Economic Sustainability
- Risk items and management
- Sustainability & Climate Related Financial Disclosure (IFRS S1 & S2)
- Information security risk
Risk management policy
We effectively recognize, prevent and control risks through systematic and institutionalized management to maintain normal operations and achieve sustainable management of the Company.
Note: The Company’s risk management policy was approved by resolution at the 3rd meeting of the 24th Board of Directors.
The Board of Directors has established a Corporate Governance Unit under the Sustainable Development Committee. The unit is responsible for establishing, monitoring, and reviewing policies and management mechanisms related to risk management. The committee reports on the overall execution of risk management to the Board of Directors at least once a year. The Company has implemented risk management policies and operating procedures to facilitate the risk management process for 2024. The risk management policy is as follows: "By applying systematic and institutionalized management methods, we aim to effectively identify, prevent and control risks to ensure smooth operations and achieve sustainable business". Through risk management meetings, potential risks related to various departments have been identified in four major categories: operational, financial, processing, and environmental.
Each department assess the possibility of various risk factors and degree of impact based on their functions, taking necessary measures, assuring proper management of various risks, and evaluating the likelihood and impact level. Analyses of the urgency and financial impact level of each risk factor reveal that the most significant risk factors are "electricity bills increase,” "labor shortage," "talent gap,” “carbon fee collection,” and so on. Other factors with moderate impact levels are currently under appropriate control or have less urgency, requiring only continued monitoring. The Audit Office will prepare annual audit plans based on the risk evaluation results to ensure the effective implementation of relevant control procedures. The implementation details have been reported to the 25th session (13th meeting) Board of Directors Meeting on December 24, 2024.
Risk items and management
Risk in operational aspect
| Risk in operational aspect | |
|---|---|
| Corporate governance risk | In order to ensure the legal compliance of directors, managers and employees, the Company formulated internal regulations including the "Ethical Corporate Management Best Practice Principles" and "Code of Ethical Conduct for Directors and Managers" have been established, and the business precautions are stipulated in the "Ethical Corporate Management Operating Procedures and Code of Conduct" to regulate all employees. In addition, to implement ethical corporate management policy, the "Commitment to Ethical Conduct" shall be signed by directors, managers and employees, with advocacies on ethical concepts and the prohibition of unethical behaviors via internal publications and meetings. The Board members were recused for conflict of interests from Board meetings in order to prevent unethical behaviors. The Company also provides liability insurance for directors, in order to reduce potential liability risks that arise from the directors’ execution of duties. |
| Reputation risk | The Company's Sustainable Development Committee is responsible for the formulation, supervision and review of the ethical corporate management policies and prevention programs, and upholds the spirit of "trustworthiness in relation to all stakeholders" as moral guidelines for business activities in the pursuit of positive value and quality assurance. |
| Strategic risk | The Company’s president and senior managers attend group meetings several times a week for detailed research and analysis on aspects such as business, finance, production and procurement, and make appropriate decisions with consideration of the Company’s competitive advantages, current and future market conditions, and environmental conditions. To ensure operational stability and mitigate risks, the decisions will be revised in response to environmental changes. |
| Operational risk | The inter-departmental meetings for management by objectives review the production and sales performance, and establish objectives to achieve the Company’s business goals. Production and Marketing Meetings enables smooth coordination on production, procurement, and sales, and thereby ensure smooth supply and lower inventory risks. The procurement of raw materials, materials matches the volume and price of orders, which will enable stable operations and avoid losses that arise from transaction price. Except for economic performance, the Company also understands community concerns through community participation and care, and conducts regular environmental monitoring to build harmonious relationship and recognition. |
| Human resources risk | The Company has formulated workplace diversity and human rights policies, compensation policies, and internal regulations such as: Work rules and regulations on employee performance appraisal, education and training, and employee job rotation, with inventory of company documentations on a regular basis, and reviewing the legality of operating procedures to comply with the amendment of relevant laws and regulations. In order for smooth communication channels, the Company’s plants held employer-employee meetings, occupational safety committee meetings, and employee welfare committee meetings on a regular basis. Employees are allowed to express their opinions according to procedures stipulated in the Regulations Governing Employee Complaints and Grievances. In order to meet industrial development needs, the Company regularly review its staffing capacity, and recruit new employees, and cultivate professional talents. |
