Risk Management

Corporate Governance

Risk Management

The company has formulated a “Risk and Crisis Management Rules” and approval by the board. The board of director is appointed as the supreme governance unit and established an inter-departmental risk management unit to joint identify all types of risks that could impact company’s operations and adopt appropriate response based on the evaluation results to effectively reduce the company’s operating risks. The company pays attention to the development of domestic and international risk management at all times to review and improve the risk management system established by the company and enhance the effectiveness of risk management. Risk management reports are submitted to the audit committee and the board of directors at least once a year. The performance of 2024 has been reported to the audit committee and the Board meeting on the 8th of November 2024.

Scope

In addition to dealing with risks arising from various business operations such as marketing, operations, human resource allocation and response, and financial accounting risk assessment according to the company’s existing regulations, the company is also actively developing more sensitive procedures to supervise, evaluate, and control risks, taking into account safety and efficiency, establish a more economical business operation model, and strengthen early warning and monitoring capabilities.

Organization

The company has set up a “risk management team” in charged by management personnel of related departments and divisions as the first line of defense for risk control, the President serves as the convener, and the audit office is the promotion and execution unit of the team (executive secretary). They identify, assess, confirm and classify all types of risks faced by the company by convening regular meetings every year and whenever necessary. In addition, they negotiate a feasible plan, report the implementation of risk management to the Audit Committee and the board of directors in a timely manner, and put forward necessary improvement suggestions. The functions and responsibilities of the relevant departments are as follows

Board of Directors
  • Approve risk management policies, procedures, and frameworks.
  • Ensure operational strategy aligns with risk management policy.
  • Ensure appropriate risk management mechanisms and risk management culture are established.
  • Oversee the comprehensive risk management system and ensure its effective operation.
  • Assign and allocate sufficient and appropriate resources to ensure effective risk management.
Audit Committee
  • Assist the Board in overseeing the risk management system.
  • Supervise risk management implementation and provide necessary improvement recommendations to ensure the effective operation of the overall risk management mechanism.
Risk Management Team
  • Review risk management policies, procedures, and framework, and regularly assess their suitability and effectiveness.
  • Determine risk tolerance, guide resource allocation.
  • Ensure that risk management mechanisms can adequately address the risks faced by the company and are integrated into daily operational processes.
  • Approving risk control priorities and risk levels.
  • Review risk management implementation, provide necessary improvement recommendations, and report regularly (at least once a year) to the audit committee and board of directors.
  • Execution of risk management decisions resolved by the Board of Directors.
Auditing Office
  • Developing risk management policies, procedures and frameworks.
  • Establish risk tolerance and develop qualitative and quantitative measurement standards.
  • Analyze and identify the sources and categories of company risks, and regularly review their applicability.
  • Regularly (at least once a year) compile and submit a report on the execution of company risk management.
  • Assist and oversee the implementation of risk management activities in various departments.
  • Coordinate cross-departmental interactions and communications for risk management operations.
  • Execute risk management decisions of the Risk Management Team.
  • Plan risk management training to enhance overall risk awareness and culture.
Operating Units
  • Responsible for identifying, analyzing, evaluating, and responding to the risks of the unit, and establishing relevant crisis management mechanisms when necessary.
  • Periodically submit risk management information to the Auditing Office
  • Ensure that the risk management and related control procedures of the unit are effectively implemented in compliance with the risk management policy

Acter

Item
Auditing Office
  • Focus on internal audit of major risks defined by the risk management team, while auditing the company's risk management processes.
  • Ensure the effective implementation of internal control systems and track improvements for any identified deficiencies.
General Administration Division
  • Allocate manpower and respond to activities thereof.
  • Implement and handle all types of insurance operations.
  • Track and handle the progress of litigation.
  • Social Welfare Activities.
Financial Division
  • Financial analysis and planning; evaluation of financial risks.
  • The unit that allocates funds; supervise and evaluate customers’ credi-bility.
  • Track and manage receivables.
  • Implement and handle report and announcement relevant operations.
Engineering Department
  • Implement budget control
  • Track customers’ orders.
  • Evaluate unrecognized risks
  • Control the balance.
  • Control the engineering progress.
Business Department Control possible changes to the Company’s business activities in the future.
Procurement Department Control the supply channel of key channels; track and manage the orders.
Design Department Clarify questionable parts of design drawing.
IT Department
  • Develop, install and manage all types of information systems.
  • Maintain information security and control the use of software.
Quality Insurance & safety Department Establish and maintain environmental and construction safety and hy-giene.

Subsidiaries

Follow the Company’s “Risk and Crisis Management Rules” to evaluate and monitor risks, and report the risk management status to the CEO of Acter.