Risk Foresight and Crisis Management
Advantech defines various risks in alignment with its overall operational strategy and implements an Enterprise Risk Management System (ERM) to establish a structured mechanism for proactively identifying, precisely assessing, effectively monitoring, and strictly controlling risks. Prevent possible losses within the risk tolerance range and continuously adjust the best risk management practices according to changes in the internal and external environment. Major risks identified through Advantech's ERM process include economic, environmental, and social issues. Economic issues include business succession, management of overseas business subsidiaries, sustainable supply chains, information and cyber security, and cross-border tax issues. Environmental issues include low-carbon and eco products, climate transition risks, etc.; social issues include talent cultivation and retention, labor relations, personal data protection, etc.; the results of annual survey on material sustainability issues are also used to identify and assess major risk issues each year. Taking 2024 as an example, material sustainability issues were also considered as the main strategic or operational risk issues in ERM, for the proportion of up to 70%.
Advantech uses the ERM mechanisms to reduce or mitigate the potential impact of risks on the Company's revenue, costs, and reputation; at the same time, we proactively explore opportunities that may arise from sustainability risks, such as investing in solar energy, wind power, and electric vehicle-related applications, and developing energy management platforms that can be applied to different industries.
Risk management governance framework and organization
As the highest governance unit for risk management, the Board of Directors oversees the overall risk management mechanism and approves update of policy and procedures. The Board of Directors, and also by delegation to Sustainable Development Committee and Compensation Committee are responsible for the supervision and tracking of pan strategy risk topics and global risks, while Audit Committee are responsible for the supervision and tracking of operational risks.
The Risk Management Team (“the Team”) serves as the Company’s highest risk management authority and is responsible for overseeing and enhancing the risk management processes. Each year in Q4, the Team launches a risk survey and identification process, and coordinating with responsible management units to finalize the assessment and mitigation plans for major risks by early the following year. Given rapid fluctuations in the business environments, a mid-year review is also conducted to reassess major risk exposures and adjust mitigation actions accordingly. Major risk topics and corresponding mitigation actions are incorporated into quarterly risk management meetings or senior management meetings to facilitate discussion and monitor implementation progress.
Functional managers are responsible for developing mitigation actions for identified risks and overseeing actions implementation. Internal Audit, meanwhile, closely monitors and also facilitates various risk management processes, while also providing enhancement suggestion. When necessary, Internal Audit conducts audits on specific risk topics. Generally, major risks with unclear implementation progress would be prioritized for annual project audits. Proposals for enhancing ERM mechanism are jointly developed by the Risk Management Team and Internal Audit through collaborative discussions. The Company also engages external consultants as needed to provide counseling, conduct audits, and offer recommendations on the risk management related mechanism and its operations.

Advantech's Risk Map

The high and medium risk areas highlighted in orange on the risk map has exceeded the Company’s tolerable risk appetite, and it is necessary to adopt risk adjustment strategies and countermeasures as a priority to reduce the likelihood of occurrence or the level of potential impact, and the improvement results are closely monitored.
Mitigation actions and risk appetite for major risk items
