To ensure steady operation and sustainable development, the Risk Management Policy and Procedures were stipulated by the Board of Directors on February 27, 2020 based on the Regulations Governing Establishment of Internal Control Systems by Public Companies promulgated by the Financial Supervisory Commission. The Procedures stipulate the Board of Directors, Audit Committee, Auditing Office, President and President’s Office, individual risk management units, and subsidiaries shall together participate in, promote, and implement relevant risk management measures.
Risk Management Organization Structure and Risk Management Categories
The year 2020 witnessed the beginning of the status on risk management reported to the board of directors every year.
The 2023 status was reported to the board of directors on November 3, 2023, and the report details are tabulated as below.
Risk Management Status Report in 2023
The 2022 status was reported to the board of directors on November 4, 2022, and the report details are tabulated as below.
Risk Management Status Report in 2022
The 2021 status was reported to the board of directors on January 11, 2022, and the report details are tabulated as below.
Risk Management Status Report in 2021
The 2020 status was reported to the board of directors on January 22, 2021, and the report details are tabulated as below.
Risk Management Status Report in 2020
TIPS Implementation Status in 2023
Walsin Lihwa implemented the Taiwan Intellectual Property Right Management System (TIPS) to Yenshui plant and headquarter in 2020 and Hsinchuang plant is then joined in 2021. In 2023, the Procurement center is fully covered in TIPS as organization modification for internal control system improvement. Walsin Lihwa kept promoting and executing the TIPS in 2023. The intellectual property right management policies and the targets are planned according to the TIPS regulation 5.2 and 5.3. The implementation status and annual plan are reported at a board meeting on November 3, 2023.
Intellectual Property Management Plan
-
- Intellectual Property Management Measure
- Walsin Lihwa have made an inventory of patents, trademarks and trade secrets and new regulations regarding invention encouragement, annual IP related training, trademark management process and contract review as a results of TIPS implementation since 2020.
Management processes of IP risk assessment, proposal review of IP right application, IP right protection evaluation, Infringement handling procedure and attentions for the outsourcing of intellectual property affairs are regulated as intellectual property management measure. Furthermore, Walsin Lihwa established management system, regulation, and reward measures for trade secret this year and scheduled to be executed in 2024 for the purpose of fully Intellectual Property rights protection.
In the future, Walsin Lihwa will review the intellectual property right management policies and adjust targets and intellectual property management regulations annually in accordance with operation strategy and the changes in government policy and market. Also, to ensure the management system operated effectively, Walsin Lihwa will review our intellectual property management and improve the management system through TIPS verification, in case of potential risk and IP related dispute.
Annual implementation status and achievement
-
- IP Management Targets and Implementation Status
No. |
IP Management Targets |
Implementation Status |
1 |
7 patent applications filed before end of 2023 |
13patent applications are filed before October, 2023 |
2 |
Promoting integration of R&D process and patent application process |
Promotion with online training for employees to connect R&D process to patent application process during daily work. |
3 |
To organize training sessions to all employee with topics of intellectual property and TIPS |
Online training sessions of intellectual property and TIPS were provided to all employee at 1st, June. |
4 |
To organize training sessions to all employee with topics of trade secret and confidentiality |
Online training sessions of trade secret and confidentiality were provided to all employee at 1st, June. |
5 |
Made an inventory of confidential documents and trade secrets management |
The confidential documents was reviewed during 17th to 19th , July |
6 |
Trade secret management process and regulation establishment |
Registration system is established at 5th, July with continuous test and improvement. Regulation and reward measures are confirmed in yearly IP management review meeting and executed thereafter. |
7 |
Report the execution status of TIPS to the board of directors and disclose it on Walsin official website |
The execution status of TIPS was reported to the board of directors at 3rd , November and it will be disclosed on Walsin official website before end of November. |
- Achievements of Intellectual Property acquisition
- In 2023, 3 patents are granted. Walsin Lihwa have file 13 global patents based on 5 R&D proposals. As of September 30th, Walsin Lihwa have 24 granted patents, including 16 invention, 7 utility model and 1 design; 29 pending patent applications, including 27 invention and 2 design; 160 registered trademarks. The global IP layout is as following figure.
