Risk Management

The Risk Management Committee (RMC) is supervised by the Board of Directors and the Audit Committee and is responsible for overseeing the Company’s risk management. Chaired by the General Manager, with the Chief Human Resources Officer as Executive Secretary and department heads as members, the RMC meets every six months to discuss material risks and related control measures. It aims to establish a proactive risk management mechanism that enables timely responses to risk events, mitigates or avoids impacts, and ensures effective management of operational risks across all aspects, thereby supporting the Company’s sustainable operations.

MetaAge categorizes risks into eight areas: sales, product and technical services, finance, information security, compliance, human resources, climate, and supply chain. A total of 33 potential risks are identified under these categories. The Company evaluates risk levels using specific indicators, regularly reviews the risk management framework, and formulates response strategies and control measures. The status and progress of the RMC’s activities are reported to the Board of Directors annually.

Risk Management Process

MetaAge identifies and assesses all potential risks through its risk management procedures and develops corresponding strategies and control measures to mitigate or prevent potential impacts from risk events.

Establishing a Risk Management Environment: Understand the current business scope and identify major risks associated with the future development of new business areas, while maintaining a clear understanding of the Company’s strengths and weaknesses.
Risk Identification: The Risk Management Committee is responsible for identifying risks that may affect the Company’s sustainable operations and the achievement of business performance objectives. Once risks are identified and confirmed, they should be assessed and addressed accordingly.
Assessment of All Potential Risks: The Risk Management Committee shall assess the identified risks, including the potential impact and likelihood of occurrence. The level of risk treatment shall be evaluated with reference to the risk tolerance of each risk item.
Development of Response Strategies and Measures: Evaluate available risk treatment strategies, formulate and implement appropriate action plans, and clearly define the selected approach for managing each risk.
Supervision and Review: The risk management unit is responsible for overseeing the implementation of risk management. The Board of Directors ensures the effectiveness of the risk management policy by reviewing relevant risk management reports.
Internal and External Communication and Consultation: The Company has established effective communication and reporting channels within the risk management system to ensure that internal and external risk-related information is timely identified, assessed, and communicated.

Risk Assessment Accomplishments

The company formally established the Risk Management Committee on August 5, 2011, and held its first risk management initiation meeting on November 29 of the same year. Annually, in the first quarter, the company reports to the board of directors on the operations and business content related to the Risk Management Committee, including risk categories, potential risks, impacts on corporate profits and losses, risk tolerance, response strategies, and the status of risk control measures taken. The 2023 risk management operations were approved by the board of directors on February 29, 2024.

The 2023 risk management operations were as follows:

In 2023, two Risk Management Committee (RMC) meetings were held, during which the achievement rates of Key Risk Indicators (KRI) were reported to the chairman and committee members. Additionally, three major company-level risks were identified for 2024: stability of rights management, preference of original manufacturers, and business professionalism.
The 2023 risk management execution results included controlling five KRIs in the areas of sales and business risk, financial risk, information security risk, compliance risk, and human resources risk, all of which achieved a 100% completion rate.

Potential Risks and Countermeasures

The Risk Management Committee of MetaAge compiles risk checkup items sorted out by respective units after discussions, including risk category, potential risks, impacts on corporate gains and losses, and response strategies as well as risk control measures adopted. The following items have been assessed as medium-level risks: