Risk Management

Risk Management

GRI 2-23, 2-24; SASB TC-SI-550

Climate-Related Risk

Information Security Risk

Human Rights Risk

Infectious Diseases Risk

In view of the global trend of emphasis on risk management, SYSTEX has improved the risk management mechanism to reduce the impact of risks, improve operational efficiency and corporate resilience in response to risks, and increase competitive advantages to implement sustainable operations. At the end of 2022, SYSTEX has established a cross-divisional Risk Management Committee under the Board of Directors, and formulated “Risk Management Best Practice Principles“, “Risk Management Policies and Procedures“, “Rules of Risk Management”, “Rules of Strategic Investment Management” and “Rules of Supervision and Management of Subsidiaries” to effectively control risks and improve management efficiency.

Risk Management Policy and Principle
 

Risk Management Goal

 

The SYSTEX Risk Management goals aim to consider and manage various risks that may affect the achievement of corporate goals through a complete risk management structure, and to achieve the following goals by integrating risk management into operational activities and daily management processes:

  • Achieve corporate goals
  • Improve management efficiency
  • Provide reliable information
  • Allocate resources efficiently
 

Risk Management Principle

 

  • Integrated
  • Customized
  • Dynamic
  • Inclusive
  • Employee and cultural
  • Structured and comprehensive
  • Effective use of information
  • Keep improve
Risk Management Organization

SYSTEX strengthens risk management with the Board of Directors as the highest governing body. A Risk Management Committee is established under the Board’s supervision to integrate risk management and supervision into daily activities and achieve sustainable operations.

Risk Management Organizational Structure

Risk Management Committee

The Risk Management Committee executes risk management policies and reviews them periodically, and is accountable to the Board. They determine risk tolerance, prioritize risk management, and report on progress to the Board at least once a year or submit proposals for Board approval.

Crisis Management Group

The Crisis Management Group develops risk policies, procedures, and frameworks. They establish risk metrics and tolerance levels, analyze company risks, and oversee and coordinate risk management activities across departments. The Crisis Management Group is responsible for enhancing risk awareness among the entire organization with training programs. The Group is consisted of a number of functional division head of “Financial Division, Business Management Division, Legal Division, HR Division, Data & Info. R&D Division and BU/BI”. As a result, the Crisis Management Group held a meeting quarterly, with a total of 4 meetings in 2022.

Crisis Resolution Team

The Crisis Management Group has set up the Crisis Resolution Teams, grouping by crisis events. These teams are immediately activated when a crisis may occur, and are responsible for identifying the main causes of the crisis and dealing with the situation according to the “Rules of Risk Management.”

Team Person in Charge Leader Responsibility
Regulatory
Compliance
Supreme
head of Legal
Division
Legal Division
head or his
assignee
  • Responsible for regulatory compliance-related controls, such as contract disputes, government penalties, trade secrets, serious corruption and labor issues, etc.
Continuing
Operations
Supreme head
of BI
BI head or his assignee
  • Responsible for business operation-related controls, such as market upheavals, severe defaults, loss of key operating resources, severe data center disruptions, etc.
Disaster
Response
Supreme head
of HR Division
HR Division
head or his
assignee
  • Responsible for disaster-related controls, such as natural disasters, asset loss, infrastructure failure, personal safety and infectious diseases, etc.
Information Security Protection Supreme head
of Data & Info.
R&D Division
Data & Info.
R&D Division head or his assignee
  • Responsible for information security-related controls, such as enterprise information security, customer data security, data center test failure and personal information infringement, etc.
Social Media Supreme head
of Marketing &
PR Division
Marketing &
PR Division
head or his
assignee
  • Responsible for corporate image-related controls, such as negative media reports and spread of negative social remarks, etc.
Crisis Management Procedures
Risk Trends and Material Issues

According to the WEF’s “Global Risk Report 2023”, the major risks closely related to SYSTEX include the risks of “Failure to mitigate and adapt climate change, Natural disasters and extreme weather events, and Widespread cybercrime and cyber insecurity”. At the same time, although the Covid-19 epidemic is gradually easing, the threat of other mutant viruses continues to emerge due to rapid changes in the global environment, thus creating potential risks of operational disruption. In addition, in response to the increasing international awareness of human rights, risk assessments on human rights issues are also conducted. SYSTEX also plans and implements management actions for preventing these risks.

For more details on these risks, please click the following links: