Sustainable Risk Control
Opportunity is a double-edged sword. With opportunities for corporate development, come risks. Such risks can only be offset through control mechanism in order for opportunities to become means of fulfilling sustainable management.
To reinforce corporate governance and establish sound risk control to reach corporate targets, the Board approved Risk Control Policy on November 12, 2020. The objective is to ensure sustainable management, reduce damages and enhance corporate profit. Risks and opportunities should be evaluated accordingly for all business conducts to identify, evaluate, monitor and control risks, keeping risks within manageable range to rationalize risks and benefits.
The Board amended the Risk Management Policies on November 8, 2024. The amendment focuses on the organizational structure of risk management, which is divided into three tiers. At the first tier are all Businesses, administrative departments and applicable units; the second is the Risk Management Team; the third is the Internal Audit. Their duties and responsibilities are stated in the Risk Management Policies, and an emergency response team is to be established to form immediate responses to sudden material risk events, ensure regulatory compliance and minimize potential losses and impacts.
Monthly briefings covering issues such as management, sales, industrial operations, energy conservation and carbon reduction are held to keep the Board and senior executives informed and maintain sound decision-making. Risk management indicators have been incorporated as part of the performance review.
The Board of Directors serves as the highest decision-making entity regarding risk control and established functional committees dedicated to assisting in the oversight of risk management. The Audit Committee and Sustainability Committee oversee the control management of business risks as well as sustainability risks, respectively, to ensure the effectiveness of the risk control process and outcome.
⇥ Risk Management Policies
Structure of Risk Control Organization
First line of defense | All Businesses, administrative departments and applicable units | All Businesses, administrative departments and applicable units shall clearly identify major risks associated with their operations, conduct risk management and implement appropriate risk assessments in response to factors such as changes in the internal, external and regulatory environments. Regular reports on the risk management status shall be presented to the Risk Management Team under Corporate Management. |
Second line of defense | Risk Management Team | The Risk Management Team under Corporate Management oversees the entire risk management practices at FENC. The team is responsible for developing risk management policies, frameworks and mechanisms as well as qualitative and quantitative management standards. The team also conducts monthly reviews over risk control measures reported by various units in line with their assigned responsibilities. Additional tasks include examining issues related to risk management, monitoring the implementation and coordination of overall risk management initiatives, and presenting the risk management report to the Board at least once a year. |
Third line of defense | Internal audit | FENC’s internal audit units conduct operational risk assessments and audits through the internal control system and provide improvement recommendations in the audit report. In addition to the three lines of defense, an emergency response team shall be established in the event of a sudden material risk event with the potential of major impacts on the Company. The response team shall address risk situations immediately and communicate with internal and external stakeholders to ensure regulatory compliance and minimize potential losses and impacts. |
Identification and Management of Major Risks
FENC identifies potential risks and their sources for all departments. For more details on measures established and mitigating actions, please refer to the corresponding chapters in FENC Sustainability Report or FENC Annual Report.
Major Risk and Response
Risk Type | Detail | Potential Impact If Unaddressed | Strategy |
Financial Risk | Risks affecting financial targets caused by fluctuations in domestic and foreign interest rates, exchange rates and customer credit |
|
|
Strategic and Operational Risk | Risks caused by business strategies, domestic and international market competition, industry cooperation and changes in policies and regulations. |
|
|
Environmental, Carbon Reduction and Energy Risk | Risks caused by climate change, geographical resources, global carbon-reduction progress, energy and applicable fiscal and tax policies | Fines, lawsuits, protests, boycotts, market pressure or competitive disadvantages due to inadequate management of GHG as well as energy and resource consumption, damage to ecosystems and violations of environmental regulations |
|
ESG Risks | Risks caused by the inability to meet stakeholder expectations in ESG performance |
|
|
Emerging Material Risk
Emerging Risk | Detail | Impact | Mitigating Actions |
Geopolitical Risk | The geopolitical climate has been clouded with uncertainties in recent years. The trade war between U.S. and China has not subsided since 2018, triggering the tech war that followed. The tipping geopolitical balance is exacerbated by the nuclear crises in Iran and North Korea as well as the war between Ukraine and Russia and the Israeli-Hamas conflict. The free flow of goods and technologies have been severely impeded, upending the order that had supported the globalized economy and international trade. These geopolitical risks are clogging market efficiency. While posing profound influence on the overall economy and the security of Taiwan, they have also been hammering the stability of conventional business models, resulting in burdening costs. |
|
|
Information Security Risk | Network technology is progressing at an expeditious rate. With the prevalence of remote work and cloud computing, the corporate world is facing cybersecurity threats that are growing in diversity and complexity. Common threats such as ransomware, phishing and social engineering attacks are also striking wider targets with more sophistication , adding hurdles when it comes to defending corporate operations and data security. |
| FENC has a strong information security management system in place. In 2022, the Company created the Information Security Department and appointed the Chief Information Security Officer to oversee measures aiming to safeguard information security. To tackle information security risks, FENC has implemented the following five mitigating actions:
|
Principles, Mitigation and Control Measures, and Identification and Management Procedures
FENC establishes risk indicators and stays on top of environmental and regulatory changes through regular tracking. Once the risks are defined through internal meetings, evaluation is conducted by designated units on the potential threats and impacts on the Company to formulate action plans. Responses and control measures are carried out through special projects. The implementation and progress are reported to the highest governing entity on a regular basis.
.png)
Risk Control Mechanism
The Company’s risk management mechanism consists of risk alert system, regulatory compliance system,and etc. The Company offers the staff regular training to be risk awareness. Furthermore, risk control is implemented in conjunction with the internal audit system and is conducted through various monthly meetings, covering risk issues such as management and sales, industry management, environment sustainability and GHG reduction, etc.
1. Risk Alert System: Conduct regular follow-ups and examine corporate risks to establish advanced corresponding measures.
2. Regulatory Compliance System: Regularly implement self-evaluation on compliance to reduce risk of violation
3. Risk Ranking Project: Regularly conduct plant risk ranking projects to reduce operational risks.
4. Risk Control Training: Implement staff training to increase risk awareness.
5. Internal Control System: Oversee and manage risks through internal control system.
6. Regular Meeting: Conduct multiple monthly meetings to ensure management of and focus on risk issues from the highest governing entity.
FENC Regular Meetings
The risk management and implementation of 2024 have been reported in the Audit Committee on November 6, 2024 and the Board meeting on November 8, 2024.
■ Environment ● Social ◆ Governance
Important Meeting | Interval | Corresponding Issue | Highest Ranking Attendee | |
Board Meeting | Board Meeting | Quaterly | ■ ● ◆ | Chairman |
Audit Committee | Quaterly | ◆ | Independent Directors and Directors | |
Remuneration Committee | Semi-Annual | ◆ | ||
Sustainability Committee | Semi-Annual | ■ ● ◆ | ||
Themed Meeting | Management Meeting | Annual | ■ ● ◆ | Chairman |
Human resources management and development | Semi-Annual | ● ◆ | ||
Special report on R&D | Annual | ■ ◆ | ||
Seminar on industry strategies | Semi-Annual | ◆ | ||
Budget review | Annual | ◆ | ||
Environment sustainability | Annual | ■ | ||
Regular Meeting | Operation review meeting | Monthly | ■ ● ◆ | |
Sales Meeting | Semi-Monthly | ◆ | ||
Risk management meeting | Monthly | ■ ● ◆ | President of Corporate Management |