- Advantages and contribution of IP to cooperation operation
- Execution of IP protection and document hierarchical management:Organize training sessions of topics of intellectual property, TIPS, trade secret and confidentiality to improve confidential information protection during employee business execution process.
- Trademark right and brand image protection:Refine management process of trademark and patent and perform the IP management work.
- R&D process improvement:Strengthen the R&D project-oriented R&D process and provide a reasonable reward system to increase the willingness of R&D employee for invention and patent application, so as to increase the company’s R&D and intellectual property capabilities.
- Disclose the intellectual property management plan implementation status on Walsin Lihwa official website.
-
- Walsin Lihwa passed TIPS Level A verification and the TIPS Level A certificate is valid through December 31, 2023. On August 30th 2023, Walsin Lihwa applied for renewal of TIPS Level A verification and received notice of results which is “Pass, recommended”. The official results will be granted by the Industrial Development Administration and announced on TIPS website around 29th December. The ceremony of TIPS verification will be held on January 22th, 2024. The renewed TIPS Level A verification is valid through December 31, 2025.
-
- Potential IP risk type and Countermeasures
- To ensure the R&D achievement and the corresponding rights are protected, preserve its economic values and prevent the IP right infringement, the IP risk type and countermeasures are listed below:
IP risk type |
Countermeasures |
Patent |
• Patent risk evaluation in R&D process
• Encourage R&D employee to propose patent application
|
Trademark |
• Strengthen control power of trademark application, maintenance and usage |
Confidential information management |
• Strengthen and implement IP training for employee
• Improve confidential mark usage
• Attention for reviewing contract with external vendors
|
Prospects for Intellectual Property Management
Looking forward to the future, Walsin Lihwa expects to encourage internal R&D energy, protect technology and R&D results by establishing a complete intellectual property management system. With Industry 4.0 implementation, process is gradually optimized, product innovation is promoted and upgraded, thus leads smart manufacturing and the high-value transformation strategy is realized. Furthermore, obtain the trust of financial institutions and investors by disclosing the energy of intellectual property. With complete information, customers and investors would correctly evaluate the true value and competitiveness of Walsin Lihwa. Based on Industry 4.0, stick to energy conservation and environmental protection and invent product and technology for environmental sustainability. Realize environmental friendly and society caring achievement and which meets the purpose of sustainable company operation.
Information Security Management Structure Implementation
- To strengthen information security management for company transformation, Walsin Lihwa established its Big Data and Cyber Security Division for information security policy development, planning, coordination, implementation of information security protection, information security risk assessment and management, comprehensive information security planning, and information security management solution development year by year.
- Pursuant to its Regulations Governing Information Security Organization Management , Walsin Lihwa has established its IT Steering Committee as an information security management and decision-making body for the headquarters and individual business units. The IT Steering Committee has an information security promotion team convened by the Chief Information Security Officer (CISO). Under the CISO, there shall be at least one information security manager and more than two full-time information security specialists to review relevant plans and objectives on a regular basis while planning for, implementing, and monitoring information security compliance.
Information Security Policy
- Objectives of information security: To maintain the confidentiality, completeness, and availability of business information including sensitive information at Walsin Lihwa, all the employees, internal and external information service users, and 3rd-party service contractors are expected to work steadfastly together to achieve the following objectives:
- Comply with relevant laws and regulations to protect company confidential information; prevent unauthorized access, tempering, damage, and/or improper disclosure.
- Protect company business information from unauthorized access or disclosure to ensure the correctness of every category of business information
- Set up comprehensive business continuity planning and procedures for effective management of information security events to ensure such events are properly responded, controlled, and processed, and conduct scenario drills on a regular basis to ensure ongoing operation of IT systems and information services in case of any information security events.
