Risk Management

Risk Management Governance Structure

The FHC has set up an independent Risk Management Division to implement governance and ensure measured risk-taking. The division is responsible for establishing the related policies and guidelines and also for executing risk management practices throughout the Group.
Each subsidiary has set up its risk management department based on the regulatory laws or business nature to control and integrate risk management according to various respects of FHC’s risk management procedures and policies.
The FHC and its major subsidiaries established the Risk Management Committee to oversee the implementation of risk management. The Risk Management Committee is responsible for monitoring the Group’s risk exposure, and ensuring regular operation of the risk management system.

Risk Management Procedure

1.Group Risk Management Committee and Risk Management Executive Committee
The FHC's Risk Management Committee was upgraded to become a functional committee under the Board of Directors on April 1, 2023. It comprises at least three directors, of which at least half are independent directors. The committee oversees risk management-related operating mechanisms. Risk Management Executive Committee are attended by the highest level supervisors of risk management units of the FHC and its major subsidiaries. These meetings serve as a risk management exchange platform, and supervise the implementation of the Group’s risk management.
2.Risk Management System
The FHC and the subsidiaries have developed or applied risk management information systems for VaR calculation, credit scoring, credit risk alerting, conglomerate credit/investment limit, and operational event reporting.
3.Risk Management Reporting
The risk management units of the FHC and its subsidiaries periodically submit risk management reports to the Board of Directors to fully disclose various risk exposure and compliance status(Note 1). The company's risk management report includes: regular reviews of the implementation of various risk management mechanisms (such as risk measurement indicators, concentration exposure, stress testing, etc.), and summary assessments of major risk events (Note 2).

Note1: Reports were submitted to the Board of Directors on March 5, May 15, and August 15 in 2024.
Note2: For major risk events in the second half of 2023 and the first half of 2024—such as commercial real estate risks in Europe, the United States, and Mainland China, and geopolitical risks in the Middle East—the risks have been assessed as controllable, and appropriate risk management and control measures have been implemented.

Risk Management Policy

The risk management policy and the related guidelines, which are the mainstay of risk management, are all scrutinzed by the Risk Management Committee and approved by the Board of Directors after review. They clearly delineate the
responsibilities and operating mechanisms of risk management. Our employees are required to follow the policies and the guidelines, especially for the
transactions related to investment and loan business.

The Company's main risk sources can be categorized into market risk, credit
risk, operational risk, insurance risk, liquidity risk, emerging risk, ESG and
climate risk, reputation risk, and capital adequacy. The Risk Management
Division is responsible for developing management guidelines, rules, and
compliance policies for each risk type of risk concerned. The subsidiaries also
set the criteria based on the policies set by the Company and authority for risk
management activities.