Risk Management

Long-term and emerging threats to business operations include; legal risks, changes in the economic environment,natural disaster risks, industrial competition risks, high-end technology risks, public relations risks, and operational interruptions. We have thus established a risk management mechanism to regularly review risks relating to finance, laws & regulations, climate change, water resources, supply chain, information security, and occupational health & safety, thereby enhancing industrial competitiveness.

Risk identification and management processes mainly include risk identification, risk assessment, and risk response
Process Contents
Risk identification Identify risks in regulations, industry standards, and international development trends
Risk assessment The degree of risk is based on severity and frequency
Risk response The establishment of controls & countermeasures based on the degree of risk and the evaluation of the effectiveness, feasibility, and cost of relevant control criteria.
Financial Risk Management
Innolux is specialized in and focused on the manufacture, sale, and development of display panels and does not engage in investments of high risk or high leverage. Faced with the rapidly changing macro environment, risk identification and control & improvement of responsiveness have become essential to business operations and management. To effectively reduce operational risks and achieve sustainable development, the Financial Department takes hedging measures based on its authority after assessment, analysis, and drawing up of the risk management strategies. This is to deal with the risks in the macro environment (domestic and overseas economic conditions and financial market changes) and the internal environment (organizational operations and strategic development). The Audit Office constantly supervises internal control and legal compliance. After implementing hedges, the Financial Department will disclose related information by law and submit the results to the Audit Committee and the Board for review.

At Innolux, we categorize financial risks into credit, market, liquidity, asset & operational interruption, and business investment risks.
Credit Risks (A) Set a credit line and the method(s) of transaction based on the credit ratings of customers, constantly assess the payment performance of customers and implement collections.
(B) Analyze the status of customer operations and the industrial trends regularly, make alerts, and take countermeasures to control credit risks and ensure operational performance.
Market Risks (A) After assessing the foreign exchange risks and interest rate risks, the Financial Department establishes hedging strategies and implements hedging transactions. Hedging should aim at avoiding foreign exchange risks on substantial positions, with a focus on undertaking financial products with simple structures and high liquidity.
(B) The Financial Department also balances assets and liabilities in natural hedging for substantial positions generated by foreign currencies and undertakes products for hedging exchange rate risks for risk exposure positions to hedge risk from exchange rate volatility and reduce or avoid potential economic loss. To prevent interest rate volatility in the market from affecting financial costs of the floating interest liabilities raised for operational needs and investments, the Financial Department undertakes products for hedging interest rate risks at appropriate times to lock in interest rate risks.
Liquidity Risks In addition to maintaining high liquidity in fund allocations, channels for short-term and long-term financing are expanded constantly to diversify funding sources, hedge systemic liquidity risks from occurrences in the financial market, and raise funds from the capital market to strengthen the capital structure and enhance operational performance.
Asset and Business Interruption Risk To prevent natural disasters or Force Majeure from causing property damage to plants, equipment and goods, and business disruption risks, different types of insurance are purchased after assessing the management costs, premium expenses, and risk self-retention costs of various risks to transfer related risks to a third party (risk-bearing institution).
Business Investment Risk Carefully assess the targets of strategic investments, constantly review, supervise, and manage reinvestments, assess the benefits of medium-term and long-term investments, and timely dispose of non-core investment items to reduce business investment risks.
Tax Risk Management
With integrity as the foundation of our corporate practices, we conduct business in compliance with the laws of the countries or regions in which we operate, and our tax policy is as follows:
• Conform with tax regulations; accurately calculate, declare and pay taxes; and maintain a policy of engaging in normal trade
• Assess in a timely and thorough manner the impact of changes to local and international tax laws and regulations and draw up countermeasures.
• Publicly disclose tax data the financial statements and annual reports to maintain information transparency.
• Maintain good relations with tax authorities, keep abreast of circulating tax information, and constantly improve tax expertise.
Tax Risk Management
Tax Risks Countermeasures
When engaging in transnational investments &
operations, the difference in tax laws and tax systems of different countries may affect the group's tax costs.
Analyze each tax case in conformity with local tax regulations, accurately calculate taxes, and effectively improve the operational performance of organizational resources.
In transnational operations, the tax authority of each country is in charge of the comprehensive tax data and information from respective countries. Without gathering the whole tax data or information of a host country, we may be unaware of any tax risks. Actively gather information regarding the changes and reforms of local and international tax regulations, assess their impacts, and draw up countermeasures quickly.
Development Risk of the Display Industry
Industry Risk The global economy and international trends has been grim in 2019, causing a downward consumption trend in various regions. The display industry in mainland China receives immense government funding in the form of investments and subsidies, enabling it to continuously enhance capacity to remain competitive. Low-cost display panels are continually entering the Chinese market, which not only destabilizes the market but also further weakens the overall market environment. An analysis of the market shows that large corporations are becoming stronger. Currently, the capacity of the mainland Chinese sites is ranked first in the world. Its high market share has the ability to influence market trends, take advantage of market opportunities, and create greater benefits.
Countermeasures Through the continuous optimization of production cost, promotion of automated production, flexible deployment of diversified production lines, and improvement of quality yields, Innolux has achieved its goal of stable profit generation with its mainstream products. It also offers OEM services to achieve integrated manufacturing and medium- and large-size applications and promotions, thereby expanding the value of niche markets and enhancing profitability. In order to enhance design & development capabilities, product differentiation, as well as develop emerging markets and other new ventures, we aim to innovate in new ways. This includes the new blue ocean market, combining favorable supply & logistics management, and financial stability to achieve parallel management and vertical integration; thereby improving overall competitiveness and achieving sustainable operations.
Information Security Risk Management
Innolux is committed to protecting confidential information and values the protection of client, employee, and shareholder information. The Company is fully aware that information security is vital to future competitiveness. To properly manage information security, Innolux continues to strengthen its ability to protect confidential information, enhance employees' correct attitude & alertness to confidential information security, and reduce the risk of confidential information leakage to protect the interests of the Company, shareholders, employees, customers, and suppliers.

Information Security Protection Approaches
1 Prevent hackers/cyber attacks Innolux has moved steadily towards automation and INX4.0 policies. Information security is an essential component of these policies. To prevent the theft of confidential information from affecting normal production operations, Innolux comprehensively inspects internal information security. In addition to setting up a firewall to prevent external intrusions, internal management is also arranged hierarchically according to the employee's account clearance. The firewall not only ensures information security but also minimizes the scope and influence of an attack when a computer becomes compromised. The Company also reviews and manages the usage regulations of information equipment and networks by external visitors to ensure the security of the information in the Company.
2 Education & awareness strategy The "Boot-Up Advocacy Platform" is implemented to educate employees in information security. The "E-Mail Source Validation Mechanism" is applied to reduce the risk of phishing e-mails.
3 Authorized/genuine software Policy and method for using authorized/genuine software: Only IT employees may install software. They also perform regular audits.
INX Mapp
Innolux has established an internal platform, "INX MApp," to prevent information security risks stemming from the use of public communication software by employees and improve overall communication efficiency, thereby achieving the goal of quick response and decision-making. The major security protection mechanisms of INX MApp:
(1) Integrate privilege control with the Human Resource Management System to automatically revoke the privileges of departed employees.
(2) Privatize INX MApp to avoid exposure to public systems.
(3) Apply identity authentication before app installation.
(4) Use of the group member control mechanism to access confidential information by unrelated staff.