Corporate governance

Integrity Management

Ethical Business Practices

CHS upholds integrity and ethical conduct as the highest guiding principles of its operations. The Company adheres to standards of corporate honesty, fairness, and impartiality in both internal and external affairs. It strictly complies with all applicable laws and regulations. An annual report on the implementation of integrity management policies and measures is submitted to the Board of Directors. The 2024 implementation details are as follows:

Implementation Measures and execution Status

Items Implementation Measures Execution Status
Establishment of Regulations and Guidelines
  • CHS has established the "Ethical Corporate Management Best Practice Principles" and the "Procedures and Guidelines for Ethical Corporate Management and Conduct" in accordance with TWSE's "Ethical Corporate Management Best Practice Principles for TWSE/TPEx Listed Companies"
  • The Company has established the "Standards of Ethical Conduct for Directors," the "Standards of Ethical Conduct for Managers and Senior Professionals," and the "Code of Ethics for Employees," which clearly define the rules regarding conflicts of interest.
  • The Company has established the "Standards for Handling the Acceptance of Gifts, Entertainment, and Lobbying," providing guidelines for employees when dealing with relevant situations.
  • The Company has established the "Employee Work Rules" and "Reward and Punishment Measures" to regulate employee behavior. Violations of these regulations are addressed according to the severity of the infraction.
 Relevant regulations and guidelines are placed in the Company's knowledge management system for colleagues to reference.
Intellectual Property Protection
  • The Company has established the “Trade Secret Management Procedures.” All employees are required to comply with relevant intellectual property regulations, including ownership, confidentiality obligations, and non-infringement assurances. Employees are also prohibited from using others’ trade secrets without proper authorization.
  • Procurement contracts and engineering appendices clearly state that contractors must comply with the Company's IP rights, confidentiality obligations, and non-infringement assurances, and may not violate the IP rights of others.
  • All employees have signed a “Confidentiality Agreement for Employees.”
  • These regulations are available on the Company's website under Procurement Downloads (Website) for suppliers and contractors to review.
Supplier and Contractor Management
  • In the General Environmental and Safety Regulations, it is stipulated that any supplier or contractor found guilty of bid rigging, collusion, bribery, or offering illicit benefits to the Company's personnel or their relatives may be subject to compensation claims and permanent disqualification from future dealings.
  • Procurement contracts and engineering appendices also specify that in cases of unethical conduct, violation of labor laws that harm labor rights, or direct/indirect funding of armed groups that severely violate human rights, the Company may terminate the contract in whole or in part without notice and may claim penalties.
Educational Advocacy
  • Supervisors at all levels continuously promote the Company's principles of ethical business conduct and emphasize the importance of integrity through various internal meetings, ensuring that no misconduct is tolerated.
  • All new employees undergo anti-corruption education and training on the "Code of Ethics for Employees" during their pre-employment orientation.
  • To prevent insider trading, periodic training is provided to directors and managerial officers on the blackout period and related financial regulations.
  • All new employees have received anti-corruption training.
  • Four sessions of insider trading prevention training were conducted for directors and managerial officers.
Whistleblowing Channel for Ethical Violations The Company has established the "Procedures for Reporting Ethical Violations," with a designated reporting channel (Website). The Internal Auditing Department is responsible for handling such reports. The identity of whistleblowers and report content are kept strictly confidential. If an investigation reveals a major violation or risk of significant damage to the Company, a report will be prepared and submitted in writing to the independent directors. In 2024, one case was reported. After careful verification and internal review, the matter was handled appropriately by the responsible unit. The investigation concluded that the case did not involve corruption or violation of operational procedures.

Regulatory Compliance

CHS strictly complies with national labor, corporate governance, occupational safety and health, and environmental laws and regulations. To mitigate the risk of regulatory violations and penalties, the Company has established a compliance system and conducts quarterly audits (four audits were conducted in 2024, all completed on schedule, achieving a 100% timely identification rate of regulation updates). This system enables the timely identification of legal amendments and enhances regulatory compliance in all operations. In the past three years, aside from the following cases related to occupational safety and land use (as explained below), the Company has not been subject to administrative penalties due to legal violations.

No./Item 2022 2023 2024
1 Safety and Health - - Two incidents occurred. Violations included:
  • Article 224, Paragraph 1 of the “Regulations for the Occupational Safety and Health Equipment and Measures,” and Article 6, Paragraph 1, Subparagraph 5 of the “Occupational Safety and Health Act.”
  • Article 36, Subparagraph 1 of the “Regulations for the Occupational Safety and Health Equipment and Measures,” and Article 6, Paragraph 1, Subparagraph 13 of the “Occupational Safety and Health Act.”
Reporting Unit - - Labor Affairs Bureau of Kaohsiung City Government
Number of Cases/Total Amount 0 case/NT$0 0 case/NT$0 2 cases/NT$110,000
2 Others - - The Company-owned plots (591 and 593) in Qingshui Section, Gangshan District, Kaohsiung City were designated for agricultural and pastoral use. The usage did not comply with permitted purposes under Article 15 of the Regional Planning Act. Land conversion procedures were completed in August 2024 to prevent recurrence.
Reporting Unit - - Land Administration Bureau of Kaohsiung City Government
Number of Cases/Total Amount 0 case/NT$0 0 case/NT$0 1 case/NT$200,000

Internal Audit

The Internal Auditing Department reports directly to the Board of Directors and is responsible for overseeing all internal audit operations across the Company. Its primary function is to assist the Board and management in examining and reviewing deficiencies in the internal control system, evaluating operational effectiveness and efficiency, and providing timely improvement recommendations to ensure the sustained effectiveness of the internal controls. The head of internal audit regularly attends Board meetings to report on audit activities and also presents the prior year’s audit implementation and improvements to the Audit Committee. In addition, ad-hoc communication meetings are held between the internal audit supervisor and independent directors.

