Risk Management

Establish strategies and processes to respond to corporate-level systematic risks, in order to effectively control corporate risks

Our risk management team led by our Chief Financial Officer under the Corporate Social Responsibility Committee is in charge of overseeing the entire company’s risk identification activities. Through the joint efforts of research and development, manufacturing, sales, finance, legal, human resources, IT systems, and ESH management units, we mitigate such risks and seek the corresponding opportunities.

Risk management mechanisms

Our risk management mechanisms consist of identification, analysis, and evaluation processes. The analysis process assesses the frequency, impact levels, and control levels. Risk scope covers financial, strategic, operational, and disaster management aspects. We use a matrix to analyze and manage risks in order of priority.

Risk trends monitoring
review global risk trend reports with special attention to emerging risks and incorporate those into our assessment and management items.
Risk identification activities
From the perspective of our business continuity, we annually assess the risk scenarios that we may encounter in the medium to long term.
Matrix-based risk analysis
Based on an analysis of the three aspects of incidence rate, severity level, and control level, we quantify the operational risk levels
Tiered risk management
Low-risk items are managed and controlled by the departments concerned, while medium-to-high risks are reported to company level operational management meetings to assess, the potential financial impacts.
Risk reduction work
We continuously carry out improvements under the supervision and management of the risk management team under the CSR Committee.

Risk management structure

In accordance with the risk management standards and guidelines of ISO 31000, and from a business continuity perspective, we review our response capabilities to potential risks, including financial considerations of market and financial volatility risks as well as non-financial risks from such impacts as regulatory compliance, IT security, climate and environmental protection, and social issues.

Management Approach
Optimization of identification ability
  • Risk identification process
  • Effective control measures
IT security

The control and countering of emerging risks along with protection of business secrets and systems can reduce loss of assets and ensure continuity of operations

Response Strategy
  • Introduction of ISO 27000 to strengthen internal controls and train all personnel
  • Cyber-security exercise
Management Approach
Strategy Risk
  • Marketing strategy
  • Technology R&D
Product Launch
  • Engaging in innovative techology R&D can stimulate commercial developments in the value chain, boost profits from product sales and strengthen the core competitiveness of the Company
  • Effective marketing strategies and business models can ensure continued operations and profitability
Response Strategy
  • Product differentiation and advanced techology to boost product competitiveness
  • Strategic alliances and cooperation
  • Additional monitoring and process management mechanisms
Management Approach
External Risks
  • External Risks
  • Compliance
Regulatory Compliance

Global political, economic and industry shifts impact on Company costs and profits through their indirect influence on environmental and trade regulations.

Response Strategy
  • Operation and management of the Carbon Energy Team
  • Business Continuity Management response capability

Internal Audit System

AUO's internal Auditing Administration Division is an independent unit directly reporting to the Board of Directors. The unit consists of eight people, including the auditing executive and full-time audit staff. In addition to making audit report to the Board of Directors at regular meetings, reporting also takes place periodically or as needed basis to the Chairman of the Board (CEO) and the Audit Committee.

more details

Business Continuity Plan

To realize the goal of business continuity, AUO is continuing to monitor potential risks that have an impact on company operations and invest resources towards controlling and countering such risks. The Business Continuity Plan (BCP) is a part of management activities and it can help with maintaining an acceptable standard of critical business activities when something happens to the Company. Since BCP was introduced by AUO in 2008, the Company has completed exercises for fire, earthquake, chemical spills, epidemics and raw material shortages. Corresponding risk management strategies were also developed.

more details