Our Focuses｜Sustainable Supply Chain｜Sustainable Risk Assessment

Sustainable Supply Chain Risk Management

Winbond's supply chain structure is composed to meet customer quality and delivery requirements, as well as Winbond's own production and routine administrative needs. To effectively maintain the supply capabilities of suppliers from around the world, Winbond Group actively screens for risks of different production bases from various countries (national aspect), products, technologies, and services from different industries (industry aspect and product aspect) from the supplier's source. When potential suppliers enter the qualified and formal trading stage, we incorporate "Business Principles," "Significant Supplier Identification," and "Environmental, Social, and Governance (ESG)" to comprehensively screen and evaluate the suppliers' operations, ensuring the overall stability of the group's supply chain.

• Counrty-Specific risk: Political and country-specific stability, rigor of laws and regulations, frequency of social events (such as strikes, demonstrations), completeness of national infrastructure.

• Sector-specific Aspect: Intensity of energy resource consumption, uniqueness of natural resources (specific minerals), uniqueness of technology and services.

• Commodity-specific Aspect: Degree of supply and demand balance, degree of price fluctuation, degree of labor balance, background of required fixed equipment and capital.

• Sustainability (ESG): Environmental protection and climate change response, maintenance of human rights and labor rights, corporate governance capability and transparency.

Business Relevance

• Business Principles: Market share, industry competitiveness, supply performance and reputation in the industry, product, technology and service quality, operational facilities and production equipment.

• Significant Supplier Identification: Annual procurement amount, diversity of supply sources, key spare parts.

Consequently, the supply chain faces diverse types of risks, each with varying degrees of impact. In managing these risks, Winbond employs a four-step approach aimed at achieving optimal costs and minimizing impacts.

• First, Winbond's supply chain Risk Management is conducted with a systematic approach based on ISO 31000 Risk Management for monitoring and impact assessment.

• Second, risks are identified and categorized into internal risks, intra-partnership risks, and external risks.

• Third, corresponding management methods are established according to the differences in risk sources and types.

• Fourth, each management event is reviewed, and improvements are made based on the deficiencies identified in the events to reduce the impact of future risks on supply chain management.

Sustainable risk Due Diligence in the supply chain

In recent years, significant occurrences of extreme weather events, unpredictable fluctuations in global health crises, and geopolitical conflicts have led to rapid shifts in various industry landscapes. This has highlighted the importance of maintaining resilience within supply chains and strengthening adaptive capabilities to manage diverse disasters and changes. These capabilities have become a core focus in corporate management.

To effectively ensure and support suppliers in their sustainable journey, Winbond conducts regular due diligence investigations on sustainability risks among suppliers. This helps in identifying the types and impacts of risks across the supply chain, and in planning improvement strategies to ensure stability, quality, and reliability of supply.

Sustainability risk due diligence process

Winbond has six major steps to implement supply chain sustainability risks.

• First, suppliers are required to comply with Winbond Electronics’ Supplier Code of Conduct.

• Second, drawing on the Responsible Business Alliance (RBA) Code of Conduct, the ISO 20400 Sustainable Procurement Guidelines, and PAS 7000 Supply-Chain Risk Management, Winbond has established a due-diligence framework. The company regularly ranks and classifies suppliers with whom it transacts each year and proactively issues questionnaires.

  • 2023: Questionnaires were sent to 69 Tier-1 critical suppliers.
  • 2024: In addition to continuing coverage of critical suppliers, Tier-1 non-critical suppliers whose purchase value falls within the top 90 % were included for the first time, bringing the total to 120 suppliers.
  • 2030 (target): Achieve 100 % coverage in due-diligence assessments.

  Note：

  • Tier-1 supplier: A supplier with whom the company conducts direct transactions.
  • Tier-1 critical supplier: A Tier-1 supplier of raw materials, OSAT (assembly & test), or key spares (e.g. quartz, photomasks, pads) whose annual purchase value falls within the top 80 % and is directly related to production.
• Third, issue surveys, track suppliers’ filling status, and provide explanations and assistance as needed.
• Fourth, after the investigation and recovery, the sustainability evaluation and audit work will be started. In the written audit, the documents attached by the supplier will be comprehensively reviewed based on the environmental aspect (E), social aspect (S), and governance aspect (G). The degree of compliance with the scoring content identifies suppliers with negative impacts. Among them, those whose average score does not reach 80 points are listed as key suppliers, and the suppliers are notified to conduct on-site audits, on-site visits and inspections, to understand the reasons for the negative impact.
• Fifth, concentrate coaching resources to require high-risk suppliers to improve their deficiencies; at the same time, observe the operational resource status of high-risk suppliers and match coaching resources to intervene to reduce their transformation burden.
• Sixth, Regularly track the implementation status of corrective actions by high-risk suppliers.

