Risk Management

Risk Management Governance Structure

The FHC has set up an independent Risk Management Division to implement governance and ensure measured risk-taking. The division is responsible for establishing the related policies and guidelines and also for executing risk management practices throughout the Group.
Each subsidiary has set up its risk management department based on the regulatory laws or business nature to control and integrate risk management according to various respects of FHC’s risk management procedures and policies.
The FHC and its major subsidiaries established the Risk Management Committee to oversee the implementation of risk management. The Risk Management Committee is responsible for monitoring the Group’s risk exposure, and ensuring regular operation of the risk management system.

Risk Management Procedure

1.Group Risk Management Committee and Risk Management Executive Committee
The FHC's Risk Management Committee was upgraded to become a functional committee under the Board of Directors on April 1, 2023. It comprises at least three directors, of which at least half are independent directors. The committee oversees risk management-related operating mechanisms. Risk Management Executive Committee are attended by the highest level supervisors of risk management units of the FHC and its major subsidiaries. These meetings serve as a risk management exchange platform, and supervise the implementation of the Group’s risk management.
2.Risk Management System
The FHC and the subsidiaries have developed or applied risk management information systems for VaR calculation, credit scoring, credit risk alerting, conglomerate credit/investment limit, and operational event reporting.
3.Risk Management Reporting
The risk management units of the FHC and its subsidiaries periodically submit risk management reports to the Board of Directors to fully disclose various risk exposure and compliance status. When a major risk event occurs (e.g., the U.S. banking crisis and Credit Suisse crisis in 2023), the risk management units would summarize information and report to their superiors to strengthen the implementation of risk management mechanisms. The FHC periodically examines risk assessment indicators, exposure to concentration risk, and stress test results. It also reports the operating status of risk management to the Board of Directors on a quarterly basis (Note).

Note: Reports were submitted to the Board of Directors on March 9, May 11, and August 17, 2023.

Risk Management Policy

The risk management policy and the related guidelines, which are the mainstay of risk management, are all scrutinzed by the Risk Management Committee and approved by the Board of Directors after review. They clearly delineate the
responsibilities and operating mechanisms of risk management. Our employees are required to follow the policies and the guidelines, especially for the
transactions related to investment and loan business.

The Company's main risk sources can be categorized into market risk, credit
risk, operational risk, insurance risk, liquidity risk, emerging risk, ESG and
climate risk, reputation risk, and capital adequacy. The Risk Management
Division is responsible for developing management guidelines, rules, and
compliance policies for each risk type of risk concerned. The subsidiaries also
set the criteria based on the policies set by the Company and authority for risk
management activities.