We effectively recognize, prevent and control risks through systematic and institutionalized management to maintain normal operations and achieve sustainable management of the Company.
The Company has established the Risk Management Policy and Operating Procedure based on which the risk management procedures for 2022 was conducted. Potential risks for relevant departments were identified through risk management meetings, which included a total of 23 risk factors in the four major aspects, including operational aspect, financial aspect, operating aspect, and environmental aspects. Each relevant department evaluates the possibility of occurrence and level of impact of various risk factors in accordance with the work scope and establishes necessary measures for implementation to properly manage various risks and evaluate possibility and level of impact. The domestic economy was impacted by the Russia-Ukraine war and the lift of interest rates in the U.S., so the newly added risks after evaluation this year included "interest rate risk", "strategic risk", "operational risk", "major external hazard risk", and "the impact of major policy and legal changes at home and abroad on the Company's sustainable operation". In addition, Taiwan released the Net Zero Emission Pathway and Strategy Statement this year, and climate change risk is still one of the most important risks this year. For items with higher risks, relevant departments have drawn up management measures.
The Auditing Office will draw up annual audit plans based on the Risk Management Policy and the risk assessment results, implement the audit operations of various systems based on the plans, assist the board of directors in the supervision and control of the potential risks of policy implementation, ensuring effective control over all operational risks and putting forward timely suggestions for improvement. Relevant promotion situations were reported to the 23th session of the 24th term of board of directors convened on December 22, 2022.
Risk items and management
Risk in operational aspect
Risk in operational aspect
Corporate governance risk
For directors, managers, and employees to have rules to abide by, the Company has formulated internal regulations such as the Ethical Corporate Management Best Practice Principles and Guidelines for the Adoption of Codes of Ethical Conduct for Directors and Managers. In addition, Procedures for Ethical Management and Guidelines for Conduct was also established to specifically regulate matters the personnel should pay attention to when conducting business. In addition, to implement the integrity management policy, directors, management level and employees all have to sign the code of conduct commitment letter, and the concept of integrity and prohibition of dishonesty are continuously promoted through internal publications and meetings. The board members will evade themselves when the proposal involves their own interests to avoid conflict of interest and prevent dishonest behavior. The Company also insures liability insurance for directors to reduce potential liability risks arising from the execution of duties by directors.
Reputation risk
The Corporate Governance and Nominating Committee is responsible for the formulation, supervision and review of Integrity Management Policy and prevention plans of the Company. Our integrity management policy is to treat all stakeholders based on the principles of fairness, integrity, honesty and faithfulness, insisting on positive value and quality assurance.
Strategic risk
The managers and senior executives of the Company hold group meetings several times a week to conduct thorough research and analysis of the Company in the aspects of business, finance, production and purchase and make appropriate decisions considering the Company’s competitive advantages and the future market as well as the environmental conditions. Meanwhile, revisions are also made properly in response to changes in the environment to ensure operational stability and reduce risks.
Operational risk
Operational performance of production and sales is reviewed through the cross-departmental goal management meetings, and the operational goals are set to ensure they are reached. Production, sales and purchase are coordinated smoothly through production-sales-purchase coordination meetings for smooth supply at production end and also for the reduction of inventory risks. The purchase of raw materials has to match the volume and price of orders to avoid price losses at transactions to ensure stable operation. In addition to the company's economic performance, we also engage in community participation and care to understand the issues that concern the community. We regularly conduct environmental monitoring to foster harmonious relationships and mutual recognition.
Human resources risk
The Company has set up human rights policies, remuneration policies and internal rules and regulations, such as the Work Rules, Employee Performance Evaluation Regulations, Education and Training Regulations, and Job Rotation Regulations. In addition, we also revise the contents of these regulations in accordance with relevant laws and regulations, regularly check relevant forms and documents, and review the legality of various operating procedures. To create smooth channels for communication, labor-management meetings, Occupational Committee meetings and Welfare Committee meetings are regularly held in all factories. If employees need to express their opinions, they can do so through the procedures prescribed in the Regulations Governing Employee Grievance and Whistleblowing. To meet the needs for industrial development, we regularly review the allocation of manpower, make up for manpower and conduct operations to cultivate their professionalism.
