Our Focuses｜Corporate Governance｜Risk Management

• International situation risk: G2 geopolitical disputes have formed two major market segments dominated by China and the United States. The Chinese market has gradually turned to domestic products, while the European and American markets have gradually stopped using products
  produced by Chinese companies

• In response to the globalization market structure (globalization) , it is rapidly developing towards regionalization (localization), actively expanding the European, American, Japanese and Korean markets and international Tier -1 customer orders, and developing Tier -1 High value-added products required by customers

• Listed in the annual plan and regularly review the plan

• Technology development risk: New technology development may encounter unforeseen difficulties, leading to delays in the development schedule

• Maintain a strong relationship with major equipment suppliers to engage and exchange the latest solutions
• Implemented TFMEA analysis to assess potential risks in advance and seek effective solutions

• Regularly hold technical seminars with major equipment suppliers
• Technology development periodic review TFMEA

Industrial

• Geopolitical and competitive risk: G2 may cut customers and markets, affecting future performance scale. At the same time, science and technology are changing with each passing day, and industry models are shifting rapidly. If technology and products are relatively backward, the impact might be significant

• Develop a decentralized production strategy, understand the needs of specific customers, and reduce the risks and impacts that G2 may bring
• In response to geopolitics and customer requirements, seek to diversify production bases and expand global markets; actively innovate to enhance product differentiation, and develop high-end customers to enhance operational competitiveness 
• Strengthen partnerships with key customers; hold regular meetings to understand customer needs; and ensure consistency of long-term development blueprints for both parties
• Study the ecological chain of each application, understand its pain points and proactively provide customer
  solutions

• Adjust operating strategies and include them in annual plans
• In response to the rapid shift of industry paradigms, technology and product development can be adjusted immediately, and the organization can be adjusted in a timely manner

Climate

• Climate change risk: In the context of global warming and extreme climate intensification, transition climate risks and physical climate risks may have an impact

• Introduce the TCFD management structure to identify the sources of climate risks and assess their impacts, and formulate mitigation and adaptation measures accordingly to reduce the impact of climate risks and enhance the company's operational resilience

• Published a climate-related financial disclosure report (TCFD) to review Winbond’s operational resilience in facing
  climate issues and improve information transparency

• Energy demand risk: Renewable energy is not easy to obtain, and the production of low-carbon products is limited; energy costs increase, and production costs increase
• Carbon pricing risk: indirect costs increase, suppliers pass on costs, and procurement costs increase

• Set a goal of using green electricity in CTSP Fab
• Plan and purchase renewable energy power, and evaluate investments in renewable energy projects
• Promote water-saving measures; install water storage equipment; increase the proportion of recycled water
• Conduct energy resource usage surveys on suppliers every year to understand scope 3 carbon emissions and suppliers’ carbon management levels, further plan reduction measures, and conduct regular tracking and communication

• The renewable energy usage rate of CTSP Fab in 2023 is 0.4%
• The water recovery rate of the Fabs in 2023 is 82.2%

• Operational risk: Due to increased shipments or unexpected quality abnormalities, it is necessary to quickly find out the real cause and propose improvement plans to avoid causing quality problems in the customer's products in the end market

• Utilize the latest instruments, quality management techniques and comprehensive education and training to strengthen the analytical ability to independently inspect product abnormalities, quickly implement improvement plans, improve interaction with customers and obtain immediate feedback, build mutual trust and increase cooperation opportunities

• Promote Zero Defect 2.0 activities and implement them in all units of the company

• Quality improvement risk: Various requirements arising from customer product upgrades or development of new product applications, including: increasingly stringent product reliability and validity specifications, requirements for continuous improvement of yield rates, requirements for early introduction and use of new technologies for manufacturing, etc. Causes the quality of newly manufactured products to face unprecedented challenges

• In the face of emerging quality challenges, big data quality analysis and machine learning have been used to accelerate quality improvement; at the same time, new design tools are applied to improve product stability as well

• Kaohsiung Fab uses digital transformation to increase Virgin Yield

• Epidemic risk: the impact of the epidemic on personnel health or loss of business interruption

• Implement epidemic prevention management regulations, such as implementing separate warehouses and stratification for working from home according to changes in the epidemic, maintaining indoor air circulation and regularly cleaning the environment
• Regularly / irregularly, senior managers hosts epidemic prevention meetings and conduct rolling reviews of epidemic prevention management measures

