Framework of Risk Management

TOP

SinoPac Holdings has established a clear risk management structure consist¬ing of four specialized layers, including the Board of Directors, the Risk Man¬agement Committee, the Risk Management Division, and the Audit Division from top to bottom. This clearly distinguishes the authorities and responsi¬bilities, hierarchical authorization, and fully defines the management rules and limits for each risk to attain the optimal balance between profitability and risk management.

To effectively manage the risks arising from the operations of SinoPac Hold¬ings and its subsidiaries, the Board of Directors serves as the highest super¬visory unit in charge of approving risk management policies and risk appe¬tite or limits and granting authorization to the management for daily risk management. Based on the authority, the management shall supervise risk management activities, evaluate the performance of risk management, and make sure that each risk management officer retains the necessary talents and integrity.

The Risk Management Committee was set up under the Chairman, who serves as the convener of the committee, to take charge of deliberating on the risk management policies, organization structure, systems and overall limits, reviewing the overall risk exposure, supervising the risk management activities of SinoPac Holdings and its subsidiaries, and coordinating efforts to manage material risk incidents.

The Risk Management Division was established under the President of Sin¬oPac Holdings, to be responsible for the development of SinoPac Holdings' overall risk management policies and guideline as well as the planning and implementation of the risk management system. The policies, guideline and systems are approved by the Board of Directors and implemented by the Risk Management Division, which conducts regular evaluations in the per¬formance of all subsidiaries in terms of risk management. SinoPac Holdings and its subsidiaries shall designate responsible units or personnel to take charge of risk management tasks in accordance with the business opera¬tions and the types and scale of risk exposure to ensure that all risk expo¬sures are properly monitored.