Framework of Risk Governance and Management

TOP

To effectively manage the various risks arising from the operations of SinoPac Holdings and its subsidiaries, the Board of Directors serves as the highest authority for risk oversight. In addition to approving risk management policies and risk appetite or limits, the Board delegates the responsibility of day-to-day risk management to the management team. Based on its authority, the management should monitor risk management activities, evaluate the effectiveness of risk management, and make sure that each risk management officer works professionally to comply with the code of ethics.

The Audit Committee is composed of 3 independent directors. They assist in supervising the effective implementation of the internal control system of the Company, compliance with laws and regulations, controlling existing or potential risks, and assisting the Board of Directors in making decisions with its professional division of labor and independence. Its duties include receiving regular reports from the Risk Management Division on potential risks and their management, supervising the implementation of risk management by the Company and subsidiaries, and deliberating the Company's risk management policies.

The Risk Management Committee has been set up under the Chairman. The Chairman serves as the convener of the Risk Management Committee to take charge of deliberating on the risk management policies, organization structure, systems, and overall limits, reviewing the overall risk exposure, supervising the risk management activities of SinoPac Holdings and its subsidiaries, coordinating efforts to manage material risk incidents, and reviewing other issues related to risk management.

The Risk Management Division has been set up under the President to coordinate the formulation of overall risk management policies and standards as well as the establishment and planning of risk management systems for the company and its subsidiaries. The Risk Management Division is responsible for promoting the policies, standards, and systems after they have been approved by the Board of Directors, and periodically evaluates the implementation results and management performance of each subsidiary.

Based on its authority, the management assigns a controlling unit or personnel to be responsible for the risk management of its business to ensure that all risks are properly monitored.


Risk Management Organizational Structure of SinoPac Holdings and Subsidiaries


SinoPac Holdings Risk Management Structure and Duties