| The impact of major domestic and foreign policies and legal changes on corporate sustainability. | In response to major domestic and foreign policies and laws, the Company pays attention to daily newspapers and the media, conduct annual or monthly meetings with analysis and discussions on future policy and legal changes, and formulate necessary countermeasures in order to reduce negative impact on the Company’s future operations. |
Risks in financial aspects
| Risks in financial aspects | |
|---|---|
| Financing risk | The Accounting Department is responsible for evaluating the flow of funds that arise from the operation process, adoption of financing measures based on future changes and ending balance, maintaining close contact with domestic and foreign financial institutions, completing the renewal of bank credit facilities before their annual expiration, and carrying out operations within the scope of Board authorization. |
| Investment risk | The Company formulated management procedures suitable for different investment types, including the Procedures for Acquisition and Disposal of Assets and Rules for Management of Investee Companies, which are controlled by different authority levels. |
| Liquidity risk | The Company regularly controls the percentage between assets including current and non-current assets, as well as current and non-current liabilities, and regulates the solvency to meet maturing obligations to reduce liquidity risks. |
| Foreign exchange risks | Collect exchange rate movement related information daily to have a full grasp on the exchange rate, and convert currency or retain foreign currency loans at the optimal time. In terms of FX budgeting, the Company’s rights and obligations were offset given natural hedging between foreign exchange income from current imports and exports. The Company also consult with the bank's foreign exchange department for hedging strategies, and decide on foreign currency positions according to the actual funding needs and foreign exchange rates. |
| Interest rate risk | Margin trading with financial institutions is performed within the scope of authorization of the Board of Directors, and the Company’s financing costs are controlled by negotiating favorable funds rate with reference to market interest rates. In addition to transactions with financial institutions, the Company will also carefully assess other financing tools with lower cost in case of major capital expenditures. |
| Risks of loaning of funds to others | The Company has established the Procedures for Extending Loans to Others, with limitations on borrowers and loan conditions. It also set standards for the total guarantee amount and individual credit limits, and investigate and evaluate the borrower’s operating conditions, financial status, solvency, credit status, profitability and the purpose of borrowing, which shall be reported to the Board of Directors as the basis for risk evaluation. The Company and requires appropriate terms of guarantee, and the extending of loans shall be approved by resolution of the Board of Directors. |
| Endorsement/ guarantee risks | The Company has established the Procedures for Extending Loans to Others, with limitations on borrowers and loan conditions. It also set standards for the total guarantee amount and individual credit limits, which shall be reviewed in advance by the Finance and Accounting Division, and the credit limit shall be approved and signed by the Chairman, and submitted for resolution by the Board of Directors. Subsequently, the Company’s internal auditors perform regular auditing on the Procedures for Endorsements and Guarantees with regard to the endorsement/ guarantee items, borrowers, amount and other relevant information. |
| Derivatives trading risks | The Company has established the Procedures for Engaging in Financial Derivative Transactions and the principles and types of transactions, while the authorized managers of the Board of Directors is in charge for handling relevant matters in consideration of financial trends and business needs. Set standards for the total guarantee amount and individual credit limits. The Finance and Accounting Division is responsible for collection and provision of relevant information, transaction instructions, evaluating the position of derivatives, creating the evaluation cycle, and submitting the evaluation report to the Chairman or authorized manager as reference for management, while the transaction status and profit/ loss assessment are reported to the Board of Directors. |
| Financial decision-making risks | The Company’s financial decision-making includes acquisitions and disposals, loaning of funds, endorsements/ guarantees, derivatives transactions, and reinvestment business management. Related regulations have been established in compliance with laws and regulations, and are authorized according to different authority levels, while the audit unit performs regular audits on related operating procedures, in order to minimize the possibility of risks. |
Risks in operational aspects
| Risks in operational aspects | |
|---|---|
| Compliance with laws and regulations risks | Ethical management and legal compliance are the basic guidelines and requirements for company operations. As such, the management department and accounting department timely revise the labor, operational, and financial regulations to comply with the laws and regulations issued by the competent authority. The plant’s responsible units conduct monthly inspections related to safety and health, and the environment (air pollution, water pollution, soil pollution, waste disposal, and greenhouse gas emissions), and revise any deficiencies or formulate relevant operating procedures in order to reduce the risk of violation. |