Note：Sustainable Supply Chain team developed an in-house supply chain risk assessment system. In 2022, the focus was on establishing evaluation content, items, and management systems. The first implementation of this assessment was in 2023. Based on the 2023 assessment results, in 2024, Winbond conducted on-site sustainability audits for significant and highrisk suppliers in Taiwan. Therefore, the number of audits conducted was planned based on the previous year‘s assessment results.

Content of supplier ESG risk assessments

Winbond utilizes the Responsible Business Alliance (RBA) Code of Conduct, ISO 20400 Sustainable Procurement Guidelines, and PAS7000 Supply Chain Risk Management to establish due diligence frameworks. The approach includes:

• Environmental considerations and protection aligned with the Eco-Management and Audit Scheme (EMAS) within the core of the RBA framework.
• Human rights assessments referencing the OECD Guidelines for Multinational Enterprises, UN Guiding Principles on Business and Human Rights, UN Universal Declaration of Human Rights, ILO Declaration of Fundamental Principles and Rights at Work, and ILO Fundamental Conventions.
• Governance aspects incorporating Social Accountability International (SAI, SA8000) standards and the UN Convention against Corruption.
   

These frameworks collectively form the basis for Winbond's Supplier Code of Conduct and Winbond Sustainability Assessment Questionnaire (SAQ), ensuring comprehensive evaluations and commitments to sustainability and responsible business practices throughout its supply chain.
 

E

Purpose

Starting with product life cycle traceability and supply, Winbond has committed to requiring our partnered suppliers to operate in an environmentally-friendly and economic manner

---

• Assessment items

  • Environmental Management Systems
  • Air Pollution Prevention
  • Water Management
  • Waste Management
  • Greenhouse Gas Management
  • Biodiversity Management
  • Recycled Material Management
  • Hazardous and Shared Substance Management

• Principles of High Risk Suppliers

  • Records of punishment within 3 years
  • Carbon emissions over 2.5 ton CO2e and without any abatement approaches

  • The score of carbon management is lower than 3 

     

S

Purpose

Suppliers are required to sign the Winbond Supplier Code of Conduct Commitment Letter, ensuring that our suppliers provide a safe and healthy workplace compliant with international labor rights standards.

---

• Assessment items

  • Human Rights Protection
  • Adjustment and Management for Human Rights Risk
  • Employment and Labor Rights Protection
  • Occupational Health and Safety, and General Health Management
  • Chemical Safety
  • Fire Safety
  • Equipment Safety

• Principles of High Risk Suppliers

  • Records of punishment within 3 years
  • Without any strict measures to prohibit child labor and protect who has been pregnant
  • Without comprehensive management for foreign labors' living environment 

G

Purpose

Suppliers are required to conduct business operations ethically and with integrity, the highest standard for business ethics, and ensure that this standard is applied to all internal business operations.

---

• Assessment items

  • Degree to Which Corporate Sustainability has been Formally Incorporated
  • Sustainability Impact and Degree of Disclosure
  • Climate Change Adaptation
  • Business Continuity and Management
  • Supply Chain Management
  • Service Quality Management
  • Business Ethics and Philanthropy
  • Corporate Governance
  • IT/IS Security Management

• Principles of High Risk Suppliers

  • Records of punishment within 3 years
  • With IT/IS concerns and attacked records, intellectual property litigation within three years
  • Without the plan of BCP and SCM 