Impact of important policies and legal changes at home and abroad on the sustainable management of the Company
We pay close and immediate attention to related information concerning important policies and laws at home and abroad in the newspapers and media. Analysis, deliberation and corresponding measures need to be taken regarding future policies and legal changes will be made in the annual or monthly meetings to reduce negative impacts on the Company’s future operation.
Risks in financial aspects
Risks in financial aspects
Financing risk
The Finance and Accounting Department is responsible for evaluating the money flow generated during the process of operation and the financing measures to be taken in accordance with future changes and surplus or deficit. In addition, it also negotiates financing methods with domestic and foreign financial institutions to diversify financing partners appropriately to avoid excessive concentration of financing lines, and conducts various financing operations within the scope of authorization by the board.
Investment risk
The Company has established reasonable management procedures for different types of investment, including Procedures for Obtaining and Disposing of Assets and Regulations Governing Investment Businesses and controls these invested businesses in accordance with approved authority.
Liquidity risk
The Company has established reasonable management procedures for different types of investment, including Procedures for Obtaining and Disposing of Assets and Regulations Governing Investment Businesses and controls these invested businesses in accordance with approved authority.
Exchange rate risk
Information of changes in exchange rates is collected every day to have full grasp of the trends so as to make timely conversion of the currency or to keep the foreign currency borrowings. Procurement of foreign funds is through regular import and export transactions, and the foreign currency claims and debts are offset to generate a natural hedging effect. We also consult the foreign exchange department of the bank for hedging strategies and decision on the foreign exchange position based on the actual capital needs and the exchange rates.
Interest rate risk
Within the scope authorized by the board of directors, we conduct financing operations with financial institutions and negotiate an advantageous fund interest rate by referring to the market interest rate for the purpose of controlling the Company’s financing costs. In addition to financial institutions, the Company also prudently evaluates other low-cost financing tools for major capital expenditures.
Lending funds to other parties risk
The Company has established operating procedures for lending funds to other parties, restricting the objects and conditions of the loans and setting standards for the total amount and limits of individual objects while the loan objects’ operating conditions, financial status, debt-paying ability, credit status, profitability and the purpose of borrowing are investigated, evaluated and reported to the board of directors as a basis of risk assessment. Appropriate guarantee conditions are required, and the operations of fund lending are to be processed after the resolution is passed.
Endorsement risk
The Company has the operating procedures for endorsement guarantee, restricting the objects and conditions of the guarantee and has set standards for the total liability amount of the guarantee and the limit of individual objects. In addition, the Finance and Accounting Department shall review in advance and check on the loan line before submitting it to the chairman and reporting to the board of directors for resolution. After the resolution is passed, the guaranteed items, objects, amount and other relevant information will be recorded, and the Company’s internal auditors regularly audit the operating procedures and implementation status of the endorsement guarantee.
Derivative commodity trading risks
The Company has established the Procedures Governing Derivatives Trading, stipulating the principles and types of transactions, and the board of directors authorizes executives to take full control by referring to the financial situation and operational needs. In regard to the total amount, individual amount and the upper limit of the contract transaction losses of the transaction contract, the Finance and Accounting Department will be in charge of the collection and provision of relevant data, giving transaction orders, evaluating the position, and setting the evaluation cycle of the derivative commodity position held, which will be submitted to the chairman or to the executive authorized by the chairman as reference for management. The transaction status and profit and loss assessment report will be reported to the board of directors.
Financial decision risk
All the Company’s financial-related decisions, including disposition, fund lending, endorsement guarantee, derivative commodity transactions, and management of invested businesses, have relevant regulations for the content of operations. In addition, we are also compliant with laws and regulations and the decisions are handled in accordance with the level of authority approved. The audit unit also conducts auditing related operations to reduce the possibility of risks.
Risks in operational aspects
Risks in operational aspects
Compliance risk
Integrity management and compliance with various laws and regulations are the most fundamental standards and requirements. The Administration Department and Finance and Accounting Department pay attention to the regulations proclaimed by the competent authorities for revision of the labor, management and financial regulations. The responsible unit in the factory carry out monthly compliance inspection on safety and health and environment (air pollution, water pollution soil pollution, waste removal, GHG, etc.) to make improvement or establish relevant operating procedures in case of deficiencies to reduce the compliance risk.
