The independent directors of the board serve as the members of the committee which is responsible for the management of financial and internal control risks.
Corporate Governance and Sustainability Committee
Said committee consists of three directors or more, a majority of whom shall be independent directors. It is responsible for the management of sustainability, legal compliance, and information security risks.
Interest and exchange rate risk management and control: The Finance and Management Center has established a dedicated department which closely monitors market trends. Dynamic management is carried out through adjustment of receivable/payable positions and various financial instruments. All management principles conform to internal control regulations. In addition, the latest status is reported face-to-face to supervisors on a weekly basis and follow-up action is taken in response to the latest market conditions upon discussions.
Endorsements, guarantees, and lending of funds: Approval by the Auditing Committee and Board of Directors:
Proposal on annual lending of funds and provision of endorsements and guarantees (March 17, 2020)
Lending of Funds to MTV Corporation (July 2, 2020)
GTM Lending of Funds to TECO Electric & Machinery Co., Ltd. (TNL) (November 13, 2020)
Internal Control Risk
Annual audit plans: The Audit task force evaluates compliance with relevant laws and regulations and the five components of the COSO internal control framework. It assesses risks at all levels of the Company in the context of the existing organizational framework based on the strategic goals of the Company and past audit experiences. Audit plans for the following year are proposed on this foundation and submitted the Auditing Committee (December 14, 2020) and Board of Directors (December 22, 2020) for approval in the fourth quarter of each year.
Self-assessment of the internal control system: Self-assessments of the internal control system of each business division and key affiliated enterprises are carried out in the fourth quarter of each year. The results of these self-assessments are compiled, organized, and reported to the Auditing Committee (March 13, 2020) and Board of Directors (March 17, 2020) in the first quarter of the following year. These assessments serve as a key reference for reviews of the level of control by the management level of the Company over risks in the internal and external environment and by business divisions over operational risks as well as the effectiveness of internal control design and implementation.
orporate Governance and Sustainability Committee
Implementation of corporate social responsibility goals and policies: The CSR Task Force is comprised of "Representatives of each business department/plant site" and "Safety and Health," "Human Resources," and "Financial Department" staff units and is responsible for the execution of routine matters. TECO’s corporate social responsibility goal and policy implementation status is directly reported to the chairperson on a monthly basis.
Climate related risks and opportunities: Information provided by all members is collected by the CSR task force and compiled into reports which are submitted together with recommendations to the management level, the Chairperson, and the "Corporate Governance and Sustainability Committee".
Reports on the "uncontrollable sustainability risk" and relevant preventive strategies were delivered in the 1st-4th meetings of the "Corporate Governance and Sustainability Committee” (January 13, 2020).
Quality management: Customer satisfaction surveys and analyses are conducted and countermeasures are adopted annually; market service indicators are formulated and monitoring is implemented monthly with regard to closure dates; reinforced cross-plant audits are promoted (February 2020); internal auditing personnel are trained for the quality management system (between June 9 to 19, 2020, 58 trainees received a total of 30 training hours); each business division organized management review meetings in 2020 (October 2020 - January 2021)
Legal compliance risks
Ensure that all applicable laws and executive orders are observed: The Legal Compliance and Legal Affairs Office hires a legal consultant who possesses relevant industry expertise. This consultant informs the management level of relevant laws and regulations on a regular basis and communicates with internal auditors, CPAs, and board directors.
Implementation of ethical corporate management: Education on ethical corporate management and business secrets in quarterly conferences (June 17, 2020); signing of the integrity declaration by all active employees (September 21, 2020, 100% signing rate); completion of Unethical Corporate Management Risk Analysis and Preventive Measure Reports by all departments in 2020 (October 26, 2020)
Education on legal compliance: Organization of legal compliance seminars for affiliated enterprises (September 21, 2020); administration of training: Personal information management (September 28, 2020), Tax Act and money laundering issues crucial for contract signing (November 17, 2020)
Information security risks
Education on information security: Regular organization of information security education courses by the BI Smartification Task Force: These courses cover the prevention of ransomware intrusions (May 6, 2020), education on how to protect against information security issues such as email social engineering (June 18, 2020), caution against email impersonation scams (sender posing as a supervisor of the Company) (October 12, 2020), fake Windows update emails (October 23, 2020), and phishing emails pretending to be from TECO (October 29, 2020)
Guarantee of information security: Carrying out of annual system vulnerability testing, and ERP system remote data backup (March 20, 2020)
The Governance & Sustainability Committee is the highest governing body of the board of directors. Mr. Kao, a TECO board member, concurrently serves as the chairperson of Information Technology Total Services; top management is responsible for the Business Intelligence Task Force of the Business Performance Promotion Office with Special Assistant Vincent Hu as the responsible person.
TECO has adopted and promulgated information and cyber security policies and planned relevant management and reporting policies. Information security has been incorporated into performance appraisals and information security training is administered on an annual basis. In 2020, an external information security was enlisted for a one-hour online training course on IT information security. This course is open to all staff members.
With a view to maintaining the stability and security of IT systems, Information Technology Total Services was commissioned to adopt an ISO system and conduct external penetration testing and vulnerability scanning on an annual basis coupled with internally organized annual business continuity planning.
Contact window: CSR Task Force/Jay LC Huang, Special Assistant, email@example.com