This website uses cookies to ensure you get the best experience on our website.
Privacy Statement

Investor Relations

Risk Management
Corporate Governance
Corporate Social Responsibility
Financial Information
Shareholders' Meeting Section
Investor Conference
Information Announcement
Risk Management
Risk Management Organizational Framework

I. Board of Directors:

As the highest supervisory unit of the Company's risk management, it complies with laws and regulations, approves the Company's risk management policies and procedures subject to the overall operating strategy and business environment, authorizes the risk organizational framework, supervises the overall risk management implementation status, and ensures effective risk controls.

II. Audit Committee:

It helps the Board of Directors perform the risk management function, sets up the Risk Management Group and appoints the chief financial officer to serve as the convener. The Risk Management Group conducts the comprehensive assessment on the Company’s operating risk and emerging risk, and reports the operation of risk management to the Audit Committee and Board of Directors regularly (at least once per year).

III. Risk Management Group:

The risk management members shall consist of the chief officers from various departments/units to ensure that the departments/units implement the risk management system precisely. The unit personnel may be assigned to serve as the personnel executing the risk management, working with the related personnel from various departments/units to take charge of implementing and executing the risk management procedures.

IV. Internal Audit Office:

As the Company’s independent unit subordinated to the Board of Directors, it helps the Board of Directors supervise the implementation status of the risk management mechanism, audit various departments’/units’ risk response and control status, and provide the suggestions on improvement of risk controls.

Risk Management Policy and Procedure

The Company’s Board of Directors has passed the “Risk Management Policy and Procedure” in 2025. The Procedure defines various risks in accordance with the Company’s overall business policy, in order to establish the risk management mechanism that may early identify, precisely measure, effectively supervise and strictly control risks and to prevent possible losses within the scope of acceptable risks. Subject to the internal and external environmental changes, the Board of Directors continues to adjust and improve the risk management best practice principles to protect the interests of employees, shareholders, partners and customers, increase the Company’s value and achieve the principles for optimization of the Company’s resource allocation.

Scope of Risk Management
  • Operating risk: The risk that would affect the Company’s normal operation, such as the risk over customers’ interest and right, safety of medical equipment, procurement, supply chain, business secrets and patent/trademark right, talent recruitment and training, etc..
  • Strategic risk: The risk related to business strategies, such as the risk over product development and launch, marketing and market, customer and drug selection.
  • Financial risk: The impact posed on the Company’s business and finance due to overall economic and industrial changes at home and abroad, such as interest rate, foreign exchange rate and credit risks.
  • Compliance risk: The related risk over the laws and regulations which the Company and its partners shall comply with, including the risk over compliance with the requirements about drugs, medical equipment permit, systematic amendments to laws and regulations, terms and conditions of contracts with customers under various countries’ laws and regulations.
  • Information Risk: Refers to the potential for loss or adverse impact to the company during the processing, storage, or transmission of information. Such risks may arise from sources such as hacking attacks, human error, system failures, internal data breaches, or natural disasters.
  • Other risks
Operation of Risk Management

The Company shall report the operation to the Board of Directors at least once per year. Operational Status for the Year 2025 are as follows:

  • The Internal Audit Office prepares the annual audit plan against the Company’s overall business procedures based on the risk assessment results on a yearly basis, and reports to the Audit Committee and Board of Directors the discoveries, suggestions and subsequent correction upon the audit on a quarterly basis. No significant negligence has been found in internal control in various quarters of 2024. The 2024 Statement of Internal Control System declaring the effective internal control has been reviewed and approved by the Audit Committee and Board of Directors on March 14, 2025.
  • The “Risk Management Policy and Procedure” was established and approved by the Audit Committee and the Board of Directors on March 14, 2025.
  • The Company’s Risk Management Group has evaluated various risk factors—such as the likelihood of occurrence and potential impact—and assessed risks relevant to the Company, including operating risk, strategic risks, financial risks, compliance risks, information risks, and other risks. Based on this assessment, the risk management group developed the "2025 Risk Management Operation Plan," which was reported to the Audit Committee and the Board of Directors on April 30, 2025.