Risk Management
Risk Governance
The Company's risk management is led by the Board of Directors as the highest governing authority. In 2024, the "Sustainability and ERM Committee" was established to assess the operation of risk management, determine qualitative and quantitative risk tolerances, and allocate resources effectively. The "Sustainability and ERM Executive Committee" covers aspects such as strategy, finance, operations, and hazards, as well as emerging risks that may impact the Company's operations in the future. The Risk Management Department is responsible for overseeing and reviewing the effectiveness of risk management. The results of risk management activities and risk reviews are reported to the Board of Directors at least once a year.
Risk Management Policy
The Company follows international risk management guidelines to establish the 'Risk Management Policy and Procedures' as the highest guiding principle for risk management. We strengthen and enhance the internal system architecture, and promote the resilience of our sustainable business operations.
Risk Management Policy & Procedures
Risk management framework
Establish systemic risk response policies and procedures to control corporate risks effectively.
The three lines model in risk management
Governing Body
The Board of Directors serves as the highest governing body for risk management. They oversee risk management, and establishes risk management policies and procedures, and review the consistency between risk strategies and company operations strategies. The results of risk management implementation will be reported to the Board of Directors annually. Under the guidance and supervision of the board, we gradually establish a culture of corporate risk governance.
Third line
The Risk Management Department is responsible for the audit of the internal risk management, which includes supervision and audits, to ensure the effectiveness of risk management measures. Audit results are reported regularly to the Board of Directors and the Sustainability and ERM Committee.
Second line
The Sustainable and ERM Executive Committee is responsible for implementing risk management policies and procedures, including reviewing the company's risk identification and addressing issues related to risk control. The management scope covers various aspects such as strategy, finance, operations, and hazards, including emerging risks that may impact the company's operations in the future. They manage risks by assessing and controlling risk impacts through risk appetite, utilizing qualitative and quantitative indicators, and report regularly to the Board of Directors and the Sustainability and ERM Committee
First line
Department managers lead the risk identification operations and utilize processes such as identification, analysis, and evaluation to quantify and assess the frequency and impact of risks in order to determine the level of control. Risks with high impact and control uncertainty are tracked and managed, and potential impacts are addressed through Business Continuity Plans (BCP) for operational continuity.
Mechanisms for Managing Risk Exposure
- Risk Analysis: Analyzing internal and external risk-related reports and information, such as the annual report of the World Economic Forum, global trend research, as well as corporate business objectives, past risk issues and incident experiences, each unit is requested to identify the risk exposure related to corporate operations. The content covers strategy, finance, operations, and hazards, evaluating the frequency of occurrence, impact level, and control level, conducting qualitative and quantitative risk assessments, and regularly reviewing risk exposure and control measures at the Sustainability and ERM Executive Committee to achieve effective risk management operation.
- Execution Frequency:
- Q1 : Conduct annual risk identification.
- Q2 – Q4 : Review risk exposures every quarter and adjust risk control measures.
Risk management structure
According to the risk management standards and guidelines of ISO 31000, we assess our ability to respond to various risks from a business continuity perspective. In 2024, these risks include focused risks and emerging risks related to market and financial volatility, as well as non-financial risks arising from factors such as regulatory compliance, IT security, climate and environmental protection, and social issues.
Emerging Risk
Focused Risk
Risk Description
- Strong protectionism
- Operational challenges brought by green inflation
- AI-driven automation attacks and data security risks
Mitigating actions
- Align the company's dual-axis transformation and strategy, and carry out regional diversification and investment layout for the manufacturing base.
- Promote carbon reduction measures through the Carbon Energy Task Force, including but not limited to energy-saving operations at factories, energy-saving proposals, etc., to address the operational challenges brought by policies such as carbon tax and carbon fees.
- Information security management is promoted and enforced through the Information Security Committee to protect Company IP, customer data, and enhance employee awareness on information security in response to evolving cybercrime and growing information insecurity threats.
Risk Description
- Mergers and Acquisitions
- Decline in end demand due to inflation and recession risks
- Climate change
Mitigating actions
- Liquidity risk is monitored by the company's finance department to forecast and ensure the liquidity of the merged company.
- Expand high-end products in areas such as e-sports, automotive, medical, and industrial applications, with a meticulous approach to a small-batch, diversified product layout to strengthen profitability.
- Promote climate-related financial disclosure operations and prepare for financial risks arising from various scenarios.
