Investor

INVESTOR

Corporate governance

Corporate Governance Operations

XXXXXX

公司治理主管

On November 3, 2020 (109th year), the Board of Directors approved the appointment of Finance Department Manager Chiang Chia-Chun as the Corporate Governance Officer.

To enhance the functionality of the Board of Directors and protect shareholder rights, on October 31, 2023, the Board of Directors approved the establishment of the Board Secretariat as a corporate governance unit. Manager Chiang Chia-Chun was also confirmed as the dedicated Corporate Governance Officer. Chiang has over three years of experience as a supervisor in charge of finance and corporate governance-related matters for a publicly listed company.

Additionally, Chen Shu-Ling (qualified in stock affairs with relevant experience and certified by the 2019 Securities Institute Test, certificate number 108證基股測證字第4610256012號) was appointed to assist in corporate governance operations.

Main Responsibilities Include:

(1) Managing meetings of the Board of Directors and Shareholders’ Meetings in accordance with the law.
(2) Preparing minutes for the Board of Directors and Shareholders’ Meetings.
(3) Assisting directors with onboarding and ongoing training.
(4) Providing directors with the information needed for executing their duties.
(5) Assisting directors in complying with legal regulations.
(6) Conducting compliance reviews for independent directors.
(7) Managing matters related to director changes.
(8) Other tasks defined by the Articles of Incorporation or contracts.

2024 (113th year) Operations Summary:

1. Execution of Duties:

(1) Organized 5 Board of Directors meetings and prepared meeting minutes.
(2) Organized 1 Annual Shareholders’ Meeting and prepared meeting minutes.
(3) Facilitated training for 11 directors, totaling 69 hours.
(4) Provided directors with necessary materials for executing their duties, including relevant meeting documents 7 days before Board meetings.
(5) Ensured directors’ compliance with legal regulations during business execution or formal resolutions.
(6) Reported on the compliance of independent directors to the Board.
(7) Managed the pre-registration of Shareholders’ Meeting dates, as well as timely updates for amendments to the Articles of Incorporation or director elections.

2. Training Overview:

Date	Organizer	Course Title	Hours
113.09.03 - 113.09.04	Chinese Corporate Governance Association	Climate Risk Identification Workshop & Net Zero Advocacy Meeting	9
113.09.06	Securities & Futures Institute	2024 Insider Trading Prevention Advocacy Meeting	3
113.10.22	Taiwan Stock Exchange	2024 Listed Company Business Advocacy Meeting	3
113.11.05	Securities & Futures Institute	How the Board Ensures Corporate Sustainability: Talent Discovery and Development	3

XXXXXXXXXX

防範內線交易之落實情形

Implementation of Insider Trading Prevention Measures:

(1) Education and Advocacy:

The company arranges educational sessions on the “Insider Trading Prevention Policy” and related regulations for new directors and managers within three months of their appointment.
For newly hired employees, the Human Resources Department provides education on insider trading prevention during pre-employment training.

(2) Announcement and Reminders:

The company announces its annual and quarterly financial reports on the same day as approval by the Board of Directors. Directors are reminded, when meeting notices are sent, not to trade company stocks during the blackout periods:

30 days prior to the announcement of annual financial reports.
15 days prior to the announcement of quarterly financial reports.

For 2024 (113th year), the dates of advocacy regarding prohibited trading during blackout periods are as follows:

Board Meeting Date	Advocacy Date (E-mail)	Report Period
113/02/26	113/01/19	Financial Report for FY112
113/04/30	113/04/02	Q1 Financial Report FY113
113/07/30	113/07/02	Q2 Financial Report FY113
113/11/05	113/10/04	Q3 Financial Report FY113

(3) Employee Training:

Insider trading prevention education sessions were conducted on September 20, 2024 (113th year) and October 18, 2024, for employees at three plants (or units).
Each session lasted one hour, with a total of 47 attendees.

XXXXXXXXX

推動企業信經營具體落實情形

Specific Implementation of Promoting Ethical Business Practices:

(1) Education and Advocacy:

On September 20, 2024 (113th year) and October 18, 2024, the company conducted a one-hour “Ethical Business and Insider Trading Prevention Advocacy” session for employees across three plants (or units), with a total of 47 participants.

(2) Compliance Status:

As of December 31, 2024, no incidents of violations of ethical business practices have been identified.
The company has not received any internal or external reports regarding violations of ethical business practices. The implementation status remains normal without any irregularities.

XXXXXXXXX

資通安全落實情形

Implementation of Information Security Measures:

Information Security Organization Structure
In Year 2024, we already hold one Governance and Review Meeting. When serious information security incident happens, we will hold meeting anytime to make action plan and do the management follow-up.
Management Level Support
On 2024/11/05, we already report the 2024-year information and communication security (InfoSec) management status to the Board of Directors.
InfoSec Resource Input
(1) Critical Asset Risk Management – For better system availability and reliability:
• Remote Data Backup: Use self-built VPN secure network and auto-schedule to backup main server system to Taipei company.
• Disaster Recovery Drill: Simulate ERP main server failure and do recovery test using Taipei backup, restore into HR virtual machine to continue service.
(2) Data Security Management – To protect data from malware attack:
• User Workstation Audit: Check legal software, auto system update, antivirus auto update, and data backup.
• NAS Server Management: Check disk array health, firmware update, and backup NAS management.
• Firewall Management: Check event log, adjust related security settings.
(3) Operational InfoSec Management – Keep updating with time, follow InfoSec operations:
• Update InfoSec Standard Manual according to third-party Deloitte audit suggestions, internal audit suggestions, public company guidance, and Taiwan CERT incident reports and treatment advice.
• On 2024.01.29, update to A10 version: change “Information Security Operations” to larger meaning “Information and Communication Security Operations”; add Appendix 4: Disaster Recovery Record Form.
• On 2024.07.26, update to B1 version: create operations for “InfoSec Promotion Team”.
• On 2024.10.24, hold “InfoSec Promotion Team” meeting: strengthen each department’s important data backup work, increase security of important data.
• Send computer center staff to external education training.
• Hold InfoSec operation training in each factory/site: use real incident example to explain prevention and how to handle it.
Cybersecurity and Network Risk Assessment
(1) In Year 2024, we do InfoSec risk evaluation by steps: identify risk, analyze, define risk level, and do risk evaluation. No high impact found on business operation.
(2) Deloitte audit on internal control for information system in Year 2024 did not find serious risk.
(3) External company do network security test twice in Year 2024. No big cybersecurity issue found.
InfoSec Incidents
(1) No major InfoSec incident happened in past 3 years that cause company loss or affect operation.
(2) Every year we do ERP system off-site recovery drill to respond fast in abnormal situation.

Investor

INVESTOR

Investor

Corporate Governance Operations

公司治理主管

2024 (113th year) Operations Summary:

防範內線交易之落實情形

Implementation of Insider Trading Prevention Measures:

推動企業信經營具體落實情形

Specific Implementation of Promoting Ethical Business Practices:

資通安全落實情形

Implementation of Information Security Measures:

Headquarters

General Administration Office

Fugang Plant

Toufen Plant

About GCM

Products

Can insights

News

ESG

Investor

Careers

Contact

About GCM

Products

Can insights

News

ESG

Investor

Careers

Contact