Risk Management Policy and Procedures

The Company has established the “Risk Management Policy and Procedures” in 2021, which was approved by the Board of Directors as the highest guiding principle for risk management of each unit. Risk management should be based on the Company's business strategies and objectives. Given such factors as business growth, risks and rewards, the Company has set risk standards to regularly evaluate and monitor each risk position, establish risk indicators and early warning mechanisms, and simulate future changes as far as possible to provide a basis for management response.
In addition, the following principles must be observed:

1. Clearly consider the uncertainties of ventures and acquire optimal information to devise the best course of action.

2. Allocate and use resources effectively.

3. Keep an eye on trends and changes to stay on top of potential emerging risks.

4. Step up stakeholder communication and trust.

5. Create a risk management culture and raise awareness of risk management.

Organizational Structure

1. The organizational structure is as follows

Board of Directors: is the highest supervisory body for risk management in the Company, responsible for approving the risk management policy, structure and culture
3. Risk Management Group: is the top guiding unit for risk management of the Company, responsible for formulating risk management policies, planning major risk management issues and overseeing the improvement of risk control, and reporting regularly to the Board of Directors at least once a year on the operation of risk management and the effectiveness of its implementation.
4. Operating units: responsible for the actual implementation of each unit's risk plan, including risk identification, risk analysis, risk assessment, risk response and control, and self-monitoring.
5. Audit office: an independent unit under the Board of Directors of the Company, assisting the Board of Directors in overseeing the execution of the risk management mechanism, checking the implementation status of risk response and control of each operating unit, communicating risk information with each operating unit, and collecting and consolidating risk management reports from each operating unit.

Risk Identification and Scope

Risk identification refers to the process of analyzing the Company's operating environment and determining which events are likely to occur and why, based on internal and external environmental variables.
Each of the Company's operating units is required to identify possible sources of risk in its operations, compile past experience to predict possible future risks, categorize and regularly control the identified risks, and report the results of the risk identification.
If a risk event is unexpected, it must be reported immediately in order to avert significant damage to the Company. Risks that may occur include the following:

Aspect	Type of Risk	Risk Description
Governance	Market Risk	Political and Economic: includes the risk of financial or business impact on the Company due to domestic and international political, economic and regulatory requirements. Technology and Industry: includes the risk of financial or business impact on the Company as a result of changes in technology and industry, both domestically and internationally. Financial: includes the risk of financial or operational losses arising from changes in the value of the Company's financial assets or liabilities (including assets and liabilities on and off the statement of financial position) due to fluctuations in market risk factors (interest rates, exchange rates, share prices, commodity prices and electricity prices).
	Operational Risk	Operational: includes risks to the Company arising from changes in operating models, organizational restructuring, over-concentration of sales/purchases, product obsolescence, product and service design and quality management, and management of significant risks in commercial contracts. Financial: includes risks to the Company arising from asset valuation, credit and solvency, liquidity risk and accounting policies. Internal Control: includes risks associated with the internal control of the Company. Intellectual Property: Risks to the Company such as patent application and maintenance, protection of intellectual property rights, etc. Supply Chain: includes risks to the Company arising from issues concerning the quality, price and delivery of suppliers and corporate sustainability. Information Security: includes risks to the Company such as digital information security, general data protection regulations, etc. Public Relations: includes risks to the Company arising from issues pertaining to public relations, such as brand management, corporate image building and maintenance, etc.
	Investment Risk	includes risks to the Company due to over-concentration of investment targets, high risk and high leverage operations, fluctuations in the market price of short-term investments such as derivative transactions and financial management, or the risk of long-term investments in the operation and management of investee companies.
	Market Risk	includes the risk of failure to comply with various legal regulations or the risk of legal infringement of the Company's rights.
Environmental Aspect	Environmental Risk	Disasters: includes risks to operations from natural disasters such as fire, typhoons, heavy rainfall and earthquakes, and global infectious diseases. Pollution Control: includes the risks of compliance with international and local environmental regulations such as air, water, waste, toxic substances, noise and emissions management or EIA requirements. Climate Change: includes risks associated with the management of greenhouse gas emissions, carbon credits and energy in response to climate change related issues.
Social Aspect	Operational Hazard Risks	Disasters: includes risks to operations from natural disasters such as fire, typhoons, heavy rainfall and earthquakes, and global infectious diseases. Pollution Control: includes the risks of compliance with international and local environmental regulations such as air, water, waste, toxic substances, noise and emissions management or EIA requirements. Climate Change: includes risks associated with the management of greenhouse gas emissions, carbon credits and energy in response to climate change related issues.
Social Aspect	Human Resource Risk	Disasters: includes risks to operations from natural disasters such as fire, typhoons, heavy rainfall and earthquakes, and global infectious diseases. Pollution Control: includes the risks of compliance with international and local environmental regulations such as air, water, waste, toxic substances, noise and emissions management or EIA requirements. Climate Change: includes risks associated with the management of greenhouse gas emissions, carbon credits and energy in response to climate change related issues.
Other	Other risks	Risks that do not fall under the above categories but that could result in significant losses to the Company, such as long-term emerging risks, significant external hazards, or tail risks arising from extreme events. In addition, if there are other risks, appropriate risk management procedures should be put in place depending on the characteristics of the risk and the degree of impact.

Operation

The Company actively promotes a risk management mechanism and reports to the Board on its operation on an annual basis. The Company's risk management team reported to the Board on July 26, 2023, including the assessment and identification of the various risks faced by the Company, risk assessment and response measures for the year.

Business Conduct and Ethics

Fitipower regularly reports the results of its operations to the Board of Directors each year, and educates its employees on the “Ethical Corporate Management Best Practice Principles for TWSE/GTSM Listed Companies” and the Procedures for Ethical Management and Guidelines for Conduct,” insider trading regulations and related practices. Starting from October 2020, every new recruit is required to go through an orientation course on the ethical management policy.
Relevant Implementation in 2023:

Course Title	Target Group	Number of Trainees	Total Training Hours
Ethical Corporate Management Best Practice Principles	New Recruits	91	91
Insider Trading Regulations and Case Studies	Directors	4	12
Introduction to Trade Secrets	New Recruits	73	73

Events & Presentations

Talent is the foundation of Fitipower, and Fitipower thrives on talent.

We are ambitious, we are down to earth and innovative, and we meet together to brainstorm, and become a team because we share the same values.

Join Fitipower