To reinforce corporate governance and establish sound risk control to reach corporate targets, the Board approved Risk Control Policy on November 12, 2020. The objective is to ensure sustainable management, reduce damages and enhance corporate profit. Risks and opportunities should be evaluated accordingly for all business conducts to identify, evaluate, monitor and control risks, keeping risks within manageable range to rationalize risks and benefits.

The Company shall report risk management results to the Board of Directors at least once every year. The risk management and implementation of 2022 have been reported in the Audit Committee on November 2, 2022 and the Board meeting on November 19, 2022. 
⇥ Risk Management Policies

Structure of Risk Control Organization

Risk control at FENC is governed by a 3-tierd framework that spans throughout the Board, the Corporate Management as well as the business departments and units. The obligations of each applicable entity are outlined within the Risk Control Policies. In the event of unanticipated major risks, an emergency response team shall be established to formulate immediate responses and handle the risk conditions to ensure regulatory compliance while minimizing potential damages and impacts. Monthly risk control briefings are presented to the Board members and senior executives. Risk issues discussed include management, sales, industry operation as well as energy and carbon reduction to keep the Board members and senior executives informed while making policy decisions.

1. Board of Directors
   The Board of Director serves as the highest decision-making entity regarding risk control. The Audit Committee and Sustainability Committee oversee the control management of business risks as well as sustainability risks, respectively, to ensure the effectiveness of the risk control process and outcome.
2. Corporate Management
   Corporate Management is responsible for the overall risk control and establishment of management standards.
   Monthly task: The units conduct regular meetings to review and examine the risk control status, monitor risk control implementation and coordination on the overall operation.
   Yearly task: The units shall present the risk control report to the Board at least once a year. The risk management and implementation of 2022 have been reported in the Audit Committee on November 2, 2022 and the Board meeting on November 19, 2022.
3. All Businesses and Applicable Units
   All units shall identify major risks and conduct risk planning, implement essential risk assessment and control, and report the status of risk control to the Corporate Management on a regular basis.

The Principal Risk Control Mechanism and Implementation of 2022 

The Company’s risk control mechanism consists of regulatory compliance system, risk alert system, risk ranking project, which the Company offers the staff regular training to be risk awareness. Furthermore, risk control is implemented in conjunction with the internal audit system and is conducted through various monthly meetings, covering risk issues such as management and sales, industry management, environment sustainability and GHG reduction, etc.

1. Regulatory Compliance System
   Since 2013, all units shall be self-assessed in compliance with regulations of the field to reduce legal risk every quarterly and the Legal Department shall conduct an on-site inspection and submit the result to the Board of Directors.  
   From July 2022, self-assessment of legal compliance will be implemented once a month instead of quarterly. Key tasks in 2022 were as follows:
   (1) Comprehensively reviewed and updated the laws, regulations, and compliance
   (2) Visited the US subsidiary to strengthen legal services and system construction
   (3) Developed RPA (Robotic Process Automation) to capture and convey the newest informs
   (4) Implemented the compliance inspection of the units affiliated with the administrative headquarters 
   (5) Participated in the monthly risk management meeting and weekly managerial meeting of the subsidiary in Vietnam, and provided weekly regulatory update reports
2. Risk Alert System
   In 2015, the risk alert system was established to track the corporate risk factors by Corporate Management on a regular basis. Through risk indicators management, each administrative unit identified abnormal indicators with corresponding measures, improvement and optimization plans. Key tasks in 2022 were as follows:
   (1) Strengthened precautionary measures to decrease the risk of COVID-19 transmission, and holded Annual Shareholders' Meeting via video conference
   (2) In response to the Ukrainian-Russian War, took necessary measures to the recovery of accounts receivable
   (3) In response to rate hike, planned financing measures to reduce capital costs 
   (4) In response to the reverse shipping market, coordinated long-term contract price downward 
   (5) Established a Chief Information Security Officer and a dedicated information security unit to strengthen information security management and promote digital projects
   (6) Set up a project to uplift credit rating and market value
   (7) Structured ESG-related taskforces to reduce and audit greenhouse gas emission.
3. Risk Ranking Project
   Since 2013, the Company implemented regular Risk Ranking Projects once every three years to control operational risks among production sites. In March 2022, the fourth survey was officially launched, including 8 major risk areas of 27 production sites (domestic and overseas). It was carried out by the external consultant, Marsh team. This project had visited 14 production sites. Currently, it is found that some production sites can be improved in the following areas.
   (1) Incomplete fire protection 
   (2) Reliability of fire compartment
   (3) Environmental management for electrical equipment around
   (4) Damage prevention of solar panels
4. Regular Meetings
   We conduct various regular meetings with the highest governing entity, covering risk issues such as management and sales; R&D; industry management; energy conservation and GHG reduction; human resources; sustainability development, which ensures proper focus and management from the highest governing entity.
    

FENC Regular Meetings

■ Environment ● Social ◆ Governance

FENC Risk Management Principle and Processes
 

Six Principles
1. Considering the uncertainty of risk factors and collecting the best information to develop prioritized action plans 2. Achieving optimal resource allocation and utilization 3. Establishing necessary preventive mechanism and emergency action plans	4. Constantly identifying and responding to changes 5. Complying with laws and regulations 6. Strengthening trust and communication with stakeholders
Seven Processes

Major Risks

FENC identifies potential risks and their sources for all departments.

1. Financial Risk
   Including the volatility of local and foreign interest rates, currency exchange rates and credit risks, etc.
2. Strategic and Operational Risk
   Including operations strategies, local and overseas market competitions, industry alliance, policy or regulation changes, etc.
3. Information Security Risk
   Including but not limited to potential threats to the confidentiality, integrity, availability of the Company’s information asset due to any natural, man-made or technical factors.
4. Environmental, Carbon Reduction and Eenergy Risks
   Including those induced by climate change, geographical resources, global carbon reduction progress, energy as well as fiscal and tax policies.
5. ESG Risks
   Including those induced by the environment, society and governance that are derived out of global corporate sustainability issues.

Strengthen Risk Control Training

To ensure sustainability, reduce damages and boost profits, all units must conduct risk prevention training to minimize potential risks. Potential risks include financial risks; strategic and operational risks; information security
risks; environmental and energy risks. In 2021, 6,608 employees completed the 62 training programs offered by the Company. The Company also provided training on occupational safety and health risks.

In addition to risk-specific trainings, FENC provides regulatory compliance training at all production sites on an ad hoc basis to enhance staff’s legal knowledge and reduce the risk of violations in their business conducts. FENC launched the online platform, FENC Academy, providing online training and exams for employees at production sites in Taiwan, Mainland China and Vietnam, etc. A total of 18,848 employees completed the regulatory compliance training and exam as of the end of 2021. To strengthen managerial staff’s legal risk awareness and response, FENC invited 4 attorneys from Lee and Li Attorneys-at-Law to give a lecture on January 13, 2021. With backgrounds in public prosecution and environmental safety, the attorneys spoke on the topic, Corporate Response to Criminal Risks and Environmental Safety and Health Risk Control. A total of 252 employees participated, including the managers and plant managers, security staff and environmental safety staff from FENC production and operation sites as well as the legal staff from FENC affiliates.