To achieve the goal of corporate sustainable development and be aligned with the important aspects that clients are concerned about and international trends, Primax Electronics has established a risk management system to regulate the management mechanism of risk management in accordance with the requirements of corporate risk management, there by improving the operational efficiency of risk management.

Primax has established a Risk Assessment Taskforce through the authorization of the Board of Directors, led by the ESG Office, and assigned various functional units to form Risk Assessment Taskforces.At least once a year, we conduct risk and opportunity identification meetings to identify the ESG operational risk, climate change risks and other emerging risks.The 2023 risk identification and disclosure scope covered the main operating locations of Primax Group in Taipei, China and Thailand.

Risk Identification Process

Primax Electronics established the Sustainable Development and Risk Management Committee. The ESG Office serves as the unit dedicated to convening, promoting and executing the Risk Assessment Taskforce. The Risk Assessment Taskforce members shall convene a risk and opportunity identification meeting at least once a year to identify specific corporate risks.The sources of sustainable operational risks come from business risks, financial risks, strategy risks and legal risks, etc. Climate changeNote  risks are based on transition risks and physical risks suggested by the TCFD guidance. In addition,other emerging risks refer to the top ten emerging risks announced by the World Economic Forum annually, and items related to climate change are excluded. The three main risks also consider the material issues concerned by stakeholders, corporate development strategies, domestic and overseas regulatory trends and relevant initiatives. The members compile and establish the“ Primax Electronics Risk Integration Questionnaire" to conduct risk assessments for each risk item during the meetings.Note: For the climate change opportunities, the TCFD opportunity sources are also considered, in orderto set up opportunity identification questionnaire for climate change related topics.

risk 1

The assessment team follows the "Corporate Risk Management Policies and Procedures" to conduct risk assessments. The evaluation criteria include three main factors of "Likelihood," "Impact," and "tolerance”. These criteria are measured against the defined scoring scales for impact , likelihood and tolerance, as outlined in the Company's impactscale, likelihood scale, and tolerance scale. The probability measurement considers the chance of occurrence or frequency of risks based on past occurrences. Impact measurement primarily focuses on quantifying financial impacts and is supplemented with qualitative descriptions such as operational disruptions, customer loss, or reputational damage.Tolerance measurement assesses the risk impact level acceptable to the Company, and the Company's recovery capability and response capability after impact. The assessment is conducted based on three timeframes: "short-term ( 1 ~ 3 years)," "mid-term ( 3 ~ 5 years),"and "long-term ( 5 ~ 10 years)." During the assessment, the expected occurrence timeframe for each risk item is determined to further discuss corresponding strategies for short-term,medium-term, and long-term risks. This serves as a basis for regular review and adjustment.

risk 5

The risk (including climate change opportunity assessment) classification is determined based on the factors of "likelihood" and "impact." The risk grade is determined by multiplying the scores of these two factors and locating the position on the riskand opportunity matrix. This helps identify the risks that need to be addressed. The management team develops risk mitigation plans for high-risk items and ensures ongoing monitoring and improvement. In addition, the internal audit unit also includes the execution of key programs in the audit plan for periodic inspection.

4 3

In the section on climate change opportunities, the Company has also established an opportunity identification questionnaire for climate change-related issues with reference to TCFD opportunity sources, and has used two evaluation criteria, namely "likelihood" and "impact", to identify climate change opportunities. The results of the climate change-related risks and opportunities assessment will be discussed and selected by the Corporate Sustainability Office, and relevant countermeasures will be developed.


Risk Organizational Structure and Management Process

Primax's  corporate risk management organization is divided into four layers, and management is carried out through the processes of risk identification, risk assessment, risk control, and risk supervision and communication. The relevant responsibilities and management processes are shown in the following chart.

4 4

 2023 , the Risk Assessment Team convened risk assessment meetings in June and November to re-identify various corporate risks. The Corporate Risk Management Report was presented to the Board of Directors in November by the Convener of the ESG Office, namely Vice General Manager, Ms. Chiang, Yan-Ying. This year, a total of 54 risk factors (including sustainable operational risk, climate change risk, and other emerging risks) were collected. Upon the identification through the risk managementprocess, the main sustainable operational risks of Primax as identified include changes in the industrial development, pressure from competition among peers,product innovation and development, investment and M&A strategies, capacity deployment/expansion, organizational structure and capability development, customer concentration, and new customer development, while the climate change risks include popularization of sustainability assessments, increasing customer demands for climate change response, mandatory climate information disclosure and reporting, impact on enterprise's reputation and popularization of sustainability evaluation.The relevant risk response measures are shown in the following table. For climate change risks, please refer to " 4 . 1 Climate Change Management.


Matrix of Corporate Risks of Primax Electronics 

4 5

Summary of the key points of the countermeasures against the sustainable operational risk

4 6


Risk culture

In addition to a rigorous organizational structure and implementation process, how to shape an organizational culture in which all employees are aware of risk management has become an issue that has received increasing attention in recent years. Through education and training, Primax plans ESG-related courses for all employees, and integrate the concepts of risk management into ethical corporate management, labor rights and information security. According to the 2024 plan, new employees will be arranged to attend the Sustainability Board Game Workshop upon expiration of three months after their onboard. The designed board games cover corporate risk, climate change and SDGs, etc., to enable employees to deepen their knowledge and sense ofidentity towards sustainability through the interesting board games.

Meanwhile, we also recommend courses on corporate risk and sustainable development on a regular basis to provide directors with a priority reference when choosing continuing education courses, in order to build Primax's corporate risk andsustainable development culture from top to bottom step by step. Please refer to P34 of the 2023 Annual Report of Annual General Meeting for more information on the continuing education of directors.