| Information security risk | Information security risk In order to implement information security management, the Company has formulated "Guidance for Information Security Management" and enforcement rules, and the information work plans are implemented accordingly. It also formulated the "Regulations Governing the Security and Maintenance of Personal Data" for stringent management of data usage and security maintenance, and established the firewall, encrypting file system, and electronic personal data storage platform to control employees’ access rights and access records. Meanwhile, the Company improved its endpoint security for servers and privileged account management, in order to prevent the occurrence of information security incidents. The Company established the system backup mechanism, with annual disaster recovery drills to ensure data preservation and that systems will resume normal operations, lowering the risk of system interruption caused by unexpected natural disasters and human negligence. To enhance information security management, the "Information Security Management System" was built in accordance with the ISO 27001 international security standard and verified in February, 2023. The ISO 27001:2013 certificate is valid from April 3, 2023, to October 31, 2025. We will continue to review and improve our information security laws, technologies, organizations and operations to meet the latest trends and protect the confidentiality, integrity and availability of the Company’s information assets from the risk of improper use, leakage, alteration or destruction. |
| Occupational safety and health management risk | The Company has set up a Safety Protection Center in the head office and each plant for health and safety coordination. In response to the new Occupational Safety and Health Management System (ISO/CNS 45001: 2018), each plant amended the "Safety and Health Management Manual" and other relevant regulations, and obtained certification to ensure the effectiveness and compliance of the system. To ensure employee safety and health, we continue to implement safety and health management, improve manufacturing processes and equipment, identify risks, and eliminate or mitigate hazards. Since 2020, we have been conducting joint audits on inter-plant safety and health, improvement of deficiencies, zero-disaster activities on a periodic basis, while the major occupational accident unit conducts project audits every year to increase the frequency and intensity of audit coverage, in the aim to reduce various risks that arise from occupational safety and health management. |
| Fraud risk | Based on the annual evaluation plan for the Company’s internal control system, each department conducts self-assessment on its implementation status of the current systems, rules and regulations, and suggest improvements on internal control deficiencies discovered by the internal audit, with amendments to procedures or regulations in order to reduce fraud risks. In addition, the Company strengthened the legal education for employees, and established effective communication channels to reduce the occurrence of fraud risks. |
Risk in environmental aspects
| Risk in environmental aspects | |
|---|---|
| Climate change risk | The Company has started to understand the sustainability and climate change content of various international initiatives/ organizations, with the aim to cover the international initiatives and evaluation criteria in formulating environmental and GHG policies, keep in line with international development trends, and strengthen the Company's ability to respond to climate change. Since the Company’s Sustainable Development Committee is responsible for environmental management, it shall identify and evaluate the impact of transition risks, physical risks, and opportunities on business operations, as well as the probability of occurrence. Please refer to “Tung Ho Steel Sustainability & Climate Related Financial Disclosure (IFRS S1 & S2) Report 2025” for details. |
| Environmental pollution liability risk | The Company has set up a dedicated unit to effectively manage waste gas, wastewater and waste by use of the ISO 14001 environmental management system, with continual investment for better pollution prevention equipment. It also adopt the Best Available Control Technology (BACT) to implement pollution prevention, reduce industrial waste, and strengthen water saving, wastewater recycling and reuse in compliance with environmental protection laws and regulations. Strictly control waste production, storage and disposal processes, and establish an independent waste audit system. |
| Natural disaster risk | Each of the Company’s factories has formulated emergency response measures or procedures to prevent natural disasters, so that effective response measures can be immediately taken when natural disasters occur, thereby reducing worker injuries and losses of equipment and property. In addition, the Company has purchased property insurance for offices, factories, instruments, and furniture & fixtures to mitigate losses caused by disasters. |
| Major external hazard risk | In addition to changes in global trends, industrial policies or laws and regulations, the major external hazard risk is the Ukrainian-Russian War. The Company has set up the emergency response team and network for advanced preparation of business continuity management plans (including human resource, equipment, information systems, raw materials, transportation, finance, and backup plans) for key businesses. |
