886-2-82262088
TOP

Risk Management

Risk Management Policy:

  1. The Company established the “Risk Management Policy”, which was approved by the Board of Directors in 2020 and requires regular risk assessments to be conducted every year. Various risks are defined in accordance with the Company's overall operating policy. This policy sets the tolerable range of risk which prevents possible losses in order to increase shareholder value and optimize the Company’s resource allocation.

Risk Management Scope:

  1. Market Risks:Risks caused by factors such as domestic and foreign economy, changes in technology, changes in industry, etc., which cause financial and business impacts to the Company, and changes in values of financial assets and liabilities (including internal and external assets and liabilities in the balance sheet) due to fluctuations in market risk factors (interest rates, exchange rates, stock prices and commodity prices); resulting in the risk of financial loss.
  2. Investment Risks:Risks including fluctuations in the market price of short-term investments such as high-risk and high-leverage investments, derivative commodity trading, financial management, etc.; long-term investment in the operation and management of the invested company.
  3. Credit Risks:Risks caused by a client, supplier, or trading partner who failing to fulfill an agreement or obligation, resulting in the risk of loss.
  4. Hazard Risks:Safety protection and emergency response, referring to risks of the probability of occurrence of major hazard incidents and losses.
  5. Operation Risks:The Company's losses caused by errors in internal control, quality control of R&D, improper or incorrect human management and information systems.
  6. Regulatory and Legal Compliance Risks:Risks that arise out of violations of relevant laws and regulations or legally invalid contracts, ultra vires acts, incomplete guidelines, omissions in terms, or other factors that make it impossible to demand trading partners to fulfill obligations in accordance with the contract, and may therefore result in financial loss or loss of goodwill.
  7. Other Risks:Other forms of risks not included above which can cause major losses to the Company.

Organization Structure:

  1. Board of Directors: The Board of Directors is the Company’s highest risk management unit, whose goal is to comply with laws and regulations, as well as promote and implement the Company's overall risk management. The Board of Directors clearly understands the risks faced by operations, and serves to ensure the effectiveness of risk management, and bears the ultimate risk management responsibility.
  2. Senior management staff: Implement risk management policies, coordinate interactions and communication of risk management across different departments.
  3. Audit unit: Assess the effectiveness of the risk management process and provide appropriate and effective suggestions on improvements.

Implementation:

  1. The Company has reported the risk assessment results to Audit Committee and the Board of Directors on Nov. 12th 2024. The main contents are as follows:
Risk Type Identification and Analysis of Risk Contingency Measure
Market Risk
  • Interest Rate Risk – The Company may borrow from financial institutions for long-term and short-term capital loans due to the purchase of office buildings and operational needs. If the interest rate rises sharply, it will pose greater risks to the Company's overall profit.
  • Exchange Rate Risk - Most of the Company's gains and losses in exchange of currency come from unrealized exchange gains or losses arising from reassessment of foreign currency assets and foreign currency liabilities based on the exchange rate on the balance sheet date. If the exchange rate of the US dollar against the New Taiwan dollar fluctuates significantly, it will pose relative impact on the Company's overall profit.
  • Interest Rate Risk –The Company's capital planning is based on the principle of conservativeness and stability. Funds mainly exist in the form of deposits and demand deposits, and the interest income ratio is not high. In addition, the Company maintains a good relationship with financial institutions, and the relevant financing conditions and interest rates are good with no major risks. The financial unit of the Company regularly monitors economic development trends and the relationship between various banks in order to take necessary measures.
  • Exchange Rate Risk - Most of the company’s export sales and outsourcing are quoted in US dollars, mainly using natural hedging methods. However, the company still maintains close contact with financial institutions. Regarding the US dollar net asset, the company has referred to the bank’s forecast report to determine the hedging position.
Investment Risk
  • If the Company's investment subjects are high-risk, high-leverage, derivative commodity trades and long-term equity investments, the Company's profits and losses may fluctuate due to the high uncertainty of future investment profits.
  • The Company's operating policy is based on the principle of focusing on the business and being pragmatic in its approach, and adhering to a robust and conservative financial strategy without engaging in high-risk and high-leverage investments, nor in derivative commodity transactions. Furthermore, the Company has formulated operation regulations, including "Procedures governing the acquisition and disposal of assets", "Procedures governing derivative commodity trading", and "Regulations for supervising and managing the subsidiaries", etc., as the basis for the Company to comply and execute related activities carefully, and to carry out the announcement and declaration operations in accordance with relevant laws and regulations.
Credit Risk
  • The Company's credit risk is mainly due to the accounts receivable generated from business activities, such as the economic losses caused by trading partners failing to deliver payment in accordance with the contract.
  • In addition to the Company’s "Regulations for acceptance tests and payment request operations" to track and manage accounts receivable, the accounting unit also keeps close contact with business units for overdue payments in order to reduce the credit risk of accounts receivable.
Hazard Risk
  • Factors such as natural disasters and extreme weather may affect the Company's operations, such as earthquakes, typhoons and floods. If the Company suffers losses or ceases operations due to a natural disaster, it may reduce the Company's production capacity and potentially adversely affect the Company's operations and financial performance.
  • Besides using fire and accident insurance to transfer hazard risks, the Company also regularly organizes fire protection system inspections and drills. The Company's plant site also has pumps and flood control basins to reduce the risk of flooding.
Operation Risk
  • Losses caused by internal and external personnel or system operations, such as personnel fraud and information security risks.
  • The Company continues to promote the functions of the Board of Directors and Functional committees, actively prevents conflict of interest among insiders, strengthens the whistleblower mechanism and sets up reporting mailbox for integrity management, continues to promote employee trainings, enhances the concept of integrity, reduces the probability of illegal incidents, arranges members of the Board of Directors to continuously take related courses in order to understand the latest trends and challenges.

  • The company obtained the ISO/IEC 27001:2013 certification for Information Security Management System in November 2022.

    An internal self-assessment is conducted at least once per year, along with an external audit by a certified third-party organization to ensure the company implements the ISO 27001 management framework. Additionally, re-certification occurs every three years to maintain the validity of the ISO 27001 certification. The current certificate is valid until October 31, 2025, with plans to transition to the 2022 certificated version.

    The Information Management Department also implements the following measures:

  1. Establishment of an "Information Security Risk Management Program" to regularly assess information security risks and develop corresponding strategies.
  2. Enhanced information security training to raise employees’ awareness, including risk assessment practical training courses and quarterly information security campaigns.
  3. Establishment of an "Information Security Incident Management Program," which includes a reporting mechanism for security incidents, enabling timely responses and handling.
  4. Regular updates to information systems to patch vulnerabilities and enhance system security and performance.
Regulatory and Legal Compliance Risk
  • Risks that arise out of violations of relevant laws and regulations, ultra vires acts, incomplete guidelines, omissions in terms, or other factors that make it impossible to demand the trading partner to fulfill its obligations of the contract, and may result in financial loss or loss of goodwill.
  • The Company has a legal and intellectual property division to handle the Company’s legal and contract matters, and has hired external legal counselors to assist in legal matters. The Company’s management also keeps up to date of important changes of domestic and foreign policies and laws, and timely proposes contingency measures. Members of the Board of Directors continue to take related courses to reduce possible legal risks.