Information security risk
To implement information security management, the Company has set up the Information Security Management Regulations and relevant operating rules and carry out information work plans in accordance with such rules. In addition, the Regulations Governing Personal Information Data Security Maintenance and Management has also been established to strictly manage the use and security maintenance of data and build firewalls, the encryption systems of emails and electronic personal data storage platform to control the usage and access record. Meanwhile, the server endpoint protection function and privileged account management are also strengthened to prevent information security incidents from happening. The Company has also established a system backup mechanism and implemented annual disaster recovery drill to ensure the recovery of normal operation of the system and data preservation and reduce system interruption risks caused by unexpected natural disasters or human negligence. To enhance information security management efforts, our company has followed the ISO 27001 international cybersecurity standard to establish an "Information Security Management System," and successfully completed the verification in February of 2023. Moving forward, we will continue to review and improve our practices to align with the latest trends in information security regulations, technology, organizational needs, and operations. This is to safeguard the confidentiality, integrity, and availability of our company's information assets, preventing risks such as unauthorized access, leaks, tampering, or destruction.
Occupational safety and health management risk
The Company has a Labor Safety Center in the Head Office and each factory, which serves as the coordinating unit of safety and health management. To cope with the new version of the Occupational Safety and Health Management System (ISO/CNS 45001: 2018), each factory has revised the Safety and Health Management Manual and other related regulations and obtained verification to ensure the effectiveness and compliance of the system. In addition, we continue to promote safety and health management, improvement of process and equipment, risk identification and elimination or reduction of hazards to ensure safety and health of our personnel. Since 2020, cross-plant joint inspection of safety and health, deadlines for the improvement of deficiencies inspected, zero-disaster activities and the one-year project inspection for units experiencing major occupational disasters have been carried out. The frequency and intensity of inspections are increased to reduce as many occupational safety and health management risks as possible.
Fraud risk
The Company conducts an annual evaluation plan for the implementation of internal control system. All units carry out self-evaluation of the actual implementation situation, the current system, and the implementation of the regulations. In addition, improvement plans are found out to revise operating procedures and methods through the recommendations for deficiencies in inspections to reduce fraud risks. Furthermore, legal education for employees is also strengthened and effective communication channels are established to reduce the possibility of fraud risks.
Risk in environmental aspects
Risk in environmental aspects
Climate change risk
We have started to understand the content of various international initiatives/organizations concerning sustainability and climate change to put the focus of international initiatives and evaluation criteria into consideration when establishing environmental and greenhouse gas policies of the Company so as to comply with the international development trends and to enhance the Company’s capability to respond to climate change. Corporate Governance and Nominating Committee is the responsible unit for climate change. It intends to identify and evaluate the impacts and possibility of transition risks, physical risks, and opportunities in accordance with the climate risk and opportunity framework provided by TCFD. Please refer to Management of and Strategies for Climate Change Risks and Opportunities for details.
Environmental pollution liability risk
A dedicated unit in charge of the promotion of the ISO 14001 Environmental Management System is set up to have effective management of exhaust gas, wastewater and waste. Funds for the improvement of pollution prevention equipment are continuous invested, and Best Available Control Technology (BACT) is adopted. Meanwhile, pollution prevention and industrial waste reduction are implemented and water conservation and wastewater recovery for reuse are strengthened to ensure environmental compliance. We strictly control the production, storage and removal procedures of waste and establish an internal self-check and audit waste system.
Natural disaster risk
Emergency response measures for natural disaster risks have been formulated so that when natural disasters occur, immediate and effective response measures can be taken to reduce personnel injuries and equipment and property losses. In addition, buildings and equipment, such as the offices, plants, equipment and income-generating equipment are all covered by property insurance while precision instruments and equipment are covered by additional electronic device insurance to reduce losses brought by disasters.
Major external hazard risk
Aside from changes in international situations, industrial policies and laws and regulations, the recent major external hazard risks are the impacts of the global epidemic of COVID-19 and the Russia-Ukraine War. We have evaluated possible impacts of the epidemic and formulated emergency countermeasures and plans for continuous operational management in advance. The emergency response organization and contact network are established and plans for continuous operational management (including personnel, equipment, information system, raw materials, transport, finance and back up plans) have been set up based for the key business under the premise of advanced preparation.