Supply chain sustainability risk due diligence results

In 2024, Winbond conducted surveys for Tier-1 significant suppliers, including raw materials, OSAT, and critical spare parts (such as quartz, photomasks, PAD) with significant procurement amounts and directly related to production and manufacturing. For the first time, due diligence was conducted for first-tier non-significant suppliers whose procurement amounts ranked in the top 90% of 2024, totaling 120 suppliers, with a recovery rate of 100%. Among the surveyed suppliers, the overall average ESG score was 86.3 points, with high scores clustered among raw materials and packaging testing suppliers. Additionally, observing the implementation items of Tier-1 significant suppliers in various sub-evaluation items, suppliers generally performed well in occupational safety and health and human rights labor and protection, with average scores rising to over 90 points compared to 2023. However, to enhance the overall resilience of the supply chain, Winbond suppliers still need to strengthen management practices in response to environmental changes and protection, emerging issues such as sustainable materials, and human rights due diligence management. In the future, to effectively continue to control the overall risk impact and sustainability level of the supply chain, Winbond will take four major measures.

In the future, to effectively continue to control the overall risk impact and sustainability level of the supply chain, Winbond will take four major measures. First, based on the results of desk audits, sustainability audits will be conducted for suppliers with significant negative impacts, including second-party industry standard on-site audits and introducing third-party verification units to accompany high-risk suppliers for on-site audits. Second, continue to hold sustainable supply chain upgrade forums, regularly providing suppliers with correct management thinking, thereby enhancing suppliers' improvement capabilities in environmental and social aspects. Third, introduce resources from government, industry, academia, and research in our country, providing suppliers with the necessary improvement resources, thereby reducing financial burdens. Fourth, use the Winbond Supplier ESG Interaction Network platform to proactively provide various corporate sustainability and training information.

Purpose

• Regularly survey, evaluate, and identify key risks and their impact levels in the supply chain.
• Conduct written audits based on ESG criteria to identify key focus suppliers.
• Perform on-site audits of key focus suppliers to identify high-risk categories and assess impact levels.
• Provide suppliers with improvement recommendations and appropriate resources.
• Mitigate concerns about the expansion of risk impacts.

Measures in 2024

Conduct sustainability-risk due-diligence assessments for significant suppliers.

Analyse and identify key risks associated with these significant suppliers.

Plan and carry out supplier sustainability-risk improvement (mitigation) activities.

Track and verify the progress of corrective actions taken by high-risk suppliers.

Performance in 2024

• 120 suppliers accepted the sustainability (ESG) due-diligence SAQ, covering 65 significant suppliers.
• 100% coverage of sustainability-risk due-diligence assessments for significant suppliers
• 100% completion rate of desk (written) audits for those significant suppliers
• Key risk categories
  • Ethics & governance
    • Information-security risk
  • Climate-change response & environmental protection
    • Sustainable materials
    • Biodiversity
• Number of Tier-1 suppliers with significant, actual negative impacts： 13
• Suppliers supported in corrective-action plan implementation：13 (100%)
• High-risk suppliers that underwent on-site audits：4 (100%)
• Suppliers with major actual or potential negative impacts whose contracts were terminated：0

Improvement Tracking and Support

Winbond requires high-risk suppliers to remedy identified deficiencies. Through on-site visits or written guidance, Winbond assists suppliers in drawing up corrective-action plans and mandates that they submit a concrete implementation plan within one month, detailing the issue, the improvement measures, and the expected completion date. The Sustainable Supply-Chain Team then monitors progress against the schedule, providing additional on-site or written technical support and training as needed, and closes the case once the deficiency has been verified as corrected. If a supplier still fails to meet requirements within two years, Winbond may reduce purchase volumes or terminate the business relationship. In 2024, thirteen high-risk suppliers were identified. All of them submitted corrective-action plans on time, and none had their contracts terminated for non-compliance.

2024 Key Actions for Supplier Sustainability Due-Diligence Self-Assessment

In the future, to effectively and continuously manage the overall risk impact and sustainability of the supply chain, Winbond will implement three major measures regarding the enhanced resilience of the supply chain mentioned above. First, through sustainability audits, implement sustainability assessments, including second-party on-site audits based on industry standards, and engage third-party verification bodies to accompany on-site audits of high-risk suppliers. Second, resources from our country's government, industry, academia, and research sectors will be introduced to provide the necessary improvement resources for suppliers, thereby reducing their financial burden. Third, using the Winbond Supplier ESG Interaction Network as a platform, we will proactively provide various corporate sustainability and training information.