TIPS Implementation Status in 2025

Walsin Lihwa implemented the Taiwan Intellectual Property Right Management System (TIPS) to Yenshui plant and headquarter in 2020 and Hsinchuang plant is then joined in 2021. Walsin Lihwa continued to acquire the TIPS (level A) certification in 2023. To further enhance internal control of intellectual property management, in 2025, we integrated the group’s intellectual property information onto a single platform, presenting key figures in visualized charts for management level decision-making, and improving accessibility for intellectual property utilization, aiming to further perfect the scope of intellectual property management. The intellectual property right management policies and the targets are planned according to the TIPS regulation 5.2 and 5.3. The implementation status and annual plan are reported at a board meeting on November 7, 2025.

Intellectual Property Management Plan

• • Intellectual Property Right Management Policies
    1. R&D for innovation and competitiveness enhancement,
    2. Employees’ awareness of intellectual property rights for more effective intellectual property right management.
    3. Confidential document management, and
    4. Execution corporate governance with compliance

    ※ The targets and implementation status according to the intellectual property right management policies, are listed in the “Annual implementation status and achievement ”section.

• • Intellectual Property Management Measure
  • Since the implementation of TIPS in 2020, Walsin Lihwa has continuously conducted sampling inventories of its patents, trademarks, copyrights, and trade secrets. Additionally, measures to encourage innovation, execute periodically IP training, improve IP management and contract review are taken with systematization and automation.
    Management processes of IP risk assessment, proposal review of IP right application, IP right protection evaluation, Infringement handling procedure and attentions for the outsourcing of intellectual property affairs are regulated as intellectual property management measure. This year, we launched more meticulous and multi-layered optimization measures for intellectual property information management, integrating all group affiliates’ intellectual property data into a unified and efficient information management structure. We also planned and launched dedicated intellectual property management platforms tailored to the characteristics and needs of each business group. This not only systematizes the integration of all intellectual property-related reports, data, and information in the R&D process, improving the convenience of searching and utilization, but also uses data visualization technology to dynamically present key indicators in chart form, helping management level grasp the current status and trends of intellectual property utilization in real time, strengthening the accessibility and strategic use of intellectual property resources, and further promoting the continuous improvement and upgrading of the company’s intellectual property management scope.
    In the future, Walsin Lihwa will review the intellectual property right management policies and adjust targets and intellectual property management regulations annually in accordance with operation strategy and the changes in government policy and market. Also, to ensure the management system operated effectively, Walsin Lihwa will review our intellectual property management and improve the management system through TIPS verification, in case of potential risk and IP related dispute.

Annual implementation status and achievement

• • IP Management Targets and Implementation Status

  No.	IP Management Targets	Implementation Status
  1	Protection of internal R&D results: The company plans to file 7 new patent applications by the end of 2025	14 patent applications have been filed this year
  2	Establish an industry-academia cooperation case management platform	Basic platform construction completed, process setup and optimization ongoing
  3	Report the implementation status of intellectual property management to the board at least once and update the annual implementation status of the intellectual property management system on the company website at least once	Reported to the board on 11/7 and updated the annual implementation status on the company website on 11/21
  4	Conduct at least one trade secret and confidentiality obligation training for all employees	Training has been made available online via Walsin Academy
  5	Inventory confidential documents at least once	Annual confidential document inventory completed in Q3
  6	Hold at least one intellectual property and TIPS system training for all employees	Training has been made available online via Walsin Academy
  7	Optimize IP Database	Integrated group companies’ intellectual property data into the unified Walsin IP Database, and established a sub-platform (IP Database-Steel) for the stainless steel business group, further integrating FTO analysis reports and other information

  • Achievements of Intellectual Property acquisition
  • This year, the company obtained 4 patents granted and filed 14 patent applications. As of October 16, 2025, the company holds 40 valid granted patents (27 invention, 8 utility model, 5 design), and has 39 pending applications (34 invention, 4 utility model, 1 design). There are 197 registered trademarks and 14 pending trademark applications. The overall intellectual property layout is shown in the following diagrams.
    
