Corporate Governance Practices
Actively implement operational transparency and continuously optimize organizational structure.
In order to improve corporate governance and strengthen the Company's competitive advantage to ensure the rights and interests of shareholders, THC has established the Audit Committee and the Remuneration Committee, subcommittees of the Board of Directors, to play a key role in assisting the Board’s responsibilities. In addition, THC has established the Auditing Office which takes responsibility of regularly performing an internal audit and reporting audit results to the Audit Committee and the Board.
- In November 2015, THC established “” to draw up guidelines for corporate governance, in the hopes of fostering sound corporate governance and correctly managing risks arising from changes in the markets.
- In November 2017, THC set up the Corporate Governance Committee to devise and adopt corporate governance methods to institutionalize, standardize, and rationalize business operations with comprehensive systems, so as to improve the total synergy and competitiveness of the Company and achieve the goal of sustainable development.
- In March 2018, THC passed the rating evaluation of international credit rating agency Taiwan Ratings Corporation. Taiwan Ratings consider that THC is a market leader in beverage packaging market and successfully expand to China and Southeast Asian countries, maintaining great relationships with customers. Therefore, THC received a long-term credit rating of “twA-”, and the long-term ratings outlook was “Stable”.
- On March 23, 2021, the Board of Directors resolved to appoint the corporate governance officer responsible for provision of information required for performance of duties by the directors and assistance in complying with laws and regulations.
In the future, THC’s implementation of corporate governance will primarily focus on consolidation of the Board structure and its operation, enhancement of information transparency, and integration of sustainability into corporate governance.
THC has drawn up “", ”, “Ethical Conduct Codes of Directors and Managers”, and “Whistle-blowing Procedures for Violations of Ethical Corporate Management”, and appropriate prevention measures against corruption and malfeasance. All THC Directors, senior management, and employees are committed to thoroughly implement such policies. The Auditing Office is in charge of assessing the internal operating procedures of the internal control system based on established duties and responsibilities of various departments and the Company’s management policy of organization, authority and responsibility, and conducting regular and irregular internal control and audit every year to establish a supervisory mechanism to prevent the occurrence of internal unethical and improper behaviors.
Ethical Corporate Management Best Practice Principles
The General Administration Department of the Company made "" in November 2015 which has been resolved by the Board of Directors that year and resolved in the shareholders’ meeting. These Principles have been released on the THC website for the reference of all stakeholders. These Principles state that when engaging in commercial activities, directors, managers, and employees shall not directly or indirectly offer, promise to offer, request or accept any improper benefits, nor commit unethical acts including breach of ethics, illegal acts, or breach of fiduciary duty for purposes of acquiring or maintaining benefits. These Principles have been amended by the Board of Directors on March 23 and May 8, 2020 and resolved in the shareholders’ meeting on June 19, 2020.
Whistle-blowing Procedures for Violations of Ethical Corporate Management
To implement the ethical management policy and actively prevent unethical conduct, the General Administration Department set up Whistle-blowing Procedures for Violations of Ethical Corporate Management on July 24, 2018 which has been implemented after approval by the CEO/Chairman to build up the policy of the Company’s internal and external whistle-blowing channels and procedures. Reporting channel:
- Email: email@example.com
- Address: No.6, 2nd. Road, Industrial Park, Xitun Dist., Taichung Taiwan, R.O.C (To Auditing Office)
- The Company holds related courses in “” to every new employees, and provides related educational trainings and promotion irregularly for directors, managers and employees. In 2020, the Company held in total 410 attendants and 205 hours of courses related to ethical corporate management.
- Irregularly promote ethical management in departmental meetings and operations meeting, and require all employees to implement it.
- The execution of ethical management in 2020 was reported to the Board of Directors by the chief auditor on March 23, 2021.
Implementation Status of Preventing Insider Trading
The Company has established “” approved by the Board of Directors on March 23, 2020 to draw up that the Company should, at least once per year, conduct educational campaigns to raise awareness of compliance among internal personnel (including directors, managers, and employees) with respect to related laws and regulations.
- Provide the Directors with continuing education courses or seminars of related regulations to assist the Directors in complying with laws and regulations. The implementation status of the Directors’ continuing education has been published on the Company’s website and in the Market Observation Post System (MOPS).
- Conduct regular educational campaigns among all directors, managers, and employees with respect to related laws and regulations. Educational campaigns are provided to new directors, managers, and employees in a timely manner.
