Practice Areas

• Securities
• Securities Arbitration
• Real Estate
• Business Law
• Limited Litigation
• Mortgage Modification

EXHIBIT A

FROM: Randall J. Perry, Esq.
DATE: August 9, 2007
Re: Memo on Internal Controls

The internal controls establishment and reporting for SEC purpose in summary deals with several distinct areas with both control placement and assessment being the focus and the object important for SEC compliance being to ascertain and maintain the accuracy of financial reporting. The model that is followed by most U.S. companies is that of COSO and their analysis is divided into five distinct areas with some cross over. There is Risk Assessment which is basically an overall assessment of the risks to a particular Company's business operation (both internal and external) and the controls in place and as to whether or not those controls are sufficient to assure of the accuracy of the entry of figures and completeness of figures on the financial end in the face of such risks as well as the evaluation of the integrity of the system in place and where deficiencies may arise. Included therein is a subjective approach to determining what the particular risks of the industry and operations of a particular company are rather than a more general approach. Where should the focus be to determine and prevent or attempt to prevent the occurrence of the risk? Then there is the Control factor which focuses on what controls are in place and should be put in place and those controls include not only systematic manual entry but also processing by way of computer programs commonly referred to as the IT information technology aspects of the operations. Those controls include both manual and computer run financial information input as well as knowledge and education of personnel and determination as to what personnel are necessary, what their jobs are, what their limitations are and establishing a Code of Conduct to be followed and in this area there should also be established an Employee Manual which leads to the third aspect of internal control facet of a company's operations, such being the information and communication aspect to Internal Controls focusing on how effective are the communication channels established by the company for the gathering and dissemination of information and access by both internal and external sources of necessary information and the existence and workings of the control factors, including maintenance of integrity, examples being not only executives and other employees but also auditors, board members, suppliers, customers, etc. Focus will be on "at the top" perspectives, but adequate controls must exist involving and be understood by and controls in place for oversight on a top-down approach involving all business operations personnel and all persons with access to control mechanisms. Lastly there is the monitoring aspects where there has to be an overseeing of whether the system of controls is working with periodic checks on different aspects of the system, employee evaluations, testing of the system, external auditor review, etc. Primary importance within the system are what we like to refer to as the checks and balances. There should be in place different levels of personnel each with differing and as you go up the level more varied authority and there should be supervision in place to check on the progress being made and the adherence being made to policies that have been established. So the system of controls is more than just journal entries. It is more than just assuring that information is documented. It includes also integrity of the personnel who are doing the inputting and the accuracy and reliability of the information technology that is being used and the effectiveness of communicating a policy established by the company to assure of the integrity and the evaluation of whether that information has been sufficiently communicated to and understood by all applicable personnel. The checks and balances regarding input of information is very particularized to the company's specific operations and business area of participation and should be established and documented by the knowledgeable personnel within the company, being most commonly (especially for the "small" business) the CEO and the CFO (but input should be sought from all employee levels for they all have day-to-day direct contact therewith and hands-on experience with how effectively the control procedures are working) and then that could be reviewed by counsel or the auditors and suggestions given. There should be in place an Employee Conduct Policy and a Code of Ethics that can be a more generalized presentation and an employee manual should be established. There is also the establishment of and disclosure regarding the duties and authority of different participants at the higher levels in this process, the CEO, CFO , the board of directors and the audit committee within the board of directors as well as access for review and advice given by external auditors. There may be but not necessarily existing an internal auditing department and it is advisable but does not necessarily need to be a designated internal auditor. The CFO should be able to handle that aspect but subject to review by the audit committee and the board of directors in general and of course the overseeing of correct reporting by the external auditor. We believe that the Audit Committee Charter should sufficiently outline the authority of the audit committee to not only approve the appointment of the external auditor but also to establish safeguards regarding financial reporting by way of authority to oversee the total process. One important factor within the personnel aspect of that part of the administration of the controls is to have sufficiently qualified personnel e.g. at least one financial expert on the audit committee and general accounting knowledge by all members, also related business experience etc. There is also an independence factor to be considered. Controls in place should include this independence consideration mainly for purposes for not having authorized, supervisory personnel beholdant to the Company in some way that may adversely effect risk of the adverse affect of breach of integrity issues. In regard to assessing the weakness of the controls some of the possible deficiencies that we see that we believe can be corrected fairly easily regards the authority of and documenting the decision making of the board of directors and the audit committee which we believe need a better system in place of reporting, including periodic reports from the audit committee and minutes of board meetings which correction or rather confirmation could be written into expanded by-laws which could include a defined number of minimum board meetings at established time periods if only to review the progress that the company is making. Available at our offices in connection with this analysis are suggested form of employee manual as well as materials from COSO on the suggested evaluation procedures and forms which could be used by and established as a check list to ascertain if different aspects of the controls system are not only in place but are being utilized.

