Issue Date：December 1, 2023
In order to understand the internal and external risks that the company may face, we conduct risk identification to identify the scope of risk management. We continuously monitor potential risks and implement preventive measures based on the latest developments and regulatory requirements in internal audit. This strengthens risk management, enhances crisis response capabilities, and achieves the goal of risk control. By doing so, we aim to promote shareholder value, maintain competitiveness, and establish a foundation for sustainable business operations.
Scope of Risk Management
Risk Management Team
The "Risk Management Team" integrates various risk management units and reports to the ESG Committee. It is led by the CFO and operates according to the risk management policy approved by the Board of Directors in 2020. The team conducts risk identification and risk control based on established risk factors. This ensures more efficient coordination, self-assessment, and implementation within the risk management organization. Moreover, The Audit Committee has supervised risk management policy and structure, reviewed significant risk issues, and reported on related operational situations since July 2023.
The Company has actively promoted the implementation of risk management mechanisms since 2017. From 2020, the Company has provided regular annual reports to the BOD on the operation. As of July 2023, the Company annually reports to the Audit Committee and the BOD. The Audit Office will also be responsible for submitting risk assessments as part of the annual audit plan and reporting the Company's risk management implementation to the Audit Committee and the BOD. The following shows the implementation from every year:
- The scope, organization, and structure of the risk management were established in 2017.
- The risk management organization was re-structured based on the organizational change in 2018. Each risk management unit was combined into a “Risk Management Team” that is subordinated to the ESG Committee and led by the Chief Financial Officer for identification of risk factors and risk control. This makes the command and control, self-evaluation, and operation of the risk management organization become more efficient.
- The risk detection, analysis, and identification for the risk management had been continuously implemented in 2019. In addition, the emerging risk issues, such as the information security and climate change risk, were included in the management policies for effective control. The Company offered the risk management courses about quality, products, and information security. A total of 253 people attended them with a total of 114 training hours.
- In 2020, the risk management policy of the Company has been developed and approved by the Board of Directors. The Company will continue the risk detection, analysis, and identification for the risk management to enhance the crisis response abilities to prevent and solve them and the ability to quickly recover after crises for effective risk control. Moreover, the Company offered the risk management courses about quality, information security, and climate change. A total of 83 people attended them with a total of 116 training hours.
- In 2021, the Company offered the risk management courses about quality, information security, climate change and RBA. A total of 2,591 people attended them with a total of 3,362 training hours. Furthermore, to enforce the detection, analysis, and identification of risks within the scope of risk management to capture the internal and external risks that the Company will face in business operations, we conducted the biennial risk factor identification at the end of 2021 to achieve advance assessment, countermeasure establishment, and prevention.
- In 2022, we have conducted risk management courses related to risk identification, information security, climate change, and occupational health and safety. These courses include "Safety Risk Identification and Control," "Environmental Issues Identification," "Production Safety Management and Occupational Safety and Health Products Use and Management," "Occupational Disease Prevention and Control," "Handling of Occupational Accidents," and "Information Security." These courses aim to enhance employees' risk awareness. The total number of participants was 2,658, with a total training duration of 1,718 man-hours.
- In 2023, we have implemented mitigation measures for the risks caused by climate change and information security. In addition, in order to monitor, analyze, and identify risks within the scope of risk management, we conducted risk identification in November based on established risk factors, and identified top 10 risk issues after two-stage questionnaire survey. Subsequently, an assessment of potential response strategies will be carried out for the identified risk issues, and management strategies will be formulated to execute risk control.
- The Risk Management Team listed a total of 35 risk issues in the questionnaire. At stage 1, 230 intermediate and senior officers answered the questionnaire in terms of “principal risks faced in the past”, “risks occurred in the last 12 months”, and “the top 5 risks that may occur in the next 3 years” to locate the top 20 risk issues. At stage 2, 31 officers participating in the senior management meeting screened the top 10 risk issues that Coretronic faced among the said top 20 risk issues.
- In 2022, we will assess the potential counteractions for the top 3 risk issues, draw up management strategies, and implement risk control.
|Top 10 Risk Topics in 2021
||External factors – the rapid changes in technology and the industry
||Operations – discontinuity of the supply chain
||Human Resources - difficult to attract and retain employees
||Enterprise – lack of innovation/unable to fulfill customers' needs
||External factor – Pandemic Spread / Health Hazard
||External factor - economic downturn/slow recovery
||External factor - increase of competition
||Human Resources – lack of employees
||External factor – political risks / uncertainty
||Enterprise – implementation or strategy communication failure
- In 2022, we developed management approaches and response strategies for the top three risk issues.
||Drastic change in technology and industry
- The market of large display and LED display becomes fierce
- It becomes more competitive for display products as technology is more diverse.
- Traditional business model is impacted by e-commerce platforms.
- Innovative products should be developed in response to the industrial changes.
- We continuously utilize core technologies in our visual solutions to provide new interactive experiences in areas such as home entertainment, large-screen displays, digital signage, large public space displays, and smart retail. We also expand our customer base and applications in various fields. We are developing smart and Internet-enabled functionalities to expand the application scope of projectors, adding possibilities for various settings and environments.
- Customer base and application market should be expanded for energy saving products, focusing on product segments with growing market demand. Emphasis should be placed on the development of technologies for ultra-thin, narrow bezel, touch-enabled, high-resolution, and high dynamic contrast energy-saving displays. This will provide customers with comprehensive and versatile integrated custom display solutions.
- We leverage technology and various channels to build new retail trends and expand market applications.
- Focusing on the research and development of high-value-added products and various visual imaging solutions, we will deepen our expertise in artificial intelligence, big data, cloud technology, and intelligent interactive solutions. This includes the development of intelligent service solution platforms, aiming to expand and drive new growth opportunities.
||Supply Chain Shortage
- Natural disaster and pandemic causes delay and interruption of production and delivery.
- Technology changes fast, and key components are required for new technology. ESG causes higher costs for small suppliers.
- ESG causes higher costs for small suppliers.
- We prioritize the control of supply risks for high-risk and critical raw materials. We then set strategic inventory levels and demand quantities based on market demand and supplier delivery speed. We invest in research and development of innovative technologies to enhance our in-house manufacturing capabilities for components. We also collaborate with suppliers and implement regional supply chain strategies, as well as a multi-source procurement approach to ensure a diversified supply.
- We maintain close relationships with key component suppliers to understand their capacity and adjust lead time. We actively carry out technical cooperation or strategic alliance with major domestic and foreign manufacturers to facilitate the launch of new products or the acquisition of new technologies.
- We conduct regular audits to ensure supplier's delivery capabilities and consistently seek and nurture local suppliers who can provide environmentally compliant and high-quality products. We adhere to a localization-first procurement strategy and aim to reduce carbon emissions by minimizing transportation distances.
|Hard to attract and retain employees
- We provide multiple communication approaches to improve communication with employees.
- We provide salaries and welfare that are better than local regulations.
- We strengthen employees' professional skills and global insights with various methods.
- We advocate work safety and precautions of occupational accidents.
- We provide bilateral communication channel and conduct employee survey to consolidate employees' opinions for further communication.
- According to the locations of our operational sites, all employees' salaries meet the minimum wage standards specified by local laws and regulations. We also provide social insurance coverage as required by regulations. In addition to the mandated benefits, we offer additional insurance and welfare measures in compliance with applicable laws and regulations.
- With sustainability as a core corporate value, we actively invest in the retraining of employees to revitalize and strengthen our workforce. This is done to promote career development opportunities for our employees.
- With the goals of creating a safe and healthy work environment and achieving zero occupational accidents, we strive to provide employees and workers with a healthy and safe working environment.
||Support and introduce TCFD, and investigate the financial risks of climate change through the climate change risk questionnaire, and then set and plan annual goals, budgets and plans by the environmental safety and plant management units. After submitting to the Environmental Protection Committee for review, the corresponding plan will be implemented in accordance with ISO 14001 environmental management system, ISO 14064-1 greenhouse gas inventory standard, and ISO 50001 energy management system.
In response to the trend of net zero emissions, apart from joining the Taiwan Climate Partnership, making an open commitment to net-zero emissions (carbon reduction by 25% by 2025, 50% by 2030, and net zero by 2050), and actively answering the CDP Climate Change Questionnaire, we have even set the 1.5°C science-based target (SBT) approved by the SBTi.
||Implemented and passed ISO 14067 product carbon footprint inventory for the reference of green product development in the future.
||Created multiple and unfettered two-way communication channels (quarterly labor-management meeting, annual business officer communication meeting) and labor/human rights grievance channels dedicated to building a friendly workplace.
||Taking ISO 27001 as the reference standard, the Company has established an Information Security Committee and formulates information security policies according to the actual management needs of the Company. In response to actual needs and development trends, it formulates corresponding information security strategies and visions to improve the information security protection system. A safe and trustworthy information security environment is thus established through a risk-oriented security protection mechanism, supplemented by continuous training and enhancement of employees’ information security awareness.
||By establishing a governance organization and implementing internal control mechanisms, we ensure that all personnel and operations actually comply with relevant laws and regulations.
||Occupational Health and Safety
||For occupational safety, the occupational safety unit sets and plans annual goals, budgets and plans, and submits them to the Occupational Safety and Health Committee for review to implement relevant strategies through ISO 45001 and CNS 45001 verification of the occupational safety and health management system. For occupational health, the Health Management Department analyzes the health problems of colleagues through the results of regular health examinations, and plans appropriate health promotion activities. It has also established a group pandemic prevention team for COVID-19 to implement relevant pandemic prevention policies.
|Labor and Management Relations
||The Company notifies employees four weeks in advance of significant changes to operations that may cause serious impacts on employees.