Risk Management


The Board of Directors is the highest authority responsible for risk management. Its goal is to comply with regulations, promote and implement the overall risk management of the company, thus, they must have a clear understanding of various risks faced by the company to ensure the effectiveness of risk management. The Board of Directors is convened and led by the CEO, who oversees and directs the implementation and operation of the risk management plan, with the participation of other managers and all employees.


The risk management policy and related guidelines are approved by the Board of Directors and serve as the guiding principles for risk management. They provide clear guidance on the responsibilities and operational mechanisms for risk management. All employees are expected to adhere to these policies and guidelines, ensuring that risk management is integrated into related units.

Main risks can be categorized as market-wise, financial, operational, information security, legal, and ESG (including incident) causes. The unit has to create guidelines and procedures for all risks.

The management departments of each subsidiary have to develop guidelines based on their local laws or business attributes.

Please also seeRisk Management Measures.

System and Operations

1. Schedule Meetings

The supervisor is required to attend scheduled meeting to monitor risk control and ensure the proper functioning of the system.

2. Integration

To comply with legal requirements and facilitate the integration and monitoring of risk exposures across subsidiary companies, a risk information communication system has been created, enabling the reporting of operational and risk status.

3. Reports

Reports must be submitted to the Board of Directors in order to monitor risk status and follow up on its improvement. Any major incidents must be reported by the risk management unit, and corresponding plans must be launched. Report