internal controls. The company's board of directors, directors, and senior management ensure that the content of this report does not contain any false records, misleading statements, or significant omissions, and bear individual and joint legal responsibility for the authenticity, accuracy, and completeness of the report's content. The goal of the company's internal controls is to reasonably ensure that business management is legal and compliant, assets are secure, financial reporting and related information are true and complete, operational efficiency and effectiveness are improved, and development strategies are promoted. Due to the inherent limitations of internal controls, they can only provide reasonable assurance for achieving the above goals. Additionally, changes in circumstances may introduce risks of defects that could lead to internal controls failing to meet management objectives, potentially rendering internal controls inappropriate or reducing compliance with control policies and procedures. Therefore, inferring the future effectiveness of internal controls based on evaluation results carries certain risks.
2. Scope of Internal Control Evaluation
The company determines the main units, businesses, and high-risk areas included in the evaluation scope based on a risk-oriented principle. The main units included in the evaluation scope comprise the company, its subsidiaries, and all controlled subsidiaries, with the total assets of the included units accounting for 100% of the total assets in the consolidated financial statements, and the total operating income accounting for 100% of the total operating income in the consolidated financial statements. The main businesses and matters included in the evaluation scope encompass governance structure, organizational structure, human resources, corporate culture, external influences, cash management, procurement and payment, sales and collection, inventory management, investment management, management of controlled subsidiaries, related party transactions, research and development, fundraising management, information disclosure management, and investor relations management, among others. The high-risk areas of particular focus include significant investment decisions, related party transactions, and research and development.
The board of directors distinguishes between major defects, important defects, and general defects based on the identification requirements of the Enterprise Internal Control Normative System, considering factors such as the company's size, industry characteristics, risk appetite, and risk tolerance. The specific identification standards for internal control defects applicable to the company are as follows: