In 2024, Primax, upon approval by the Board of Directors, renamed the "Risk Management Committee" to the "Sustainability and Risk Management Committee," serving as the dedicated body responsible for overall risk management at Primax. In August of the same year, the "Sustainability and Risk Management Committee" revised the "Risk Management Policy and Procedures" and added the "Enterprise Risk Management Implementation Guidelines," which were approved by the Board of Directors and implemented. The scope of application covers sustainability-related operational risk management at the enterprise level within all Primax Group entities over which the Company has substantive control, thereby constructing a resilient corporate governance system.
The Sustainability and Risk Management Committee is chaired by the Chairman and regularly reports to the Board of Directors to ensure that Board members are informed of the potential impacts of enterprise risk issues on Company operations and the current response strategies. To enhance governance efficiency and ensure the real-time nature of monitoring, the risk management organizational structure will be optimized in 2025 with the addition of a "Risk Management Officer" position, to be held by the President. This role will be responsible for the confirmation of risk assessment results, regularly tracking the effectiveness of risk response policy implementation, and reporting to the Sustainability and Risk Management Committee to ensure that risk control is deeply integrated with Company strategy.


Risk Identification Process

The Risk Assessment Teams convene regular meetings to assess operational, strategy, natural environmental, and emerging risks and align with IFRS S1/S2 and the spirit of double materiality, building a more comprehensive and forward-looking risk identification system.

To enhance the comprehensiveness and objectivity of Risk Assessments, Primax further deepened risk identification methodologies in 2025, aligning with the risk disclosure logic of ISO 31000 and IFRS S1, IFRS S2. During the risk identification phase, a "neutral factor-oriented" approach is employed to describe risks, allowing the risk definition to extend beyond traditional negative impact assessments. This approach enables a more comprehensive identification of potential risks and business opportunities inherent in uncertainties, thereby strengthening a balanced approach to risk and opportunity management.
Based on the aforementioned methodology, the Company further established a systematic risk categorization and mapping mechanism. This year, the Risk Sources are categorized into four major categories: Sustainable Operations, natural environment, Strategy, and Emerging Risks. Definitions of risk categories and mapping of risk factors take into consideration stakeholder concerns, the Company's medium- and long-term development strategies, as well as domestic and international regulations and disclosure standards (such as GRI, SASB, IFRS S1, IFRS S2). They also incorporate significant industry topics highlighted by sustainability rating initiatives, TCFD physical risk analysis, and TNFD-LEAP analysis outcomes to ensure alignment with relevant sustainability trends globally and domestically.

The Primax Risk Assessment Methodology is conducted in accordance with established risk management procedures and incorporates the aforementioned "neutral factor-oriented" principles. During the risk assessment phase, three core evaluation criteria are employed: "likelihood," "impact level," and "tolerance level." This approach simultaneously assesses risks and potential opportunities to ensure the results are consistent and comparable. "Likelihood" assesses the probability or frequency of the occurrence of relevant uncertain events; "Impact Level" measures the extent of the event's influence on the company's operations, financial performance, strategic development, and reputation, considering both the potential negative risks and positive opportunities it may bring; "Tolerance" evaluates the degree of risk impact the organization can accept, along with its resilience and adaptability in recovering from such impacts, thereby demonstrating organizational resilience.
To enhance the objectivity and operability of the assessment, Primax, based on past management experience, historical records, and relevant indicator data, categorizes each of the above three evaluation criteria into 1 to 4 levels as the basis for quantitative assessment. In the determination of risk levels, the risk value is primarily calculated by multiplying the scores of "likelihood" and "impact level," and based on the results, it is categorized into high, medium, and low risk levels. "Tolerance level" serves as a critical reference for management decisions and risk response strategies, helping to decide whether it is necessary to strengthen control measures, adjust strategic layouts, or further develop potential opportunities.

Through the aforementioned assessment mechanism, the Company is able to systematically identify key risk issues and simultaneously uncover strategically significant opportunities from uncertainties. This serves as a basis for prioritizing issues and allocating resources, thereby strengthening the effectiveness and foresight of overall Risk Management.


Risk Organizational Structure and Management Process

The Sustainability and Risk Management Committee is chaired by the Chairman and regularly reports to the Board of Directors to ensure that Board members are informed of the potential impacts of enterprise risk issues on Company operations and the current response strategies. To enhance governance efficiency and ensure the real-time nature of monitoring, the risk management organizational structure will be optimized in 2025 with the addition of a "Risk Management Officer" position, to be held by the President. This role will be responsible for the confirmation of risk assessment results, regularly tracking the effectiveness of risk response policy implementation, and reporting to the Sustainability and Risk Management Committee to ensure that risk control is deeply integrated with Company strategy.

To comprehensively identify the various risks faced by the Company's operations, Primax integrated risk identification methodologies in 2025, incorporating natural environmental risks into the existing Enterprise Risk Management framework to enhance the completeness and consistency of the overall risk mapping. Through the following 6 major steps, ensure that risks are effectively controlled and continuously optimized:


Matrix of Corporate Risks of Primax Electronics

Summary of the key points of the countermeasures against the sustainable operational risk


Cultivating a Risk-Aware culture

In addition to maintaining a rigorous organizational structure and implementing robust execution processes, fostering a company-wide culture in which all employees have a strong awareness of risk management has become an increasingly important topic in recent years. Through educational training, Primax plans an online sustainability course series for all employees, integrating the concept of risk management into ethical business practices, labor rights, and IT security. By the end of 2025, Primax (Taipei) Operating Headquarters completed the training for 345 employees, who passed the examination. In 2026, the online courses are expected to gradually expand to the Entire Group. Simultaneously, new employees at the Taipei headquarters who have been employed for three months will be required to take mandatory courses on climate change and risk management for the first time. These courses will be supplemented with innovative board games to allow employees to understand concepts such as enterprise risk, climate change, and the SDGs through an engaging experience, thereby deepening their sense of identification with sustainability.
In addition, we regularly recommend courses on enterprise risk and sustainable development as prioritized references for directors planning their continuing education. Through a multitiered training strategy, Primax comprehensively builds a culture of risk management and sustainable development from to  to bottom. (For a detailed list of director training programs, please refer to page 31 of the 2025 Shareholders' Meeting Annual Report.)