1. Risk Management Policies and Procedures
For the purpose of stable operation and sustainable development of the company, the company has formulated "Risk Management Policies and Procedures", which are supervised by the Audit Committee and approved by the Board of Directors on August 10, 2023 as the highest guiding principle of the company's risk management.
The company's risk management team regularly coordinates the planning and implementation of risk factor identification for each operating unit every year to identify relevant risks that may affect the sustainable development of the company, select risk management areas, and monitor potential risks based on the latest developments and standards requirements. Implement preventive measures to strengthen risk management; formulate risk management policies for various risks, covering management objectives, organizational structure, rights and responsibilities, risk management procedures and other mechanisms, and implement them to control various risks arising from business activities. acceptable range.
For the full text of the company's "Risk Management Policies and Procedures", please refer to the "Risk Management" section of the company's website:
Risk Management
2. Risk Management Structure
The company’s Risk Management Structure is as follows:
Board of Directors: The top governance unit of risk management, approving “risk management policies and procedures”. Audit Committee: Assist the board of directors in supervising the company's establishment of a risk management operation mechanism.Risk management team: The general manager serves as the convener, gathering managers at all levels to participate in promoting implementation, and integrating various risk issues through the "risk management team" for overall risk-related analysis, prevention and monitoring or major risk management and control issues, report the annual risk assessment and risk management operations to the board of directors at least once a year.Each operating unit: identify, analyze, evaluate and respond to risks within the unit, establish relevant crisis management mechanisms when necessary, and regularly report risk management information to risk management promotion and execution units.
3. Risk Management Operating Status in 2023
The company actively promotes the implementation of the risk management mechanism, which is supervised by the audit committee. The risk management team reports its operations to the board of directors at least once a year. The main operations in 2024 are as follows:
- 1. Formulate the company's "Risk Management Policies and Procedures" and organizational structure, submit them to the Audit Committee for review and supervision, and approve them by the Board of Directors on August 10, 2023.
- 2. Evaluate various risks faced by the company, including risk categories, management units, risk content and management and control mechanisms, identify the company's eight main types of risks for the current year, report the response actions in the above risk categories, and submit a report to the audit committee Supervision, and report to the board of directors on November 13, 2024.
Scope of Risk Management
In order to reduce the attack and impact of internal and external risks, the company identifies risks related to corporate governance and economic, environmental, social and other issues related to operations based on the principle of materiality and the company's business and operating characteristics, plans relevant management and monitoring measures, and conducts regular reviews risk management status and report it to the board of directors. The identified risk categories, risk details, control mechanisms, and responsible management units from 2023 to September 2024 are summarized as follows:
| Item | categories | Risk content | Control mechanisms | management units |
|---|---|---|---|---|
| Environmental | Climate change risk | In response to issues related to climate change and natural disasters, greenhouse gases, carbon emission management, energy use and other related issues, as well as the need to comply with international norms and local government laws, may have risks that may affect the company. | 1. Greenhouse Gas Inventory: The company has independently conducted and disclosed its greenhouse gas emissions inventory and will continue to do so annually. In line with Taiwan's 2050 net-zero emission pathway, the company has set 2020 as the baseline year and aims to achieve a 30% reduction in carbon emissions by 2030. As of 2023, a 25.85% reduction has been achieved, meeting the current stage's target. 2. Climate Risk Management: To address physical risks from natural disasters (e.g., floods, droughts) caused by global warming, as well as transitional risks from government regulations and international initiatives (e.g., increased electricity rates and renewable energy costs in Taiwan), the company conducts annual climate risk and opportunity assessments based on the "Task Force on Climate-related Financial Disclosures (TCFD)" framework. This includes governance, strategy, climate risk and opportunity analysis, climate scenario analysis, risk management, metrics, and targets. Relevant information is disclosed on the company's official website and in the sustainability report. | Store Expansion and Construction Division Governance and Sustainable Development Office |
| Energy risk | Due to the increase in electricity and water usage, as well as the rise in electricity and water rates, there is a potential risk of increased energy costs for the company. | 1、 Energy Audit: Electricity is primarily purchased from Taiwan Power Company, with total electricity consumption in 2023 amounting to 533,706 kWh, a 17.52% decrease compared to 647,051 kWh in 2022. Water is mainly sourced from Taiwan Water Corporation, with total water consumption in 2023 at 3,075 metric tons, representing a 34.64% reduction compared to 4,705 metric tons in 2022. 2、 Energy-Saving Investments: Investments in energy-efficient air conditioning equipment for retail outlets amounted to NT$21,071,000 in 2023 and NT$3,289,000 from January to September 2024. 3、 Energy-Saving and Carbon Reduction Policies: Policies focus on energy conservation, water saving, and electricity efficiency through equipment upgrades. Retail renovations are progressively adopting energy-saving LED lighting, inverter air conditioning systems, green building materials, and eco-friendly construction materials. 4、 Energy-Saving and Carbon Reduction Advocacy: Quarterly campaigns in 2024 (on 1/26, 4/9, 7/2, and 10/15) will promote energy conservation, greenhouse gas awareness, carbon footprint labeling, and a net-zero green lifestyle to all employees. | Store Expansion and Construction Division Governance and Sustainable Development Office | |