  • Advantages and contribution of IP to cooperation operation
    1. Enhancement of IP protection: Continuing implementing IP knowledges to employees with IPR and Confidentiality related training session and providing assistance of suitable equipment and measures such as document leveling management to raising confidential awareness while executing works.
    2. Global operation layout: Aligning with the group internationalization strategy, integrating technology and brand layout, and achieving high-value products and services.
    3. R&D process improvement: Strengthen the R&D project-oriented R&D process and provide a reasonable reward system to increase the willingness of R&D employee for invention and patent application, so as to increase the company’s R&D and intellectual property capabilities.
    4. Corporate governance transparency: Disclose the implementation status of the intellectual property management plan on Walsin Lihwa official website to demonstrate the effectiveness of intellectual property management.

• • TIPS verification
  • In 2023, our company applied for and passed the Taiwan Intellectual Property Management System (TIPS) A-level re-certification, with the certificate valid until December 31, 2025. In 2025, we again applied for TIPS A-level re-certification and received the review result on November 10, 2025, with a recommendation for “approval.”

• • Potential IP risk type and Countermeasures
  • To ensure the R&D achievement and the corresponding rights are protected, preserve its economic values and prevent the IP right infringement, the IP risk type and countermeasures are listed below:

    IP risk type	Countermeasures
    Patent	• Patent risk evaluation in R&D process • Encourage R&D employee to propose patent application
    Trademark	• Strengthen control power of trademark application, maintenance and usage
    Confidential information management	• Strengthen and implement IP training for employee • Improve confidential mark usage • Attention for reviewing contract with external vendors

Prospects for Intellectual Property Management

Looking ahead, Walsin Lihwa regards the intellectual property management system as a core strategy for sustainable business operations, actively stimulating internal R&D and protecting technological achievements. By integrating Industry 4.0, we continuously optimize manufacturing processes, promote product innovation, upgrading, and smart manufacturing, and achieve high-value transformation. The company not only values effective intellectual property management but also closely integrates it with environmental sustainability, social responsibility, and corporate governance. Through transparent information disclosure, we strengthen trust with financial institutions, investors, and customers, enabling stakeholders to fully understand the company’s concrete actions in technological innovation, environmental protection, and social care. Walsin Lihwa is committed to energy conservation and carbon reduction, promoting green R&D, actively developing products and technologies that contribute to environmental sustainability, and aims for environmental friendliness and social contribution, implementing corporate governance and sustainable development, and ultimately achieving long-term stable growth and shared prosperity with society.

In response to the increasingly severe cybersecurity threats, Walsin has implemented high-standard cybersecurity defense in depth based on the NIST CSF and CISA ZTA frameworks. This approach effectively identifies the information security risks faced by the enterprise and promptly applies effective control measures to reduce information security risks.

Walsin will continue to optimize cybersecurity protection by introducing an integrated cloud and on-premises security management framework, gradually transitioning information systems and backup mechanisms to the cloud. This will enhance operational efficiency and the level of cybersecurity, supporting the realization of the “net-zero carbon emissions” goal.

1. Risk management framework for information and communications security

To build a “digitally sustainable” information system architecture and promote the corporate goal of “digital transformation,” Walsin Lihwa has promoted an information security strategy plan centered on “strengthening information security resilience” by establishing an overall information security protection platform, perfecting information security technical protection measures, demonstrating proactive defense capabilities, and laying the foundation for digital sustainability.

• Dedicated Information Security Organization: Walsin Lihwa has established a dedicated information security organization and, in 2022, appointed a Chief Information Security Officer (CISO), an information security manager, and two or more dedicated information security personnel. The division is responsible for formulating information security policies, planning, coordinating and implementing information security protection measures, performing information security risk assessment and management, developing a complete information security plan, and promoting information security management and solutions year by year.
• Participation of Senor Executives: The Company has established the IT Steering Committee, which is the information security management and decision-making body for the head office and business units, and is responsible for reviewing and deciding on matters related to information security management. There are also several members on the Board of Directors with backgrounds in information security in the Audit Committee to supervise and review the promotion of information security policies.
• Implementation of Information Security Management: In 2022, Walsin Lihwa implemented ISO 27001 Information Security Management System (ISMS) and obtained certification from a third-party certification body to fully manage its information security through PDCA. In 2024, Walsin successfully obtained the new ISO 27001:2022 certification, further strengthening the security protection of threat intelligence, configuration management, and cloud services. We have built up the confidentiality, integrity, and availability of information security management system of our organizations comprehensively, and strengthened our information security management continuously through different management plans in such aspects as prevention beforehand, monitoring during the event, and response after the event.

2. Information Security Policies and Goals

The goal of information security at Walsin is to maintain the confidentiality, integrity and availability of sensitive information, such as customer data and business information. Therefore, all of our employees, internal and external information service users and third-party outsourced service providers should work together to follow and achieve the following policies and objectives:

• To protect the Company’s confidential information from being accessed, altered, or damaged in an unauthorized way or improperly disclosed, in accordance with various laws and regulations.
• To protect information on the Company’s business activities from unauthorized access or disclosure, and to ensure the accuracy of all business information.
• To establish a complete business continuity plan and information security incident management procedures, to ensure that incidents are responded to, controlled and handled properly, and by conducting regular drills, to ensure the continuous operation of information systems or services.
• To handle and protect personal information and intellectual property rights in a prudent manner in accordance with the relevant domestic and foreign regulations in respect of the Personal Information Protection Act and the intellectual property law.
• To perform regular information security compliance audits to review the implementation of the information security management system.
• All employees shall maintain a high level of information security awareness at all times, and supervisors at all levels shall assume ultimate responsibility for information security supervision, management and 159 training, to achieve the goal of reducing the risk of information use through various activities, such as management review, risk assessment, internal audit, education and training, and information security drills.
• All staff of the Company shall follow information security policies, management practices and standard procedures, and violations of information security policies and related regulations shall be handled in accordance with relevant laws and regulations or the Company’s regulations.

3. Construction of the resilience of corporate information security and implementation of information security management

• We have drafted information security plan to promote information security policy year by year, to introduce information security system and process specification, and to continuously establish complete information security technical protection measures.
• The specific management plan will be gradually achieved in five stages, “Internal and External Segregation”, “Physical Fitness”, “Insight”, “Smart Security”, and “Behavior Analysis”, with four components, “IT Governance”, “Data and Device Protection”, “Network and System Control”, and “Boundary Defense”.
• The specific management plans:
  1. Planning and establishing data protection mechanisms to reduce risk of leaking confidential information.
  2. Continuously introducing advanced information security solutions to effectively protect and manage system, host and network behavior.
  3. Strengthening external information service protection to enhance the ability to block hacker attacks.
  4. Regularly organizing educational training to promote new information security knowledge and to raise employees’ awareness of information security.
  5. Regularly conducting disaster preparedness drills for important systems, so that in the event of a disaster, operations may be quickly resumed to ensure the company’s operational sustainability.
  6. Improving the protection capability of endpoints, servers and network devices by introducing Endpoint Detection and Response (EDR).
  7. Introduction of information security monitoring mechanisms (SOC) to establish effective real-time incident handling and response capabilities.
  8. Walsin Lihwa introduced the ISO 27001 Information Security Management System (ISMS) in 2022 and obtained certification from a third-party verification institution, thereby implementing information security management with PDCA. We have comprehensively built the confidentiality, integrity, and availability of the organization’s information security management system, and according to different management planning in the aspects of prevention, monitoring, and response, in order to assist the enterprise in continuously strengthening information security management.
  9. Strengthening cloud information security management and achieving ESG digital sustainability purposes through ZeroTrust.
  10. Introduce AI automation technology to assist in information security detection and protection.
  11. Conduct information security vulnerability analysis and proactively implement protective measures.
  12. Formulate the “Information Operation Outsourcing Management Measures” and the “Walsin Lihwa Information Security Standards” to clearly define the standards that information suppliers must follow, and to specify information security commitments and audit rights in contracts.

