Risk Management

The Company established the "Procedures for Risk Management" to evaluate and control each risk's potential impact on company operations through systematic management to achieve sustainable operational goals.

Risk Management Policy and Procedures

The Company established the "Procedures for Risk Management" on August 4, 2022, which was approved by the Board of Directors to serve as the highest guiding principle for the Company's risk management. To ensure the implementation of sustainable development for the Company and its subsidiaries, we adhere to various organizational management systems and internal control systems to control operational risks. We are committed to evaluating each risk's potential impact on company operations through Board-level involvement and systematic management, implementing risk management to achieve sustainable operational goals and protect the rights of stakeholders.

Scope of Risk Management

The Company's risk management encompasses four major dimensions related to company operations: environment (including climate), social, governance, and technology. We comply with relevant laws and regulations and assess, handle, and monitor significant risk impacts based on these.

Organizational Structure

  1. The highest responsible unit for risk management in the Company is the Board of Directors, which approves risk management policies and related norms, overseeing the overall implementation of risk management to ensure effective risk control.
  2. Under the ESG Committee, a Risk Management Team conducts comprehensive assessments of operational and emerging risks of the company and presents risk management reports to the ESG Committee. The ESG Committee supervises the company's risk management and reports regularly to the Board of Directors annually.
  3. At various organizational levels, the CEO, business units, and functional units regularly assess related risks during operational meetings and develop countermeasures and reviews. Unit managers are responsible for risk management and must analyze, monitor, and report relevant risks in their units, implementing risk control mechanisms and procedures.
  4. Internal control systems are regularly self-assessed by management levels of operational units and subsidiaries, with the audit office reviewing implementation.

Risk Management Procedures

The Company's risk management process includes risk identification, risk analysis, risk monitoring and response, and risk reporting and disclosure, with main operations as follows:

Operational Status

The Company actively promotes and implements risk management mechanisms, reporting its operational status to the Board of Directors annually. Major operational statuses over the years are as follows: