AcBel Polytech Inc. 康舒科技
Environmental, Social and Governance
Integrity & Risk Management
Internal Control and Audit System
In accordance with the “Regulations Governing the Establishment of Internal Control Systems by Public Companies,” AcBel has established an internal control system to serve as the basis for the annual audit plan, strengthening corporate governance, preventing fraud and corruption, and safeguarding the company’s operations and reputation.
Each year, based on the results of risk assessments, the Audit Office formulates an annual internal audit plan, which is submitted to the Board of Directors for approval. The audit is carried out by colleagues who are certified internal auditors (CIA) and covers all of AcBel’s production bases. When control deficiencies or anomalies are identified during the audit, the audited units are required to submit improvement plans. Internal auditors then track the implementation of these plans and prepare follow-up reports for review by the Audit Committee. The head of the audit unit also reports the audit results to the Audit Committee regularly and presents these reports at Board meetings.
In 2023, the certifying accountants issued unqualified opinions on the effectiveness of the design and implementation of internal controls, which were disclosed in the annual report and on the Market Observation Post System. The audit process confirmed that no violations of business ethics or incidents causing operational and reputational damage occurred in 2023. During the year, 57 internal audit reports were completed, and 18 internal control improvement action forms were issued, which included 21 findings of non-compliance with internal control procedures and 12 process optimizations.
All findings were communicated to the relevant operational units, and corrective measures or improvement notifications were issued. The company achieved a 100% completion rate for the annual reports and the dual objectives of tracking improvement progress.
Ethical Business Practices and Regulatory Compliance
Integrity management is the core of corporate governance. AcBel is committed to practicing anti-corruption, anti-competitive behavior, anti-trust, and anti-monopoly actions. By establishing a corporate culture and values of integrity and implementing them in daily internal management operations, AcBel explicitly requires directors, managers, employees, and business partners to adhere to prohibitions against bribery and accepting bribes, providing illegal political contributions, improper charitable donations or sponsorships, offering or accepting unreasonable gifts, infringing intellectual property rights, and engaging in unfair competition. This ensures the effectiveness of the company’s integrity management and upholds the reputation of the enterprise. The Corporate Sustainable Development Office is responsible for compiling the results and reporting to the Board of Directors (at least once a year) on the company's integrity management policies, measures to prevent unethical conduct, and the supervision of their implementation. These reports serve as the basis for future revisions and the formulation of strategic guidelines.
Regulatory Compliance Status
Aligned with the company’s internal control system, the Audit Office is responsible for regularly checking for any violations of integrity management to prevent legal risks and negative impacts associated with antitrust and unfair competition regulations. In 2023, the audit plan and risk assessment covered 5 out of the company’s 8 operational sites, representing 62.5%.
The Audit Office is also the primary responsible unit for handling reports of violations of business ethics, establishing external reporting channels for internal and external stakeholders such as employees, customers, and suppliers. Suspected illegal activities can be reported anonymously or non-anonymously via the reporting mailbox. Upon receipt, the Audit Office initiates an investigation process and submits the investigation report to senior management, who decide on the final disposition method. If improvements to the management system are involved, the responsible unit must submit a plan and follow up on its implementation.
To prevent retaliation against whistleblowers, all cases are assigned to a dedicated audit department and personnel who handle investigations and processing under confidentiality principles. Furthermore, if an event of business ethics violation is confirmed, the disposition method is only implemented after obtaining personal consent from the involved parties. If the parties are dissatisfied with the handling result, they can file an appeal through the company’s formal complaint channels to ensure their rights are not infringed.
Risk Assessment and Management
To achieve the goal of minimizing avoidable risks, costs, and damages, AcBel has established a comprehensive risk management organization and system using an integrated Enterprise Risk Management (ERM) framework. This enhances the company’s operational resilience.
Based on the risk matrix, each responsible unit develops feasible response strategies and regularly reviews and adjusts these risk plans as necessary. By actively monitoring and managing significant risks, the company aims to keep potential risks within tolerable limits, eliminate them directly, or leverage the opportunities they present. This approach ensures the rationalization of risk management and operational performance, thereby enhancing the company’s operational effectiveness.
Information Security Management Mechanism
In 2023, AcBel’s headquarters collected the latest information security attack techniques and case studies every month and sent out information security awareness emails to all employees to enhance awareness of information security. Additionally, annual phishing email social engineering exercises are conducted on randomly selected employees. Employees, including new hires and those who did not pass the social engineering exercises, undergo information security training that covers topics such as basic information security awareness, data security, system security, network security, and common attack techniques, to deepen their understanding of information security. In 2023, the company did not experience any significant information breaches or information security attacks.
Emergency Response Mechanism
AcBel has established “Emergency Response Procedures” to ensure that, in the event of natural disasters, fires/explosions, chemical spills, or environmental and safety emergencies, the company can respond appropriately in the shortest possible time, maintaining production operations and preventing negative impacts on the company’s reputation, environment, and personnel safety. In the “Emergency Response Procedures,” emergencies are categorized into four types, and the extent of damage is classified into four levels, with corresponding emergency response processes in place. When an emergency event threatens to disrupt company operations and production, a risk control team will be immediately formed. This team will manage all necessary resources, including manpower and materials, for disaster relief and coordinate external communication. If needed, it will also coordinate production schedules across various factorys to minimize company losses.
