Risk Management

Risk Management Policies and Procedures

The company’s “Risk Management Policies and Procedures” were approved by the board, as the company’s highest guiding principle for risk management. Regularly evaluates risks every year and formulates risk management policies for each risk. Through a complete risk management structure and integrated into operational activities, various risks that may arise can be controlled within tolerable limits to ensure the achievement of the company’s strategic goals. At the same time, risk management, organizational structure, authority and responsibility, and risk management procedures are also established The mechanism operates effectively.

Risk management scope

The company’s risk management includes the management of “strategic risks”, “operational risks”, “financial risks”, “information risks”, “legal compliance risks” and “other risks”.

Organization

The Board of Directors is the company’s highest responsible unit for risk management, approving risk management policies and related regulations, supervising the overall implementation of risk management, and ensuring effective risk control. In order to assist the board of directors in performing its risk management responsibilities, the audit committee has established a risk management group. The risk management group is the responsible unit responsible for implementing risk management. The administrative general manager serves as the convener and leads the top managers of each unit to conduct analysis of the company’s operational risks and emerging risks. Comprehensive assessment operations.
Risk management team structure chart

Operational situation​

The Company regularly reports risk management operations to the Board of Directors. The contents of the report are as follows:
In accordance with the “Risk Management Policies and Procedures” of the company, the “Risk Management Team” is composed of heads of various departments. It is expected to hold two meetings every year to identify risks and promote risk management. 
The implementation status of risk management compliance in 2023 will be reported to the board of directors on March 8, 2024. A brief summary of risk control matters is as follows:
  • Strategic risk: Conduct an analysis of the impact of global economic changes on major customer markets, and expect to use the analysis results as a reference for the company’s product design and development blueprint. This strategic risk assessment will continue.
  • Operational risk: Explore the global inventory and sales status of major customers as the basis for the company’s raw material strategic preparation, purchase, product production and inventory management, with the purpose of shortening the business cycle and avoiding the risk of funds hoarding in efficient inventory.
  • Financial risk: Analyze the aging and quality of accounts receivable from our customers to ensure that customers have sufficient liquidity to pay our accounts and avoid financial risks through accounts receivable insurance products.
  • Information risk: In order to implement information security management and strictly manage the use and security maintenance of data, the company has appointed a professional team “NewSoft International Technology Co., Ltd.” to regularly assist in performing information security assessments to reduce the company’s information security risks.
  • Legal compliance risks: Carefully review the company’s contracts and management, explore the legality of the contracts and their impact on the company’s financial status, and also review intellectual property and related equity contracts.
  • Other risks:
    • In order to prevent the impact of sudden disasters on the company’s operations, the company established a disaster emergency response team and a self-defense firefighting group in 2023, and completed employee fire education training and promotion on November 24, 2023 to enhance the company’s colleagues’ response capabilities and Proficiency in disaster prevention.
    • Our company purchased a one-year employer’s accident liability insurance on September 11, 2023 to cover the employer’s compensation liability for employees and reduce the company’s compensation risk when an employee has an accident.
The implementation status of risk management compliance in 2024 will be reported to the board of directors on February 27, 2025. A brief summary of risk control matters is as follows:

Risk

Responsible unit

Risk factors

Precautions

Operation situation in 2024

Strategic risk

R&D Department

1. The technology of the network communication industry is updated with the formulation of new standards and specifications, which may cause the risk of falling behind in technology.

2. Technology development and implementation risks.

1. R&D product units must pay attention to the release of new technologies and actively participate in various seminars.

2. A discussion forum is established within the company to promote communication among R&D personnel.

1. Keep an eye on market trends at all times, strengthen contact with chip manufacturers and brand customers, and maintain continued attention and investment in cutting-edge technologies.

2. Introduce top talents from the industry, open up support channels with chip factories, conduct detailed technical feasibility analysis, set multiple technology development milestones and evaluation points, and ensure the diversity and capability improvement of the technical team.

Operational risk

Materials Department

A company's over-reliance on a single supplier may increase the risk of supply chain disruption or insufficient technical support.

1. Expand technology supply sources and establish a diversified supply chain.

2. Establish alternative materials and increase supply sources.

Establish second alternative materials and suppliers for key materials to avoid supply shortages, while increasing purchasing channels to increase material preparation flexibility and avoid the risk of supply interruption or insufficient technical support.

Financial risk

Finance Department

Since most of the company's transactions are in foreign currencies, it incurs exchange rate risks from commercial transactions and recognized assets and liabilities.

The company's exchange rate risk management work is carried out by the finance and accounting department in accordance with the policies approved by the board of directors, and through close cooperation with operating units, it monitors exchange rate changes at any time and conducts regular reviews and assessments to avoid risks.

The Company conducts most of its transactions in U.S. dollars, mainly through natural hedging. The financial staff still maintains close contact with financial institutions, refers to bank forecast reports for net asset positions in U.S. dollars, keeps an eye on exchange rate fluctuations at all times, and exchanges currencies based on exchange rates and funding needs.

Information risk

Management Department

1. Information equipment security and risk management

2. Data security backup and risk management

3. Data access security risks

1. Data backup

2. Data access control

3. R&D code management

1. In view of information security risk hazards, in addition to appointing a professional team " NewSoft Technology Corporation " to regularly assist in the implementation of information security assessments and regular information security promotion. This year, we identified risk issues such as "sharing of account and password in electronic data operations", "confusion of sensitive settings of rights and responsibilities" and "no reasonable backup source", and conducted an investigation into the risk factors of corporate operating documents and R&D data security to improve and reduce the loss of information assets. , hardware damage or other hazardous factors.

2. Build your own server and use Git distributed version control software for R&D code management and protection.

3. In 2024, there will be two safety promotion trainings for all employees, on June 17 and December 13, with a total of 319 people and a total of 319 person-hours.

Compliance risk

and

Other risk

General Manager's Office

/Management Department

Labor safety risks

1. Safety education and promotion.

2. Provide occupational safety education and training.

3. Independent inspection, testing, maintenance and maintenance of fire protection equipment.

4. Labor health management.

1. Conduct irregular safety inspections and conduct education and training for new personnel.

Work with outsourcers to perform fire safety inspections.

2. Work with outsourcers to perform fire safety inspections, complete the fire safety inspection on May 13, 2024, and complete employee fire safety education and training on December 3, 2024.

3. Implement an employee health care system and arrange on-site occupational medical care services and employee personal health tracking on a monthly basis.

4. Arrange health lectures and conduct annual employee health examinations. Health lectures will be held on October 15, 2024, totaling 160 people, totaling 160 person-hours. The annual employee health examination will be completed on October 29, 2024.

5. On September 11, 2024, a one-year employer's accident liability insurance was purchased to cover the employer's compensation liability to its employees and reduce the risk of compensation when an accident occurs to employees.