• There were no personnel health impacts or operational disruptions caused by the epidemic in 2023

• Liquidity risk: The domestic carbon rights market trading and swap regulations are not yet mature, and may face risks such as insufficient liquidity in carbon rights trading and high volatility

• Join the Singapore Carbon Exchange (CIX) and the Taiwan Carbon Exchange (TCX) to increase access to diverse carbon rights and continue to pay attention to the progress of carbon rights swap regulations
• Participate in voluntary carbon rights market transactions and continue to track changes in carbon price trends

• Starting from 2022, Winbond has been participating in voluntary carbon rights market transactions and continuously expanding its channels for obtaining diversified carbon rights to respond promptly to market changes. As of 2023, carbon rights issues have had no negative impact on Winbond's operations

• Human rights risk: Ignoring human rights in corporate governance may bring risks of legal action, supply chain misconduct, regulatory compliance issues, brand reputation damage, and loss of support from socially responsible investors; ignoring employee trust in the company can also increase the risk of losing talent

• Implement human rights education and training, with a global training rate target of 100%
• Conduct human rights due diligence every three years to understand potential risks

• Chairman signed Winbond Human Rights Policyin 2022
• Conducted the first company-wide human rights due diligence in 2022. Among the 28 issues, there were no high-risk issues that require immediate resolution

• Infringement risk: May constitute an illegal act and cause the management bears civil and criminal liability in serious cases.In minor cases, it may also cause losses to the company's finances or goodwill

• Active prevention in advance: The R& D department works closely with the intellectual property department when conducting product design and development to conduct relevant searches, analysis and research on intellectual property rights. If necessary, it will obtain legal authorization or adopt methods such as design around to do its best to avoid infringement
• Effective response after the fact: In the rare case of being accused of infringement, the legal department immediately workes with relevant units to clarify the facts and actively safeguard the rights and interests of Winbond and its customers

• Since 2016 to date, Winbond has not been involved in any infringement lawsuits or disputes

• Intellectual property risks: Unfavorable patent licensing negotiations, increased royalties and the possibility of patent litigation

• Regardless of whether the rights holder resorts to demanding high royalties or even filing patent litigation based on protection of intellectual property rights, commercial considerations, or other unknown purposes, we actively discuss and develop countermeasures with external lawyers
• Continue the patent layout of key technologies and consider the quality of the patents as bargaining chips for licensing negotiations or counter-claims

• Adhering to the principle of seeking win-win results, and relying on mutual respect and rational interaction with rights holders, Winbond has effectively controlled patent-related risks, and no adverse results have occurred to Winbond

• Credit risk: Excessive financial leverage or poorer than expected risk assessment may cause the company to fall into credit risks such as default

• Through continuous and dynamic financial simulation, we can truly understand the company's capital flow and possible future changes in order to reduce uncertainty

• 2023, in response to operational needs, we raised funds through multiple channels to ensure a stable long-term financial structure

• Investment risk: mainly from investment income and asset impairment of strategic investment and financial investment

• Establish a prudent investment decision-making process, conduct a comprehensive assessment of the technology, products, market, management, finance and other aspects of the investment target before investing, and set different investment decision-making approval standards according to the investment amount; regularly track management and evaluation during the holding period. To maximize investment returns and prevent the occurrence or expansion of losses
• The financial unit submits management reports quarterly, examining whether there have been adverse changes in the significance of investment targets in terms of finance and operations, and timely proposes disposal recommendations

• The investment decision-making process in 2023 was in compliance with Winbond’s internal and external regulations of the competent authorities

• Sensitive information leakage risk: may affect the company's competitiveness and corporate reputation, property losses, and legal liability
• Application of emerging technologies risk: Careless use of generative AI tools may lead to the leakage of sensitive information

• For sensitive data, evaluate data classification and solutions, and develop data protection and control mechanisms
• Precautions related to the use of generative AI tools, and evaluate the introduction of technical control tools

• Completed crafting data protection strategies and preliminary implementation plans as well as the evaluation of data classification
• Conducted 2 information security promotions and 1 training of using Generative AI tools in 2023

• Malicious attacks risk: may modify or destroy the data in the system database

• Establish critical system database backup solutions and recovery procedures

• Completed the construction of critical system database backup solutions and recovery procedures