4. Investment in cyber security management resources

The corresponding information security management issues and the resources to be invested are summarized as follows:

• Major issue: “Information Security Management” was included as one of the “Major Issues” in the Company’s sustainability report for 2024.
• Dedicated organization: A dedicated information security organization, “Information Security and System Operation & Maintenance Division,” was established and a Chief Information Security Officer (CISO), an information security manager, and two or more dedicated information security personnel were appointed, responsible for drafting and amending information security policies, as well as planning, coordinating, and executing information security protection measures.
• Management review: The IT Steering Committee holds at least one management review meeting annually to audit the information security policy and its implementation and execution, in order to ensure the effectiveness and appropriateness of the standardized information security policy in compliance with relevant laws and the requirements of competent authorities.
• Information security certification: We pass the ISO27001 Information Security Management System (ISMS) certification annually, while there are no significant deficiencies in our related information security audits.
• Stakeholder issues: In 2024, no major cyber security incidents or confidential information leakage occurred, nor did any other event cause losses to the Company and its customers.
• Advocacy and training: The Company continues promoting a month-long information security awareness campaign annually, as well as implementing mandatory information security education training courses for all employees. In 2024, the number of participants exceeded 2,500. In 2024, 12 email social engineering drills were conducted, with more than 2,500 participants, and colleagues who failed the social engineering drills were required to participate in online information security courses and complete the test. Walsin is committed to implementing and executing cybersecurity incident reporting management and drills.
• Information security regulations: In addition to revising all information security regulations in 2022, three and 13 information security regulations were revised in 2023 and 2024 respectively to comply with domestic and international legal requirements and respond to changes in the external environment.
• Information security testing: Four third-party information security risk testing operations were conducted in 2024.

In 2024, no major cyber security incidents or confidential information leakage occurred, nor did any other event cause losses to the Company and its customers.

ISO 27001 Information Security Management System

Business Continuity Management Policy

The Procedures for Handling Material Inside Information and Prevention of Insider Trading of Walsin Lihwa are adopted to establish sound mechanisms for the handling and disclosure of material inside information to prevent improper information disclosures, ensure the consistency and accuracy of information released by the Company to the public, and prevent insider trading.
Moreover, to strengthen stock trading control measures, the Company may amend the Procedures for Handling Material Inside Information and Prevention of Insider Trading based on its Corporate Governance Best Practice Principle. The 2023 implementation status is tabulated as below.

Walsin Lihwa has been promoting relevant laws and regulations against insider trading to its board of directors and executives above managers every year.

Implementation of Internal Promotion in 2023 (online and offline courses totaling 1 hours)

Supply Chain Policy

Walsin Lihwa’s “Supplier Management Measures”, “Supplier Social Responsibility Performance Appraisal Principles”, and “Sustainable Procurement Management Measures” ensure suppliers meet quality, cost, timely delivery, and service quality requirements. There are also written evaluations and field inspections to ensure suppliers’ social responsibility commitment in terms of environmental protection and human rights to promote supply chain sustainability development.

In order to implement supplier management effectively and create a sustainable supply chain, Walsin developed short-, medium-, and long-term targets based on three major aspects as shown above, and identified key suppliers based on the “Supplier Management Measures” formulated by Walsin Lihwa, examines factors such as procurement value, importance, influence, uniqueness, and strategic cooperation. In the meantime, through the exchange of various information and practical operations, we continue the promotion, expand the scope and depth of sustainable management policy and resilient supply chain, and promote towards common values and goals.

