Organizational Structure and Rights of Risk Management

In order to promote the sound operation of the company and the sustainable development of the company, Apacer Technology has formulated "risk management policies and procedures". When the company is engaged in operating activities, it carefully examines possible internal and external potential risks from the perspective of sustainable business operations, and implements the risk management mechanism. Operation, improve the efficiency of risk management division of labor, in order to reasonably ensure the achievement of the company's strategic goals.


apacer-esg-sustainable-enterprise-html-img-en.png (45 KB)


Board of Directors

The Board of Directors is the highest decision unit of the company's risk management, which is in charge of approving the risk management policies and related measures, supervising the implementation of the system, and ensuring the effectiveness of the management mechanism.


Sustainable Development Committee

The Sustainable Development Committee of the company is led by the chairman of the Board of Directors.
The Sustainable Development Committee is the implementation and management unit of the risk
management policies, which is responsible for promoting the company's risk management operations.
- Formulate risk management policies and related measures.
- Implement the risk management policies approved by the Board of Directors.
- Review issues related to the company's risk control.
- Supervise the overall implementation and cross-department coordination.
- Focused analysis, prevention, and monitoring of the overall risks or material risk control issues.
- Report to the Board of Directors at least once a year.


Risk Management Team

Risk Management Team:
The team is subordinate to the Sustainable Development Committee and consists of the designated contact persons appointed by the company's centers and direct subordinate divisions, and is responsible for the implementation of risk management operations. The team's responsibilities include the basic risk identification of the company's various operational aspects, the proposal of improvement or response strategies and control plans, and the execution of daily risk management operations.


Risk Management Scope

The Company conducts risk management operations based on the following types of risks:


ESG Types 

Risk Category  



operational risk

Also called business risks, it is related to the impact of uncertain factors on links such as supply, production, and sales in the production and operation
process of an enterprise.


Market risks

Market risks can be divided into interest rate risk, exchange rate risk, stock price risk, raw material price risk, etc.


Environment, safety,
and health risks

Risks of occupational injuries/environmental pollution/public health events (such as the pandemic).


Financial risks

Risks related to the enterprise failing to pay the interest or principal of debt financing in due course, causing the risk of bankruptcy. It is also known as the default risk.


Human resources

Labor-related risks in various aspects, including recruitment, job analysis, career planning, performance evaluation, remuneration management, welfare/incentive, employee training, employee management, etc.


Information security

Risks related to the information assets of the company being attacked by internal and external threats, causing failure in operation and resulting in losses.


Emerging risks

Emerging risks are related to failure in performing risk identification and assessment for new business or new risks, such as climate change risks.


Each member of the risk management team identifies, measures and responds to the risk items seen by the company's internal and external units, and conducts follow-up operations for the identified risk items in response to the actions that need to be improved in order to effectively control the risk within a controllable range.



Operation contents of risk management



Confirming goals

Each unit shall confirm their respective annual goal

Risk identification

Inspect the risks that cause failure in achieving the goals, categorize and describe the risk
sources, then confirm the potential impact

Risk measurement

Establish risk evaluation standards: probability and influence level
Establish risk baseline: establish a risk distribution map by marking the probability (axis of abscissa) and influence level (axis of ordinate) of each risk

Risk response

Focusing on extremely severe and confirmed risk issues: acknowledging whether the existing
control mechanism is capable of controlling the risk, such as formulating countermeasures to
avoid the risk (transfer, accept, exclude, etc.)

Improvement tracking

Continue to track whether the risk can be effectively reduced by the above-mentioned



Risk Management Execution Status

Apacer actively promotes the implementation of the risk management mechanism, The "Risk Management Policies and Procedures" was established on August 4, 2021 and approved by the board of directors.

In October 2021, the original "Corporate Social Responsibility Committee" was adjusted to the "Sustainable Development Committee". In addition to the original ESG implementation team, the "Sustainable Development Committee" added a "Risk Management Team" to be responsible for risk assessment and response and other matters related to operational risk management.


The operation of the risk management team of the company in 2022 is as follows:


Regular meeting held

Quarterly risk management team meetings:

The company conducts risk identification, measurement, response and improvement tracking on the company's overall risk on a quarterly basis. 

High-level executives and members of the risk management team carry out risk identification, measurement, response and improvement tracking on the company's internal operating activities to identify potential risk events that may cause the company's goals to fail to be achieved, cause losses or negative impacts.

And based on the company's strategic goals, the views of internal and external stakeholders, the tolerance of risk impact and available resources, select risk response countermeasures or implement risk mitigation plans, and then the members of the risk management team will continue to monitor in conjunction with relevant personnel of each operating unit. Report to the risk management team in a timely manner and make relevant records.

The company's risk identification includes but is not limited to operational risks, market risks, environmental safety and health risks, financial risks, human resource risks, information security risks, environmental risks, emerging risks (such as climate change risks, etc.) and other operational-related risks.


Report to the board of directors regularly

The risk management team compiles the risk management implementation situation and evaluation report every quarter, which includes the risk assessment results of each aspect, and after explaining the control and supervision procedures for the higher risk aspects, it is regularly submitted to the sustainable development committee to report risk management result to the board of directors.

Last risk management result reported to the Board by the Sustainability Committee was on 14 December 2022.


2022 Corporate Risk Matrix

Based on the principle of materiality and risk classification, the mid and high-level executives and risk management team members identify and measure the internal risks of the company, and compile the risk matrix as follows.


官網更新-2023風險管理.png (221 KB)


Table: Risk management summary table


ESG Type

Risk Type

Key Issues

Problem description
/ Background statement

Possible impact


Responding strategies



Supply Chain Management - Slow-moving Materials

Inaccurate forecast of order demand, resulting in high material inventory and low demand, resulting in slow turnover

Inventory market value loss


Backlog of funds

Risk reduction

  • Reduce long-term undemanding materials
    In addition to purchasing and reselling, additional information is provided for R&D and other units to check whether it can be used as a substitute material to increase commonality
  • Postpone or cancel purchase order/quantity
    According to the estimated quantity of new orders every month, please purchase to postpone the delivery date or cancel unnecessary purchase orders



infor-mation security

Major information security incidents have impacted operations

Leakage of company secrets,  Reputation loss,

The company's operations interrupted

Risk reduction

  • Continuous optimization for information security management and technical aspects
  • Continuing education and training information personnel information security-related skills and knowledge
  • With internal re-communication SOP mechanism




Lower Activation due to decline of Sales Order QTY .

Higher Product Cost

Risk reduction

Modify  the arrangement of outsourcing or Self-production of  product portfolio.