Particular aspects thereof which we would like to emphasize follow hereinafter Included in the package of review documentation available at our offices is the COSO publication on internal control on financial reporting on guidance for small public companies which is an involved set of documents which we have reviewed and we summarize herein the pertinent parts as we see and that would apply to small and large enterprises but we do suggest the document be read by appropriate company personnel there being no guaranty that our summary is exhaustive of all applicable aspects thereof. The COSO document does however give a good summary of principals to be considered and of areas of possible concern to focus on regarding internal controls. Internal controls as commented upon in the document and generally as accepted by the applicable regulatory community focuses on five aspects of a proper controlled network, those being risks assessment, control environment, control activities, information and communication, and monitoring. Risk assessment basically deals with assessing the risks that a company may be subject to within its business environment and which includes and evolves around management's determination of its financial reporting objectives and identifying risks as may exist to reliable financial reporting but also management is to assess the potential within its system for material misstatement due to internal as well as external factors and within the internal factors a major concern being that of fraud. The control environment deals with integrity and ethical issues and the division of responsibility amongst the various participants within the framework of gathering and handling and reporting financial information. What is the organizational structure? What is the level of the financial reporting and analysis competence that exist within the personnel? What is the division of authority and responsibility and what policies and practices are set by design of the company to implement and facilitate effective internal control application? Next within control activities focus is upon the integration of the policies set by the company for internal control of the integrity and ethical values and clarity and correctness of financial information provided into the actual operations of the Company. Actions such as the separation of duties and authority as between various personnel the make up and authority of the board of directors and its appointed audit committee, information technology (IT controls) including what type of programs and the security of the information inputted into and calculated out from that technology, and it is here where focus is on the checks and balances both as to documentation and practice and personnel usage. Information and communication aspect of the internal control system basically deals with how the policies of the company and procedures designed to assure of proper control are communicated to both internal and external sources of information and related performance which include such things as employee conduct and policies regarding conduct, interaction with both internal and external auditing sources, suppliers and customers. The last facet of the internal control framework is the monitoring to see if and how well the controls in place are working. The COSO materials give a good summary of the principles to be considered and areas of possible concern to focus on and examples of those which I believe are particularly applicable to small companies which should be in place are items and processes such as to have in place a Code of Conduct and how to assess its workability. There should be a more definite process of having in place board of director minutes and the secretary of the board should be established as one particular person to make certain that the minutes are there and circulated. The audit committee charter must be reviewed and adhered to and audit committee reports generated. We must review what financial reporting procedures are in place for each functional area and are there organizational personnel in place supervising each and is there a separation between different individuals or different reporting areas? Are there personnel in place with competence in each functional area? Are there resumes and personnel files for all levels of employees for it must be kept in mind that the control structure involves all levels of employees. Is there an employee conduct manual and what I feel is a compatible example is enclosed with the COSO materials. Are duties and report functioning adequately communicated to employees, responsibilities for the financial reporting roles defined and communicated to insure that employees understand their responsibilities for achieving financial reporting objectives through adherence to internal controls and procedures. Are there checks and balances in the reporting structure and are there crossovers between them so that entries are doubled checked or triple checked somewhere along the line? Are there tools in place for training employees initially and continuing training? What employee recruitment principles and procedures are in place? Are there employee performance evaluations? Is there a framework in place to do so and against which to evaluate. Data entry and flow through procedures within the system eventually ending in financial reporting must not only be in place but should be documented to that there is uniformity and continuance of the same procedures that have been tested and determined to be workable. Who gets the data? Who processes it? Who inputs it? Is there any overlap? Who monitors? Is there periodic checking? Are there testing procedures? Is there cross expertise in functioning? Are there employees with multiple duties? Smaller companies would have such because of the size and that is not necessarily a bad thing. Identify company levels and their functioning. How is accuracy determined? Integrity and security. Who has access to records? How is access limited? Then there are the IT issues, the information technology issues. What programs are in place? What are the possibilities that changes could occur? What are the possibilities that errors could occur? Who has access? Who has input? How easy it is to change the functioning of the information technology systems? Are they proprietary or are they externally acquired and developed? What security devices are in place so that the information is not diverted or changed? Is there in place a system for personnel performance? Are there periodic evaluations, questionnaires etc? How does monitoring take place to prevent fraud? Is there an intranet system in place to keep employees informed? Each of these questions and categories should be reviewed with an eye towards the particular business of the subject company and tailored to their particularized business operations. Once these safety features and control items are in place it would be easier going forward in the future to test those procedures and make whatever changes may be necessitated but first and foremost those procedures must be put in place and the documents that are mentioned as available through our office in this memo should be reviewed towards tailoring a control system to the particular needs and peculiarities of the Company.