Key Supplier Identification

To implement effective supplier management, during the identification of key suppliers Walsin Lihwa takes into account considerations such as important raw materials, materials, assets and equipment, project contracting, waste treatment, and outsourcing; in accordance with the “Supplier Management Measures” formulated by Walsin Lihwa, the Company also examines factors such as procurement value, importance, influence, uniqueness, and strategic cooperation when selecting key suppliers. Out of a total of 5,413 suppliers ^{Note 1} , 503 have been selected as key suppliers ^{Note 2} , which account for 64.92% of total procurement value. These key suppliers are also the targets for the promotion of supply chain resilience and strengthening supplier corporate social responsibility.

Note 1: Suppliers are defined as companies that are documented, paid, and managed in accordance with the procurement process and have records of goods received in the current year, excluding duplicate suppliers within affiliated entities and different factory locations.
Note 2: Includes suppliers of the Taipei Head Office, Wire and Cable Business Group (Hsinchuang Plant, Yangmei Plant, Shanghai Walsin), Stainless Steel Business Group (Yenshui Plant, Taichung Plant, Yantai Walsin, Changshu Walsin, Jiangyin Walsin (Specialty Alloy Materials), Real Estate Business Group, Walsin Precision, and European stainless steel suppliers. If excludes the European stainless steel suppliers, out of a total of 4,083 suppliers, 139 have been selected as key suppliers, which account for 60.19% of total procurement value.

Implementation of Supply Chain Management

Supplier’s Undertaking
Sustainable Raw Materials Policy

Prohibited Use of Conflict Minerals

To enforce the policy of prohibiting the use of conflict minerals, we require suppliers to voluntarily disclose the sources of their minerals, to ensure that their procurement does not originate from conflict-affected or high-risk areas and complies with customer and regulatory requirements. And the priority is given to sourcing from qualified facilities validated by the Responsible Minerals Initiative (RMI), or due diligence is conducted using RMI’s reporting templates—the Conflict Minerals Reporting Template (CMRT), the Extended Minerals Reporting Template (EMRT), and the Additional Minerals Reporting Template (AMRT), to eliminate the possibility of using conflict minerals.

RMI Facilities Lists：https://www.responsiblemineralsinitiative.org/facilities-lists/
CMRT：https://www.responsiblemineralsinitiative.org/reporting-templates/cmrt/
EMRT：https://www.responsiblemineralsinitiative.org/reporting-templates/emrt/
AMRT：https://www.responsiblemineralsinitiative.org/reporting-templates/amrt/

Suppliers’ Commitment to Sustainability and Self-Assessment

To enhance suppliers’ awareness of and commitment to sustainable development, suppliers of the Taiwan and Mainland China plants are required to sign the “Supplier’s Undertaking” and ensure that they comply with related management regulations, and suppliers would evaluate their own management status and fill in the “CSR sustainability self-assessment form”. The assessment items include economic, social, and environmental aspects. The sustainability management of suppliers is analyzed based on the assessment results, Walsin will give priority to those with better ESG performance for transactions; however, if the assessment is a “high-risk supplier”, Walsin’s safety and environmental unit will conduct on-site review and counselling in the following year of the assessment.

Suppliers are also required to improve their deficiencies within the stipulated time to meet the minimum ESG requirements.

If there is no improvement, the procurement ratio will be gradually reduced depending on the situation or they will be included as unqualified suppliers. Once listed as unqualified suppliers, they will no longer be eligible Sign a contract to make a deal.

For more information, please visit the sustainability website: https://esg.walsin.com/en

Walsin Lihwa Corporation attaches great importance to the rights and interests of customers, consumers, employees, suppliers, shareholders, and all other parties engaging with the Company. Throughout its operations, the Company complies with applicable laws and follows internal management regulations to safeguard stakeholder rights in areas such as product health and safety, advertising and labeling, supplier management, personal data protection, and complaint handling. Through clear communication and grievance channels, the Company ensures that stakeholders receive timely responses and appropriate protection.