| Resources and waste Waste management risks | There is a risk of negative environmental impact caused by waste generated from operational activities, as well as potential impacts on the company due to local government regulations. | 1、 Waste Reduction: The company is committed to minimizing the environmental impact of waste by avoiding excessive product packaging, enhancing resource utilization efficiency, and classifying and recycling various types of waste. 2、 Reduction of E-commerce Packaging Materials: Following the Ministry of Environment's July 2023 announcement of regulations on "Restrictions on the Use and Implementation of Online Shopping Packaging," all e-commerce orders from July to December 2023 adhered to the guidelines. In 2024, the company encourages customers to pick up orders in-store and switch to tamper-proof packaging bags, aiming to reduce cardboard box usage by 25%. | Optometry Business Division | |
| Social | Occupational safety risk | The working environment includes issues related to the working environment of employees or suppliers, occupational safety, health and health, product management, safety protection and emergency response, and risks to the company caused by personnel misconduct or mistakes. | 1、 Enhanced Occupational Safety Management: The company has issued various safety protocols, including the "Occupational Health and Safety Management Manual," "Plan for Prevention of Human Factors Hazards," "Plan for Preventing Illness Induced by Abnormal Workloads," and "Plan for Preventing Workplace Violence." These address worker safety and health measures, such as accident prevention, fire safety, electrical and machinery operation safety, first aid and rescue, preparation and maintenance of protective equipment, and accident reporting. Monthly safety promotions, onboarding training, drills, and environmental safety inspections are conducted. 2、 Disaster Response Plan: In October 2024, the company reviewed its emergency response plans for earthquakes, typhoons, heavy rain, power outages, and fire incidents, covering preventive measures, response strategies, and operational procedures. (1) Head Office: A fire drill and a 6-hour refresher training for the occupational safety and health supervisor were conducted on October 4, 2024. (2) Retail Stores: As of September 2024, 71 individuals participated in self-defense fire team (emergency response) training, with each session lasting 4 hours, totaling 284 training hours. 3、 Implementation of Contractor Management: For contractors involved in clinic or retail renovations, the company enforces labor safety, health, and environmental protection regulations through contractual agreements and conducts random inspections during project execution to ensure compliance. A supplier meeting on January 19, 2024, will include occupational safety and health training and ESG sustainability advocacy for suppliers. 4、 Employee Health and Well-being: Employee health check-ups were conducted on September 23-24, 2024. Additional measures include annual travel subsidies and monthly birthday celebrations to enhance employee welfare. | Store Expansion and Construction Division Human Resources and Administration Division |
| Labor dispute risk | Risks such as labor tension, forced labor, workplace discrimination, human rights issues, recruitment shortages, and brain drain. | 1. Labor-Management Communication Channels: Quarterly labor-management meetings in 2024 (scheduled for 3/27, 6/29, and 9/25) will establish communication channels and an employee grievance mechanism to foster harmonious labor-management relations. 2. Workplace-Friendly Protection: Measures to strengthen the collection, processing, and use of personal data are being enhanced, with continuous improvement of written regulations to respect and protect employee (subject) rights. 3. Talent Selection, Development, and Retention System: The company is improving diverse recruitment channels, equitable education and training programs, and implementing fair and appropriate performance evaluation and promotion systems. 4. Compliance with Labor Regulations: Management procedures and related administrative operations for human resources are ensured to align with legal requirements. | Human Resources and Administration Division | |
| Governance | Strategy risk | The risk of losses caused by improper business strategies or changes in the company's operating environment. | 1. Business Report: The management team reports, communicates, and discusses its operational strategies and performance updates during each board meeting. 2. Board Supervision: Board members provide recommendations based on their professional expertise regarding the management team's reports. If the goals or strategies involve significant operational risks, the board prioritizes addressing these issues. 3. Subsidiary Operational Strategy: Post-pandemic, economic weakness and subdued consumer spending in Mainland China, combined with the 2024 implementation of healthcare insurance reform and tightened cataract reimbursement policies, have impacted operations. Response Measures: (1) Cease operations of the self-managed Linping Eye Hospital and terminate the ophthalmology outpatient department collaboration with Xiaoshan Hospital to reduce losses. (2) Transition self-operated clinics and partner hospitals with significant operational scale to focus primarily on out-of-pocket medical services, thereby mitigating risks associated with cataract insurance reimbursement. | CEO's Office |
