To achieve the goal of corporate sustainable development and be aligned with the important aspects that clients are concerned about and international trends, Primax Electronics has established a risk management system to regulate the management mechanism of risk management in accordance with the requirements of corporate risk management, there by improving the operational efficiency of risk management.

Primax has established a Risk Assessment Taskforce through the authorization of the Board of Directors, led by the ESG Office, and assigned various functional units to form Risk Assessment Taskforces.At least once a year, we conduct risk and opportunity identification meetings to identify the ESG operational risk, climate change risks and other emerging risks.

To further strengthen risk management mechanisms, in August 2024, Primax revised the "Risk Management Policy and Procedures" and added the "Enterprise Risk Management Implementation Guidelines." These were approved by the Board of Directors and implemented accordingly. The scope of application covers sustainability-related operational risk management at the enterprise level within all Primax Group entities over which the Company has substantive control. 

Risk Identification Process

Primax Electronics established the Sustainable Development and Risk Management Committee. The ESG Office serves as the unit dedicated to convening, promoting and executing the Risk Assessment Taskforce. The Risk Assessment Taskforce members shall convene a risk and opportunity identification meeting at least once a year to identify specific corporate risks.The sources of sustainable operational risks come from business risks, financial risks, strategy risks and legal risks, etc. Climate changeNote  risks are based on transition risks and physical risks suggested by the TCFD guidance. In addition,other emerging risks refer to the top ten emerging risks announced by the World Economic Forum annually, and items related to climate change are excluded. The three main risks also consider the material issues concerned by stakeholders, corporate development strategies, domestic and overseas regulatory trends and relevant initiatives. The members compile and establish the“ Primax Electronics Risk Integration Questionnaire" to conduct risk assessments for each risk item during the meetings.Note: For the climate change opportunities, the TCFD opportunity sources are also considered, in orderto set up opportunity identification questionnaire for climate change related topics.

To align with International Financial Reporting Standards, the identification of climate-related risks and opportunities for this year has been conducted with reference to IFRS S2 Climate-related Disclosures. This framework addresses the four core elements of governance, strategy, risk management, and metrics and targets, as well as disclosures regarding environmental risk dependencies. For further details, please refer to the【2024 TCFD Report】.

risk 1

The assessment team conducts risk evaluations in accordance with the Corporate Risk Management Policies and Procedures. The assessment criteria include "likelihood" and "impact," which are measured using the Company's impact scale and likelihood scale scores. Likelihood is measured by the probability or frequency of risk occurrence, while impact is primarily assessed through financial quantification. Likelihood and impact scores are evaluated separately across different time horizons: short term (1–3 years), medium term (3–5 years), and long term (5–10 years). In addition, during risk assessments, Primax also considers the Company's resilience to risks (tolerance) and the degree of reliance on external or internal resources (dependence), which serves as a reference for developing response strategies.

risk 5

The risk (including climate change opportunity assessment) classification is determined based on the factors of "likelihood" and "impact." The risk grade is determined by multiplying the scores of these two factors and locating the position on the riskand opportunity matrix. This helps identify the risks that need to be addressed. The management team develops risk mitigation plans for high-risk items and ensures ongoing monitoring and improvement. In addition, the internal audit unit also includes the execution of key programs in the audit plan for periodic inspection.

Risk levels are determined based on the two assessment criteria, namely "likelihood" and "impact", and are classified according to their position within the risk and opportunity matrix using the product of their scores, thereby identifying risks that require action. For major risk items, the management team formulates mitigation plans, implements ongoing monitoring and improvement measures, and ensures that the Audit Department incorporates the execution of key plans into the audit program for periodic review and adjustment.

02 4 3 02 4 4

 

In the section on climate change opportunities, the Company has also established an opportunity identification questionnaire for climate change-related issues with reference to TCFD opportunity sources, and has used two evaluation criteria, namely "likelihood" and "impact", to identify climate change opportunities. The results of the climate change-related risks and opportunities assessment will be discussed and selected by the Corporate Sustainability Office, and relevant countermeasures will be developed.


Risk Organizational Structure and Management Process

Primax's  corporate risk management organization is divided into four layers, and management is carried out through the processes of risk identification, risk assessment, risk control, and risk supervision and communication. The relevant responsibilities and management processes are shown in the following chart.

4 4

The risk assessment team reviewed the evaluation results of 28 enterprise risks assessed in the previous year and conducted risk scoring for three newly identified emerging risks this year. Based on the consolidated assessment results, it was determined that Primax's primary operational risks in 2024 include: industry development changes, competitive pressures, product innovation, investment and M&A strategies, capacity planning and expansion, organizational capability development, customer concentration, and new customer acquisition. These risks are continuously managed according to corresponding mitigation measures to reduce the likelihood of occurrence.


Matrix of Corporate Risks of Primax Electronics 

4 5

Summary of the key points of the countermeasures against the sustainable operational risk

4 6


Risk culture

In addition to maintaining a rigorous organizational structure and implementing robust execution processes, fostering a company-wide culture in which all employees have a strong awareness of risk management has become an increasingly important topic in recent years. Primax promotes this culture through training programs that incorporate sustainability-related courses for all employees. The concept of risk management is integrated into topics such as ethical business practices, labor rights, and IT security. In 2024, new employees participated in a sustainability board game workshop after completing three months of employment. The workshop content included themes such as enterprise risk, climate change, and the SDGs. In 2024, two workshop sessions were held, and in 2025, this program is planned to become a mandatory course for all new employees. By engaging with interactive board games, employees deepen their knowledge of sustainability and strengthen their sense of identification with these principles.

In addition, the Company regularly recommends training courses related to enterprise risk and sustainable development for the Board of Directors, providing prioritized references for directors when selecting continuing education opportunities. This approach supports the gradual establishment of a strong culture of risk management and sustainability throughout Primax. Please refer to page 33 of the 2024 Shareholders' Meeting Annual Report.