Unified Complaint and Contact Channel
The Company has established a unified contact and complaint mailbox: opinion@walsin.com, which is used for Personal Data–related complaints as well as consumer and client feedback. All submissions are accepted, investigated, responded to, and recorded in accordance with the Company’s established procedures and applicable regulations.

Personal Data Protection

The Company collects, processes, and uses Personal Data in accordance with applicable laws and its Personal Data Protection Management Regulation, and adopts necessary administrative and security measures to safeguard the rights of Data Subjects.

• 1. Scope of Application
     This mechanism applies to the Company and its subsidiaries, branches, and plants; all employees and temporary personnel; customers, investors, shareholders, vendors engaging with the Company; and organizations or individuals entrusting the Company to process Personal Data.
  2. Responsible Units
     Corporate Governance, Human Resources, Information Technology, and Audit Units carry out Personal Data management according to their responsibilities, including system planning, data maintenance, information security protection, and audit tracking.
  3. Personal Data Management and Protection Measures
     The Company conducts Personal Data inventory, access control, data retention and maintenance, and information security protection in accordance with laws and internal regulations, and provides required notifications to Data Subjects before data use.
  4. Rights of Data Subjects
     Data Subjects may request inquiry, access, duplication, supplementation or correction, cessation of use, or deletion of their Personal Data. The Company will process such requests in accordance with established procedures.
  5. Personal Data Incident Handling
     The Company maintains reporting and response mechanisms for Personal Data incidents. In the event of unauthorized access, leakage, or other abnormalities, relevant units shall promptly investigate, report, and take necessary actions in accordance with procedure.
  6. Personal Data Education and Training
     The Company conducts regular Personal Data protection training and maintains relevant records.
     2025 Training Outcomes

  Indicator	Result
  Number of participants	427 persons
  Total training hours	192 hours
  Completion rate	100%

Consumer and Client Rights Protection

The Company adheres to the Corporate Consumer and Client Service Management Policy and Complaint Handling Procedures to protect the rights of consumers and clients, including product health and safety, the accuracy of marketing and labeling information, supplier management requirements, and the protection of customer and consumer Personal Data.

• 1. Product Health and Safety
     The Company complies with health and safety requirements in product design, manufacturing, packaging, transportation, and sales. When products may pose health or safety risks, the Company will provide notifications or execute recalls in accordance with competent authority regulations.
  2. Advertising, Marketing, and Labeling
     Marketing, advertising, and product labeling must be truthful, clear, and compliant with relevant laws. The Company follows internal review procedures and legal requirements before publication.
  3. Supplier Management
     During supplier selection, the Company performs reviews in accordance with internal guidelines and requires suppliers to comply with applicable standards and commitments to ensure responsible and high-quality cooperation.
  4. Protection of Client and Consumer Personal Data
     The Company manages customer and consumer Personal Data in accordance with its Personal Data Protection Management Regulation, applying the same standards used for Company Personal Data protection.
  5. Complaint Handling Process
     Upon receiving inquiries or complaints from consumers or clients, the Company conducts acceptance, investigation, handling, and response in accordance with established procedures and applicable laws, ensuring fairness and objectivity. The identity and Personal Data of complainants shall not be disclosed without consent.
     If an investigation confirms a violation or suspected illegal act, the case will be referred to the relevant units for disciplinary action or legal accountability in accordance with applicable regulations.
     All complaint records—including acceptance, investigation, and results—must be maintained in written or electronic form for five years. If litigation or arbitration arises during the retention period, the records shall be preserved until the conclusion of legal proceedings.
     Complaint cases are handled as confidential files and managed as dedicated cases. The Audit Unit supervises relevant departments to ensure timely corrective actions and will provide a response or progress update within 30 days of receipt.

  
  
  FILE:
  Walsin Personal Data Protection Management Regulation
  Corporate Consumer and Client Service Management Policy and Complaint Handling Procedures