The 2024 audit plan was approved by the Board in 2023. During the year, a total of 44 audit reports were completed, resulting in 51 recommendations, including 42 on operational improvement, 5 on policies and regulations revision, and 4 on system optimization. The follow-up of implementation progress is continuously tracked. After internal approval, both audit reports and follow-up reports are submitted to the independent directors for review no later than the end of the following month. For further details on the internal audit structure and operations, please refer to the Company website.

Risk Management

To ensure the integrity of its risk management system, CHS has adopted the “Risk Management Policy and Procedures,” approved by the Board of Directors. The President serves as the convener of the Risk Management Team, whose members include heads of major business and operational units. The team is responsible for overseeing risk management implementation and coordination across the Company. Risk management performance is reported annually to the Audit Committee and the Board of Directors, and the Audit Committee assists the Board in supervising the effectiveness of risk management operations.

In response to global economic and sustainability risks, the Company identifies and assesses risks affecting sustainable development across four dimensions: Economic (including decision-making, financial, operational, cybersecurity, and regulatory risks), Social (including labor safety and human rights risks), Environmental (including pollution and energy management risks), and Other (including trade barriers, climate change, epidemic, and carbon neutrality risks). Through strategies such as risk transfer, mitigation, and avoidance, the Company minimizes potential risks to enhance operational opportunities positively. The 2023 risk management operations were reported to the Audit Committee and Board of Directors on November 2, 2023, with the Audit Committee overseeing operational aspects and publishing details on the Company's website.2023 Risk Management Operations and Supervision

The 2024 risk management operations were reported to the Audit Committee and Board of Directors on October 31, 2024, with the Audit Committee overseeing operational aspects and publishing details on the Company's website.


2024 Risk Management Operations and Supervision

Information Security Management

The Company has established the “Regulations for the Establishment of the Information Security Committee,” with the President serving as the Convener (also acting as Chief Information Security Officer). Committee members include plant and department heads. The Committee consists of four teams: Information Security, Equipment Security, Cybersecurity Training and Education, and IT Asset Security. Quarterly meetings are held to review the implementation of information security measures, and an annual report on information security outcomes is submitted to the Board of Directors.

Organizational Chart of the Information Security Committee

In 2024, CHS passed the ISO 27001 Information Security Management System (ISMS) certification and experienced no major cybersecurity incidents, customer privacy breaches, or data leaks. To achieve these objectives and reduce the impact of potential information security incidents, the Company implemented the following key measures:

  • All computer devices are equipped with licensed antivirus software. The Information & System Department conducts regular vulnerability scans on external servers and websites to enhance security protections.
  • The Company has established the “Regulations on the Notification and Response of Cyber Security Incidents” to ensure timely damage control and recovery operations in the event of a cybersecurity incident.
  • Personal computer systems are assigned unique accounts and passwords based on user responsibilities. Passwords are required to be changed periodically, with two-factor authentication and session timeout controls to prevent unauthorized access.
  • A cybersecurity operations center system has been built to collect and analyze heterogeneous system operation data in real-time, enabling early detection of anomalies and issuance of alerts to prevent incident escalation.
  • A total of 109.5 training instances for information security staff and 423 training instances for non-specialized staff were conducted in 2024 (measured by the number of participants x training hours).
  • Monthly information security awareness campaigns are conducted through electronic bulletins and ERP announcements for all employees. Additionally, a 1-hour information security training session is provided during each quarterly Information Security Committee meeting for all attendees.

The 2024 information security implementation results were reported to the Board of Directors on December 26. Details of the implementation and the information security risk management framework are published on the Company website.

2024 Information Security Implementation Overview

Intellectual Property Management

Since June 2023, the Company has adopted the Taiwan Intellectual Property Management System (TIPS) and established intellectual property management policies and objectives aligned with its operational strategies. These efforts aim to enhance ESG performance, implement a robust IP management framework, and strengthen CHS's brand image in the steel industry. They also promote IP deployment and protection, supporting sound corporate operations and a sustainable future. The Company reports on the status of its IP management to the Board of Directors annually.

In 2024, CHS passed the TIPS verification for trade secrets and trademarks at Grade A level with zero deficiencies. To maintain TIPS certification, the Company established an Intellectual Property Task Force led by the Assistant Vice President of Production, who serves as the management representative. The task force identifies internal and external IP-related issues, opportunities and risks, stakeholders, and discusses corresponding policies and objectives. These objectives are approved by the President and are regularly monitored for implementation status.

The 2024 intellectual property management results were reported to the Board of Directors on October 31 and disclosed on the Company website.

2024 Intellectual Property Management Implementation Overview