- On November 30, 2020, the Directors, managers, and employees received related educational campaigns, including insider trading lessons in the sources of law, requisite elements, the civil and criminal liability, and some true stories. The contents of lessons provided also involve the scope of material inside information, confidentiality operations, disclosure procedures, and disciplinary measures. The slides of the lessons were also offered to all Directors, managers, and employees for reference.
To mitigate the operational impacts of potential risk losses, THC has planned that all departments carry out potential risk identification, and assessment of the environmental, social and corporate governance issues affecting the Company’s operations. All employees are responsible for comprehensive risk management to set up defenses through daily routines. THC has formed a crisis management team to immediately carry out appropriate actions and execute relevant plans in response to a risk loss occurring, ensuring the survival of the Company and resuming normal production and business activities soon.
Risk Identification and Management Procedures
Mitigation measures and control mechanism for the identified and analyzed risks are as follows:
|Type of Risk||Risk||Mitigation Measures|
|Market Risk||Horizontal competition
Fast moving consumer goods boom
International political and economic trends
|Financial Risk||Interest rate changes
Foreign exchange risk
|Operational Risk||Supply chain risk||
|Food safety risk
Labor law changes
|Occupational safety and health||
|Environmental Risk||Climate change||
The Company has established an Auditing Department which operates under the Board of Directors. There is a Chief Auditor who manages internal audit operations and supervises the Auditing Department in conducting internal audits as well as two additional auditors in the Department. The Chief Auditor is appointed by the Board of Directors. According to our , appointment, dismissal, evaluation and review, salary and compensation of internal auditors of the Company shall be submitted by the Chief Auditor to the Board chairperson for approval. The Department is responsible for:
- Implementing regular audits for the headquarters and projects.
- Investigating and evaluating the completeness, rationality and effectiveness of the internal monitoring system and various management measures.
- Investigating and evaluating the efficiency of various departments in carrying out work, projects and measures. These include appropriateness of manpower deployment, adequate recording of all transaction cycles, and ability to prevent waste, embezzlement and inefficient use of resources such as cash, inventories, and other assets. The Department also compares, evaluates and reviews operational performance and adopts effective countermeasures to increase operational efficiency.
Job Scope of the Chief Auditor
- Supervises corporate operations and management systems.
- Devises audit plans for each internal control, audit and management systems.
- Assists the Board of Directors and Board of Supervisors in monitoring the company.
- Devises guidance plans for regular and aperiodic production, sales, human resource, development and finance audits both locally and internationally.
- Conducts audits in accordance with orders from the executives and the Board.
- Reports audit updates to the Boards regularly and presents at Board meetings.
- Supervises, reviews, manages, and trains the company’s auditors
- Prepares audit and management reports.
Job Scope of the Auditor
- Implement audits for the nine business cycles of the internal control system in accordance with the annual audit plan.
- Assists the promotion, establishment, rectification and implementation of internal control and management systems in the company.
- Proclaims relevant audit information in accordance with the requirements of the Financial Supervisory Commission.
- Responsible for collection, investigation, organization, analysis and interpretation of audit data, and devises reports and suggestions.
- Conducts audits on operation of existing systems, regulations, plans, and policies in accordance with orders from executives.
- Assists supervisors in conducting regular and aperiodic production, sales, human resource, development, and finance audits locally and internationally.
- Assists supervisors in conducting audits in accordance with the orders of the executives and the Boards.
Annual audit plan
- Our company has established an Auditing Department which operates directly under the Board in accordance with Article 11 of the “Criteria for Establishment of Internal Control Systems in Listed Companies”. The Department is currently led by Chief Auditor Hong-Long Hsieh.
- The Auditing Department formulates annual audit plan and implements the following audit cycles in accordance with the “Criteria for Establishment of Internal Control Systems in Listed Companies” to evaluate the completeness, rationality and effectiveness of the company’s internal control system.
- Sales and receivables cycle
- Production cycle
- Procurement and payment cycle
- Human resource and payroll cycle
- Fixed asset cycle
- Financing cycle
- Investment cycle
- Digitalized information system management
- R&D cycle
In addition, in accordance with the regulations of the Securities and Futures Bureau, the Department conducts various audits periodically. These includes monthly audit for stock operations and transactions of financial derivatives, seasonally audits for endorsements and monitor of capital leases to others and subsidiaries. In addition, self-assessments of the internal control system, stakeholder transactions, management of the Board meeting, management of the Remuneration/Compensation Committee, compliance with International Financial Reporting Standards, and evaluation of accounting judgement procedure, measures and work flow for estimates are conducted annually to boost the company’s operational performance.