| Operation risk | In the process of business operation, the risk of changes in corporate value arises due to uncertain factors and business decisions in production, supply, marketing, service and other processes, such as customer relationships, product safety, supply chain, and technological trends. | Departments manage annual operational plans and goal achievement through business meetings. 1. Customer Relations Standard operating procedures (SOPs) and complaint channels have been established to address consumer rights concerns such as products, services, and personal data protection. Customer service training is conducted to enhance service quality. 2. Product Safety A "Product Safety Monitoring" system has been implemented to establish internal regulations and ensure compliance with external laws. This system covers product development, evaluation, assessment, and quality management to improve the safety and quality of products and services. 3. Supply Chain Management Efforts are made to carefully evaluate and actively develop new material sources while strengthening strategic partnerships within the supply chain. Safe inventory levels and shelf-life controls are established to flexibly respond to market demands. Market intelligence and research are utilized to monitor market conditions and prepare for future trends proactively. 4. Technology Trends Customer needs, end-use applications, and advancements in product and equipment technologies are closely monitored to adapt to rapidly changing external environments. Industry trends, market dynamics, and customer developments are analyzed to inform service improvements, technological advancements, and product development strategies. | Ophthalmology Business Division Optometry Business Division | |
| Finance risk | Factors such as overall economic and industrial changes at home and abroad have an impact on the company's finances, such as interest rates, exchange rates, credit and solvency, liquidity risks, accounting policies and other risks. | 1、 Interest Rate Risk: Monitor changes in the interest rate market, assess capital requirements, maintain strong banking relationships, and strive for optimal financing and deposit rates. 2、 Exchange Rate Risk: Primarily involves adjustments to foreign currency conversions related to long-term overseas investments. Receivables and payables generated from operations are mainly settled in New Taiwan Dollars (NTD) through local market transactions and agent procurement, with minimal direct import, export, or overseas sales. Therefore, the impact of exchange rate risk is relatively small. 3、 Credit Risk: Receivables are monitored by monthly reports for brand-authorized partner clinics and daily cash/credit card reports for direct-operated optical retail customers. 4、 Financial Changes: Regular monitoring of financial statements to track financial structure, debt repayment ability, operational performance, profitability, and cash flow. | Finance and Accounting Division | |
| Cyber security risk | The company's information system security fails, hackers attack, customers or employees' personal information is leaked, and corporate business secrets are stolen, resulting in risks to the company. | 1、 Information Security Protection Mechanism: Implement ISO/IEC 27001 security measures, conduct risk assessments and improvements for servers, networks, and applications. Establish file encryption mechanisms and plan secure cloud services to reduce the risk of sensitive data leaks. Regularly review external service system vulnerabilities, perform penetration testing and network risk detection, and implement timely improvements to ensure system security. Conduct regular disaster recovery drills to strengthen data backup mechanisms and build incident response capabilities, ensuring business continuity. 2、 Information Security Policies: Formulate and revise the Information Security Policy and over 20 related execution procedures, which are published in the company’s document management system for compliance. Develop and update measures to protect and manage personal data in line with the Personal Data Protection Act. The IT and HR departments implement protective measures, while the legal department enforces trade secret protections to ensure confidentiality obligations are upheld. 3、 Information Security Risk Awareness: Enhance employees' awareness of information security risks through training programs. From January to September 2024, training sessions have been completed for 48 participants in Personal Data Protection Act, 47 participants in Information Security Awareness, and 48 participants in Trade Secret Act. New employees will continue to undergo training. | Information System and Equipment Division | |
| Legal compliance risk | Risks such as improper conduct, illegal infringement, transaction risks, intellectual property infringement and other risks. | 1、 Implementation of Ethical Business Practices: Establishment of the Code of Ethical Business Conduct, Code of Ethical Behavior, and Employee Ethics Guidelines and Whistleblowing System. Regularly promote the values of ethical business practices and corporate culture to guide employee behavior in accordance with moral standards, thereby avoiding involvement in illegal activities. 2、 Internal Control and Audit Operations: Internal control processes monitor company transactions, projects, risks, and disputes. Internal audits are conducted to promptly identify issues and track improvements. 3、 Dedicated Legal Functions: Provide legal consultation and recommendations on regulatory compliance, disputes and litigation, investments and mergers & acquisitions, and intellectual property management. 4、 Contract, Seal, and IP Management: Utilize a contract management system to oversee the signing and risk control of various company contracts. A seal management system supervises the issuance, usage, and cancellation of company seals to mitigate overall legal risks. The Intellectual Property Management Policy is implemented, with regular inventory and validation. As of the end of September 2024, the company holds 140 trademarks and 17 patents. | CEO’ office Each operational units |