- Cautiously handle and protect personal information and intellectual property rights pursuant to relevant domestic and overseas requirements.
- Review the status of compliance with information security requirements to ensure effective information security management.
- Enhance employees’ awareness of information security and reduce the risks associated with how information is used through management review, risk appraisal. internal auditing, education and training, and information security drills.
- Require all the employees to strengthen compliance with the Information Security Policy as well as relevant regulations and SOPs.
Specific Program for Information Security Management
- Develop information security plans for information security policy implementation year by year, bring in information security systems and workflow standards, and continue making information security technologies and relevant protection measures more complete.
- The specific management program has 5 objectives, separation of intranet from extranet, multi-layered security defense, identification of security loopholes or other potential risks by log analysis and security inspection, smart security protection, and behavior analysis by log and big data analysis at the security operation center, which can be achieved step by step through 4 approaches, IT governance, data and equipment protection, network and system control, and boundary defense.
- The specific management program includes:
- Information protection mechanism planning and implementation to decrease confidential information leakage risks.
- Continue bringing in advanced information solutions to enable effective system, host, and network behavior management and protection.
- Reinforcement of protection of external information service to effectively block hacker attacks.
- Focus on important systems to conduct disaster backup drills on a regular basis to rapidly resume operation in case of any disasters.
- Evaluate and improve endpoint, server, and network equipment protection, and engage 3rd party professional services such as the information security inspection and diagnosis provided by the Industrial Development Bureau, Ministry of Economic Affairs.
- Implementation of endpoint detection and response (EDR) to strengthen endpoint, server, and network equipment protection.
- Security operation center (SOC) implementation to enable effective and timely responsiveness to security issues.
- Walsin Lihwa’s ISO 27001 Information Security Management System implementation in 2022 obtained 3rd-party certification. The Company is committed to the PDCA cycle for effective information security management, and a comprehensive information security management system is in place to ensure the confidentiality, integrity, and availability of all the company data and keep strengthening information security management by effective prevention, monitoring, and responsiveness throughout any information security event.
- Reinforcement of cloud information security management through Zero Trust to help achieve digital and ESG sustainability.
Resources for information and communication security management
Resources and plans for information and communication security management issues:
- Material issue: Inclusion of information security management into one of the material issues in the company’s 2023 sustainability report.
- Dedicated organization: The Information Security and System Maintenance Division with a chief information security officer (CISO), an information security manager, and more than two dedicated information security personnels responsible for information security policy planning and development, as well as coordination for and implementation of information security protection,
- Management review: At least one management meeting convened by IT supervisors every year for information security policy and implementation effectiveness review to ensure information security standardization, policy effectiveness and appropriateness, as well as compliance with relevant laws and regulations and competent authorities’ requirements.
- Information security certification: Certified by the ISO 27001 Information Security Management System (ISMS) every year with no major deficiency identified by information security auditing.
- Related party issue: No major information and communication security issue, no. confidential information leakage, and no relevant damage to the company and its customer in 2023.
- Promotion and training: An ongoing information security month at the company every year, mandatory information security education and training throughout the company with more than 2,500 attendances in 2023, implementation of 2 email social engineering drills with more than 5,000 attendances in 2023, and an online information security course and test required for those who failed the drills.
- Information security regulations: Amendment to the company’s all information security regulations in 2022 and further amendments to 3 of the company’s information security regulations in 2023 to comply with domestic and foreign regulatory requirements and respond to external changes.
ISO 27001 Information Security Management System
The Procedures for Handling Material Inside Information and Prevention of Insider Trading of Walsin Lihwa are adopted to establish sound mechanisms for the handling and disclosure of material inside information to prevent improper information disclosures, ensure the consistency and accuracy of information released by the Company to the public, and prevent insider trading.
Moreover, to strengthen stock trading control measures, the Company may amend the Procedures for Handling Material Inside Information and Prevention of Insider Trading based on its Corporate Governance Best Practice Principle. The 2023 implementation status is tabulated as below.
Period |
Board Meeting Date and Public Announcement Date |
Closed Period |
Prevention Measures Implemented |
Note |
2023 Q1 Financial Reports |
2023/5/5 |
2023/4/20-2023/5/5 |
Relevant insiders including but not limited to directors of the board emailed in advance by the Corporate Governance Director that they shall not purchase or sell, in their own names or in the name of any other person, shares of the Company that are listed on an exchange or an over-the-counter market, or any other equity-type security of the Company during the closed period.
|
Also In compliance with Article 157-1 of the Securities and Exchange regarding prohibition of such purchasing or selling within 18 hours after public disclosure of material information. |
2023 Q2 Financial Reports |
2023/8/11 |
2023/7/27-2023/8/11 |
2023 Q3 Financial Reports |
2023/11/3 |
2023/10/19-2023/11/3 |
Walsin Lihwa has been promoting relevant laws and regulations against insider trading to its board of directors and executives above managers every year.
Implementation of Internal Promotion in 2023 (online and offline courses totaling 1 hours)
Object |
Course |
Number of Attendees |
All employees |
Promotion of insider trading prevention |
1,257 |
All employees |
Ethical management |
1,353 |
Directors of the board and managerial officers |
Insider trading prevention: Relevant laws and regulations on material information and equity changes as well as other matters to note |
13 |
Newly appointed directors of the board and managerial officers |
Securities market regulations to note |
8 |
Supply Chain Policy
In order to implement supplier management effectively and create a sustainable supply chain, Walsin developed short-, medium-, and long-term targets based on three major aspects as shown above, and identified key suppliers based on the “CSR sustainability self-assessment form”. In the meantime, through the exchange of various information and practical operations, we continue the promotion, expand the scope and depth of sustainable management policy and resilient supply chain, and promote towards common values and goals.
Key Supplier Identification
To implement effective supplier management, we identified 156* key suppliers from total of 3,619 suppliers based on important raw materials, equipment and construction contracts, and waste disposal projects according to the principles of procurement amount, importance, influence, and uniqueness. The 156 key suppliers amount to 63.09% of the total procurement value and are also the objects of promotion of supply chain resilience to strengthen supplier corporate social responsibilities.
Note 1: Suppliers that are documented, paid, and managed in accordance with the procurement process and have substantial receipt amounts in the current year will only be included in the amount of suppliers with receipt records in the current year, and the number of merged related parties and duplication between factories will be deducted.
Note 2: Included Head Office, Wire and Cable Business ( Hsinchung plant, Yangmei plant, Shanghai Walsin), Stainless Steel Business ( Yenshui plant, Taichung plant, Yantai Walsin, Changshu Walsin, Jiangyin Walsin (Specialty Alloy Materials), Jiangyin Walsin (Steel Cable)), Real Estate Business and Walsin Precision suppliers.
Supplier’s Undertaking about their Commitment to Social Responsibility
Supplier’s Undertaking
Suppliers’ Commitment to Sustainability and Self-Assessment
To strengthen and implement sustainability of supplier management, suppliers must fill out the “Supplier’s Undertaking” to enhance supplier awareness, and suppliers would evaluate their own management status and fill in the “CSR sustainability self-assessment form“. The assessment items include economic, social, and environmental aspects. The sustainability management of suppliers is analyzed based on the assessment results, Walsin will give priority to those with better ESG performance for transactions; however, if the assessment is a “high-risk supplier”, Walsin’s safety and environmental unit will conduct on-site review and counselling in the following year of the assessment.
Suppliers are also required to improve their deficiencies within the stipulated time to meet the minimum ESG requirements.
If there is no improvement, the procurement ratio will be gradually reduced depending on the situation or they will be included as unqualified suppliers. Once listed as unqualified suppliers, they will no longer be eligible Sign a contract to make a deal.
For more information, please visit the sustainability website: https://esg.walsin.com/en