ESG

Risk management

Implementation of risk

To strengthen corporate governance and establish an effective risk management mechanism to achieve stable operations and sustainable development, the Company resolved to adopt the “Risk Management Policies and Procedures” in August 2024. For stable operations and sustainable development, the Board of Directors is the highest decision-making unit of the risk management mechanism and is responsible for approving the overall risk management policies and major decisions. The risk management process includes risk identification, risk measurement, risk control, risk monitoring and risk disclosure to manage and reduce the possibility and impact of risks. The scope of risk management includes seven risk categories, including strategic risk, operational risk, financial risk, hazard risk, legal compliance risk, information security risk and other risks.

The risk management policy of the Company is to define various risks in accordance with the Company’s overall operating policy, establish a risk management mechanism for early identification, accurate measurement, effective supervision and strict control, and prevent possible loss within the acceptable risk range. Based on changes in the internal and external environment, we will continue to adjust and improve the best risk management practices to protect the interests of employees, shareholders, partners and customers, increase the Company’s value, and achieve the optimal allocation of company resources.

The implementation of risk management in 2024 has been reported to the Audit Committee and the Board of Directors in November 2024.

Risk Management Organization Structure and Responsibilities

(1) Board of Directors

The highest responsible unit for risk management in the company is the Board of Directors, which establishes risk management policies and related regulations, supervises the effective operation of risk management mechanisms, and allocates appropriate resources.

(2) Audit Committee

The Audit Committee is responsible for overseeing and ensuring the execution of risk management, and reports the overall risk management results to the Board of Directors at least once a year.

(3) Risk Management Team

Comprised of managers from various departments, the Risk Management Team is responsible for risk identification, assessment, and control planning to ensure the proper implementation of risk management systems in each department. They supervise and monitor the execution of risk controls in operational units, reporting to the corporate governance supervisor.

(4) Corporate Governance Supervisor

Planning, leading, and overseeing risk identification, assessment, control, and monitoring in operational units, the Corporate Governance Supervisor provides improvement recommendations as needed. They supervise the implementation of risk controls in various departments, compile a group risk matrix based on feedback data from each unit, outline the execution status of the current year, the risk management plan for the following year, and report to the Audit Committee at least once a year.

Risk Management Organizational

Risk Management Organizational