Procedure for self-assessment of the internal control system
Self-assessment of the internal control system is first performed by respective departments in accordance with internal control measures before the result are inspected and evaluated by the Auditing Department and submitted to the Board for review. The audit reports and following-ups are submitted to the company supervisor before the end of the next month after the audit in accordance with the “Criteria for Establishment of Internal Control Systems in Listed Companies”. The Auditing Department then issues a Statement of Internal Control and submits the Statement with audit reports to the Board for review. Upon approval, the reports are submitted for proclamation.
The Auditing Department of our company shall complete the following online proclamations
within the deadline set forth by the Financial Supervisory Commission.
- Annual Audit Plan for next financial year (before the end of December)
- Basic information of the Chief Auditor and auditors for the current financial year (before the end of January)
- Audit Plan Execution for the previous financial year (before the end of February)
- Statement on the Internal Control System for the previous financial year (before the end of March)
- Report of Internal Control Deficiencies and Abnormalities Improvement for the previous financial year (before the end of May)
Information Security Management Structure
In order to enhance management of information security, the MIS Office of THC established an “Information Security Team”, to be in charge of inspecting the information security management policies of all departments of the Group and supervising the security management operations. By the professional management, planning, supervision, promotion and implementation of the Information Security Team, THC expects to build comprehensive protection mechanisms for information security to increase employees’ awareness of information security and reduce information security risks. The material issues of information security are reported to the Board of Directors.
Information Security Policy
To ensure information security of the Company, all employees should, with information security awareness, self-manage in accordance with the Company’s information regulations. In addition to information security controls, the information system ensures the confidentiality, integrity and availability of personal data and transaction information.
To carry out the policy, the Information Security Team was established to formulate information security regulations to ensure the operational effectiveness of information security management.
- Draw up Information asset lists with the owners clearly specified to carry out the risk assessment based on the level of information assets, decreasing the risk and continuing to implement all control measures.
- When new related employees are hired, they should accept the evaluation and sign documents of relevant procedures. When they are transferred or resign, they should return their information assets. Information security is periodically promoted to employees to enhance their awareness of information security protection.
- It is strictly forbidden for employees to use their own networking devices to connect the extranet to the intranet. Firewalls and necessary security facilities are installed for the intranet and extranet. To maintain availability, appropriate redundancy or monitoring mechanisms should be installed for important equipment. All employees’ PCs should have anti-virus software installed and regularly checked for updates of virus patterns. It is forbidden to use unlicensed software.
- The employees should securely maintain and manage their accounts, passwords, and permission, which the administrators should regularly check and review. The data of critical systems should be backed up on a regular basis, and the recovery test should also be performed.
- In the initial design stages of system development, adding security mechanisms should be considered. The requirements of the information security for outsourced tasks should be strengthened.
- In case of an information security incident, the employees should immediately report the event and deal with it according to the procedures specified in the Information Security Incidents Instructions to prevent further expansion. They should also cooperate with the responsible department to solve the incident.
- For data accuracy, the employees should implement the reexamination mechanism in daily operation. Their supervisors should monitor the implementation of the information security system to increase employees’ awareness of information security safety and law.
- In response to the latest trends of the governmental laws and regulations, technologies, and businesses, the Company regularly reviews our information security policy to ensure the validity of the security practices.
Information Security Protection Concrete Actions
- The Company applies the Plan-Do-Check-Act (PDCA), a method for continual improvement of processes, in its information security management system. By the efficient system, regular Information Security promotion, and social engineering exercises, the employees’ greater awareness of information security can be built.
- The Company regularly carries out vulnerability assessment of host and equipment, and inspection of validity of the protection system. In response to new threats of information security, the Company introduces new information security protection equipment and software to reduce the all possible information risks and build a comprehensive cyber defense infrastructure.
- To ensure availability of important information systems, the Company establishes a back-up mechanism for the core information system and conducts Information technology and disaster recovery exercises twice a year.
Although the Company has not purchased the cyber insurance, the performance of the Information Security Team and the implementation of the Information Security Policy can also create a secure IT environment to ensure the information security of the Company's various services. The next objective is to complete the information security system of all plants to strengthen the information security network. In the future, the Company will not only recruit more information security talents, but also plan to carry out training courses and certifications, so the manpower and capability in information security system of the Company will be strengthened.