元大金控元大金控 元大金控元大金控 元大金控元大金控

Risk Management
Risk Management Organizational Structure

Yuanta Financial Holdings' risk management structure covers the board of directors, the Audit Committee, the Risk Management Committee, company management, risk management units, legal and compliance units, information units, as well as all business units.

Board of Directors

The board of directors holds ultimate responsibility for risk management regarding all operations. Its major duties include approval of the Company’s risk management policy and risk management systems, approval of annual risk limits, monitoring of indicator thresholds, and supervision of the implementation of the Company’s risk management systems.

Audit Committee

The Audit Committee assists the board of directors in its risk management role. Its chief responsibilities include review of the Company’s risk management policies and risk management systems, review of annual risk limits, monitoring the threshold of indicators, overseeing the management of the Company’s existing or potential risks, and assisting the board of directors in supervising the implementation of risk management systems.

Company Management

Company management monitors risks associated with all Company business operations, and ensures that the Company’s risk management system can completely and effectively control all relevant risks.

Risk Management Committee

The Risk Management Committee assists the Audit Committee and the board of directors in executing their risk management duties. Its main objectives include review of annual risks limits, monitoring of indicator thresholds, review of risk management reports, assistance in supervising the implementation of risk management systems, integration and coordination of Company subsidiaries risk management issues, and communication of other important matters relating to risk management.

Risk Management Department

Directly responsible to the board of directors, the Risk Management Department is responsible for the drafting of the Company's risk management system, establishing effective methods and risk management systems for measuring risks, monitoring and analyzing risks, as well as the timely reporting and early warning of significant risks.

Compliance Affairs Department

The Compliance Affairs Department executes control over compliance risk, ensuring that all operations and management rules and regulations are updated in a timely manner in accordance with relevant laws and regulations, supervising legal compliance managers of each unit to implement the introduction, establishment, and execution of the relevant internal regulations, and helping to evaluate any legal risks associated with the Company’s operations.

Legal Affairs Department

The Legal Affairs Department executes control over legal risk, and assists in evaluating business and legal documents, contracts, and other matters that may involve legal risk.

Information Departments

The information departments shall implement information security risk control to help avoid information security risks that could jeopardize the normal operation of related information systems due to intentional external intrusion or internal misuse, leakage, tampering, or destruction of information assets.

Business Units

Each business unit shall review each risk management specification in its entirety and comply with each risk management specification prior to the execution of each operation.

The risk management organization of the Company follows a “three lines of defense” model, with each line having clearly defined organization, responsibilities, and functions to ensure the effective implementation of risk management mechanisms.

Risk Management Policy

In order to establish the Company’s risk management standards, and ensure that its risk management is comprehensive, effective, and reasonable, Yuanta has set in place its risk management policy to serve as guiding principles for its risk management system. The Company's risk management systems shall adhere to this policy, and shall be set after taking into consideration the various risk attributes faced and their potential impact on the Company's operational stability and capital security.

The Company’s risk management system shall cover company-wide operational risks, legal and compliance risks, and environmental risks. Subsidiaries shall establish a risk management system in accordance with the Company's risk management policy and the regulations of the local competent authorities that is consistent with their business portfolio, business scale, and capital size in order to effectively manage the various risks they undertake.Each subsidiary has established an appropriate risk management policy based on its business portfolio, business scale, and capital size. The Company continuously reviews the risk management policies of each subsidiary to ensure that it can effectively manage the various types of risks to which it is exposed.

The major categories and components of the Company’s and each subsidiary’s operational risk are as follows:

Market Risk

Market risk refers to the risk of market prices, volatility, or other related changes that can result in losses to the Company's financial position. Market prices can include indexes, stock prices, interest rates, exchange rates, products and credit premiums. The market risk management principles of the Company and its subsidiaries include the setting of risk early-warning indicators, risk limits and quantitative values of risk based on the Company’s risk tolerance level to accurately estimate potential losses and effectively control market risk. Our value at risk (VaR) measurement model uses as a risk measure the maximum expected loss over the next trading day, which is estimated at a 99% confidence level.

Credit Risk

Credit risk refers to risk arising from the following situations:

  • Instances in which a bond (bill) issuer, borrower, counterparty, or custodian violates their contract, experiences bankruptcy or liquidation, or otherwise fails to uphold their contractual obligation to discharge debt liabilities, resulting in the risk of losses;
  • Instances in which a bond (bill) issuer, borrower, or counterparty’s guarantor violates their contract, experiences bankruptcy or liquidation, or otherwise fails to uphold their contractual guarantee liabilities, resulting in the risk of losses;
  • Instances in which the underlying instrument of a financial product experiences weakened credit or has its credit rating reduced, or in which the issuance contract of a financial product is violated, resulting in the risk of losses.

The Company and its subsidiaries set separate credit risk management mechanisms based on their respective risk attributes:

  • Credit authorization risk: Using a credit rating or credit scoring model to classify and manage credit authorization cases and strengthen the credit risk measurement mechanism, in order to increase credit asset quality; using an early warning mechanism to integrate with the middle-term management platform, and immediately initiating post-authorization credit management and response measures, in order to reduce potential losses from credit risks.
  • Financial transaction credit risk: in order to effectively integrate the Company and its subsidiaries' financial transaction credit risk distribution pattern, closely monitor any changes to the financial transaction credit exposure of the Company or its subsidiaries, the Company has not only implemented internal credit rating systems and credit risk classification and management to effectively evaluate and control financial transaction credit exposure, but has also established a credit early warning system and notification procedures to effectively respond to credit incidents.
Market Liquidity Risk

Market liquidity risk refers to insufficient market trading volume continuity or market disorder leading to a clear decline in trading volume, causing asset sales or closure of positions currently in progress to face the risk of potential losses. To reduce market liquidity risks, the Company and its subsidiaries have set specific guidelines for liquidity positions and potential loss limits based on their respective business areas and financial product characteristics, in order to ensure the market liquidity of the Company's overall positions.

Asset-liability Matching Risk

Asset-liability matching risk includes asset liquidity risks and interest rate risks. Asset liquidity risk refers to situations in which assets cannot be sold in a timely manner or external financing cannot raise sufficient capital, causing a risk of inability to meet scheduled payment obligations. Interest rate risk refers to fluctuations in market interest rates which cause the net interest income of interest-bearing assets and interest-bearing debts to face risks from adverse changes.

The Company and its subsidiaries’ asset liquidity risk management is based on the characteristics of its various business areas, and sets in place appropriate asset liquidity risk monitoring standards, pre-assessment of potential funding gaps, effective control of overall asset liquidity risks, as well as setting in advance capital movement plans sufficient to respond to systematic risk events, in order to strengthen the asset liquidity risk management capabilities of the Company and its subsidiaries.

The Company and its subsidiaries’ interest rate risk management includes identification and measurement of interest rate repricing, yield curve risk, basis risk, options features, and other sources of risk, as well as using quantified monitoring indicators to set early warning values for evaluation, in order to effectively control the negative impact of interest rate changes on the net interest income of the Company’s interest-bearing assets and interest-bearing debts.

Large Exposure Concentration Risk

Large exposure concentration risk refers to business concentration resulting in a specific risk factor, resulting in situations in which an unanticipated change in said risk factor can lead to the risk of significant losses for the Company. The Company and its subsidiaries have established large risk exposure management systems, which include credit authorization, investment and business transaction risks, and monitor overall risk exposure concentration levels on a same person (enterprise), same Group, same industry, and same country basis.

Insurance Risk

Insurance risk refers to the risk of loss due to unanticipated changes when the insurance business is operated and assumes the risk of transferring the insured after receiving the premiums and paying the claims and related expenses according to the contract. Insurance risk management includes product design, pricing, policy underwriting, reinsurance, catastrophe insurance, claims, reserves, and other types of risk.

The Company's insurance subsidiary has managed insurance risks by setting standard operating procedures and management mechanisms, and implementing a monitoring mechanism to effectively strengthen the Company's insurance risk management abilities.

Operational Risk

Operational risk refers to the risk of losses arising directly or indirectly from negligence or errors in internal operations, staff or systems, or from external events. The Company and its subsidiaries’ operational risk management is based on the principle of implementing the standard operating procedures and control points established in the internal control and internal audit systems, and ensuring the functioning and effectiveness of control points and check points through regular self-assessments of internal controls. Additionally, the Company strengthens its overall operational risk management through the gradual establishment of operational risk management mechanisms such as operational risk incident reporting, standard operating procedure reviews, operational risk measurement, risk control, and self-assessments.

Information Security Risk

Information security risk refers to the extent to which the normal operation of business-related information systems is affected or jeopardized by improper use, leakage, tampering, or destruction of information assets due to human negligence, intentional, or natural disasters. In order to strengthen information security management and ensure the availability, integrity, and confidentiality of information, the Company and its subsidiaries have established an information security policy approved by the board of directors, which all employees of the Company and its subsidiaries and the personnel assigned by outsourcing companies should comply with to maintain information security.

Human Resources Risk

Human resources risk refers to the risk related to human rights issues of employees and the development and management of human resources of the Company, such as attracting, retaining, and developing talents.

Emerging Risks

Emerging risks refer to new types of business or new types of risks that may have adverse effects on future business operations due to the failure to identify and evaluate risks.

Compliance Risk

Compliance risk refers to the risk of incurring penalties from the regulatory authorities, resulting in significant financial or reputational loss, when the Company engages in business activities without fully complying with relevant laws and regulations. The Compliance Affairs Department of the Company and its subsidiaries is responsible for the planning, management, and implementation of the legal compliance system and the establishment of the legal dissemination, consultation, coordination, and communication system. The department is also responsible for: ensuring that all operational and management guidelines comply with the law and are updated in a timely matter; producing opinions on the legality of and granting approval to the Company’s internal regulations; analyzing each department’s legal compliance material weaknesses or malpractice, and submitting improvement plans; assessing the effectiveness of each department’s legal compliance procedures, in order to ensure the effective implementation of the Company’s legal compliance system.

Legal Risk

Legal risk refers to the risk of potential loss due to invalidation of the contract due to its lack of legal validity, ultra vires acts, omission of terms and conditions, and inadequate regulations. The Legal Affairs Department of the Company is responsible for the preparation, review, and management of external contracts, legal disputes, and consultation and handling of legal matters related to non-litigation and litigation cases.

Risks of Money Laundering and Financing of Terrorism

Risks of money laundering and financing of terrorism refer to the risks that the business is abused for money laundering or financing of terrorism activities. In order to ensure the Company’s compliance with anti-money laundering and countering the financing of terrorism laws and regulations, the Company has established an anti-money laundering and countering the financing of terrorism policy as a management mechanism to identify, measure, and monitor risks of money laundering and financing of terrorism.

Integrity Management Risk

Integrity management risk refers to the risk that a director of the board, supervisor, manager, employee, or person with substantial control over the Company will directly or indirectly offer, promise, request, or receive any improper benefit or commit other unethical conduct such as breach of good faith, wrongfulness, or breach of fiduciary duty in the course of engaging in business activities in order to obtain or maintain benefits. The Company has established a mechanism to assess the risk of unethical conduct, and regularly analyzes and evaluates the business activities with higher risk of unethical conduct within the scope of business, so as to formulate a prevention plan and regularly review the appropriateness and effectiveness of the prevention plan.

Environmental Risk

Environmental risk refers to the risk of greenhouse gas emissions management, carbon rights management, energy management, and other related issues in response to climate change and natural disasters, as well as the risk of compliance with international and local environmental regulations such as the management of air, water, waste, toxic substances, noise, and emissions or environmental impact assessment (EIA) requirements.

Emerging Risks

With the increasing global regulatory requirements, the rapid development of emerging technologies, and the threats of climate change, future risk management of the financial industry will undergo tremendous changes. In response to this trend as early as possible, Yuanta Financial Holdings has completed emerging risk identification, follow-up plans and actions to further enhance the efficiency and effectiveness of risk control.

Risk Factor
Risk Description
Potential Operational
Impact or Influence
Response Plan
Risk of Infectious Diseases
Diseases with large scale, strong infectivity, severe symptoms and no effective treatment or medicine; community infections caused by the movement of people trigger a large number of human deaths in cities or countries, and even necessitate widespread isolation.
  1. The Company is affected by the epidemic, resulting in personnel isolation and increased operating costs, which will most seriously cause interruption of operations;
  2. Increase in credit risk due to reduction of orders, decline in operating income, and interruption of operations caused by the customers affected by the epidemic;
  3. Abnormal fluctuations in financial markets caused by the epidemic resulting in increased losses in the Company’s investment positions.
  1. Set up an epidemic prevention team to plan and direct Company-wide epidemic prevention procedures, such as conducting epidemic prevention campaigns, implementing division of offices for different locations or work at home, and epidemic prevention measures for personnel, and increasing the frequency of disinfection;
  2. Assist customers in epidemic prevention and reduce the impact of the epidemic on customers;
  3. Pay attention to the situations of the regions or countries affected by the infectious disease, inspect and assess the possible extent of the impact on the risk-exposed positions, to reduce the impact of loss.
Asset Bubble
  1. As a result of the COVID-19 pandemic and the extremely loose monetary policies implemented by governments to stimulate the economy, the market has been flooded with capital. Coupled with low interest rates, the prices of financial assets and real estate markets have risen and the risk of bubbles continues to rise.
  2. The International Monetary Fund (IMF) has warned that the disconnect between financial markets and the real economy is continuing and that global asset prices may face the risk of a pullback once investors reassess the global economic growth outlook or policy prospects.
  1. If there is a significant correction in the price of risky assets, a major default in emerging countries, or abnormal fluctuations in oil prices or commodity prices, the Yuanta Group’s financial asset trading positions and customers’ wealth management positions may suffer a decline in price and the default rate of customers or investment positions may increase.
  2. In the event of a real estate bubble that causes prices to collapse, not only will the Yuanta Group’s investments in real estate fall in value, but also the default rate of customers who provide guarantees on real estate may increase, resulting in higher lending loss rates.
  1. In addition to the categorized management of investment countries and industries, we will strengthen the management and control of high-risk countries or high-risk industries.
  2. Establishing risk monitoring indicators and conducting regular monitoring of various risks such as liquidity, credit spreads, and market volatility.
  3. Enhancing monitoring and risk assessment of credit, investment, and financial counterparties in emerging countries and countries with such risk.
  4. Strengthening the monitoring of credit rating changes and related negative news of credit risk targets, and providing risk warnings.
Geopolitics
  1. In recent years, global geopolitical risks have become increasingly complex and diverse, and frequent geopolitical conflicts will trigger confrontation between regions, which will lead to a rise in protectionist sentiment among countries and impact global economic growth. A more fragmented geopolitical environment will also make the outlook for policies more unpredictable and extreme, leaving companies in a highly uncertain supply chain management, tax burden, and regulatory environment.
  2. Geopolitical risks are also adding uncertainty to the future outlook, increasing volatility in the capital markets, triggering investor fears, and affecting global capital flows.
  1. The new international order of competition has led to a reorganization of the global supply chain and a series of supply chain shortening and shifting effects. If the Yuanta Group fails to grasp the business opportunities and provide the financial services required by its corporate customers (institutional investors), it may affect its future profitability.
  2. Increased geopolitical turmoil may impact on the gradually recovering economic growth, reduce the buffering capacity of countries with high debt burdens and low fiscal buffers, and further threaten the global government debt structure, resulting in increased investment losses and customer defaults for the Yuanta Group.
  1. In addition to cultivating the Taiwan market, the Yuanta Group continues to expand its overseas territories in South Korea, Hong Kong, Thailand, the Philippines, Vietnam and Indonesia. Through the integration of the Yuanta Group’s businesses and the development of local niche markets, the Yuanta Group will gradually increase its overseas profit contribution to enhance regional diversity and spread its profit sources.
  2. We pay close attention to changes in the world’s political and economic situation, conduct timely risk assessments and site adjustments for general risk events (countries/ industries/ groups/ commodities) and specific abnormal events (negative news targets), and improve monitoring of countries or regions with higher geopolitical risks.
  3. Establishing the management mechanism of the list of investable countries and strengthening the monitoring of the sovereign credit default swap (CDS) discounts, total foreign exchange reserves, dual deficit indicators, etc, to monitor the risk of emerging countries.