guc

Overview

Board of Directors

Committees

Internal Audit

Corporate Governance Officer

Major Internal Policies

Risk Management

Succession Planning

Overview

Taiwan Stock Exchange Corporate Governance Evaluation Top 5%

GUC's corporate governance principles are strong self-discipline, an important role for directors, safeguarding shareholder benefit, information transparency, and attention to environmental and social impact to ensure sustainable operations. Under these principles, in 2020, we voluntarily designated a head of corporate governance to assist the Board of Directors. In addition, the Board of Directors authorizes the Audit and Remuneration committees to assist it in their respective supervisory duties. The Articles of Association of each committee are approved by the Board of Directors, and the Chairs of each committee regularly report their discussions and resolutions to the Board.

GUC consistently ranked among the top 5% of companies in the TWSE/TPEx Corporate Governance Evaluation (with the smallest market capitalization among ten listed companies) from the first to seventh year of the evaluation. In the eighth evaluation, GUC slipped to the 6% to 20% range, but it regained a top 5% ranking in the ninth and tenth evaluations,showing that we perform well in protecting shareholder benefit and equal treatment of shareholders, structure and operation of the board of directors, information transparency, and CSR implementation.

TIMELINE OF IMPLEMENTED COPORATE GOVERNMENCE MEASURES VS. LEGAL REQUIREMENTS

A dedicated corporate governance unit

On 07/30/2020, the Board of Directors appointed Head of Corporate Governance. The corporate governance group is composed of seven people from the finance department, legal affairs, internal audit, and human resources, and is responsible for matters related to corporate governance such as providing information the directors need to complete their work, assisting them with compliance, legal matters related to the meetings of the board and shareholder meetings, company registration and registration changes, board and shareholder meeting minutes, and functions related to the Board of Directors, protecting the benefits of shareholders and ensuring their equal treatment.

Dedicated integrity management unit

GUC follows laws and business standards, and strives to uphold the highest standards of openness, integrity, and accountability, actively implement its social responsibilities and ethics, and uphold integrity, helping expand the business. GUC hereby formulates the Integrity Operating Procedures and Ethical Practice Code, and Appeal and Inspection Procedure. It has also set up confidential channels for stakeholders including customers, shareholders, the government, the public, researchers, suppliers, employees, and other business partners to complain or report circumstances violating the law (such as fraud), dishonest behavior (such as corruption or bribery), or actual or potential violations of the law or company policy.

Complaint and prosecution procedures are evolving with the times. In order to implement the GUC grievance and whistleblowing system, and to ensure smooth internal and external complaint and whistleblower channels, an ombudsman has been set up to protect the rights and interests of employees, promote compliance, and manage integrity.

The ombudsman is managed by a rotating chair position, held by a manager at the vice president level or above. It reports to the Operation Committee (OC) on the veracity of complaints or reports, and makes recommendations. Cases involving senior executives are reported to the Audit Committee for investigation, and to the Board of Directors for decision.

The Human Resource Division revises, implements, interprets, and advises upon the Integrity Operating Procedures and Ethical Practice Code for the dedicated unit, registers and files the notification, and completes other relevant work and supervision. At the same time, each unit manages integrity and prevents unethical behavior according to its respective work scope, jointly ensuring the implementation of the Code. Each year, the Human Resource Division reports the implementation results of the previous year to the Board of Directors.

Cases of reporting/whistleblowing received

Independent Director's Mailbox (Audit Committee)

Reporting System for Business Ethics Violation

Others

Employees' Magor Companies

Sexual Harassment & Wrongful Harm Companies

Cases Confirmed After Investigation

2024

2023

2022

2021

(Note 1)

(Note 2)

Note 1: This complaint is about a colleague's work habits that affect others, and is not a case of professional ethics or illegal infringement. After internal communication, the colleague's behavior has been adjusted.
Note 2: After an investigation by the investigation team commissioned by the chairman, the investigation and verification results were reported to the board of directors. The board of directors reviewed and determined that the complaint was inconsistent with the facts and closed the case.

The Integrity Operating Procedures and Ethical Practice Code specifies matters to be noted during business and strictly prohibits employees from using undisclosed information they know for insider trading, or from disclosing it to others who might do so. For business activities with high risks of dishonest behavior, providing or receiving illegitimate benefits, facilitation payments or disposal, and political contributions are prohibited. At the same time, all suppliers are required to sign the GUC Third Party Ethical Practice Code Commitment Letter.

In order to ensure that all company staff can abide by this standard, GUC organizes related education for managers and all employees at least once a year, and training for new hires. In October 2024, we organized education and training on integrity management for managers and all employees. The course included major confidential information protection, integrity management procedures, ethical practices, prohibition of insider trading, and responsible partner conduct. 839 people attended and passed online courses such as the Code of Conduct, for a total of 548.1 learning hours. The course files are also placed on an internal education and training platform for reference by colleagues. In addition, in 2024, GUC directors also provided an online course on professional ethics, including relevant regulations on insider trading; 8 people attended and passed. GUC also has a reporting system area for violations of professional ethics, for use by employees and outside personnel to guide compliance and maintain company discipline and shareholder benefit.The Integrity Operating Procedures and Ethical Practice Code specifies matters to be noted during business and strictly prohibits employees from using undisclosed information they know for insider trading, or from disclosing it to others who might do so. For business activities with high risks of dishonest behavior, providing or receiving illegitimate benefits, facilitation payments or disposal, and political contributions are prohibited. At the same time, all suppliers are required to sign the GUC Third Party Ethical Practice Code Commitment Letter.

reporting system for violations of professional ethics

Board of Directors

Board Responsibilities

The Board’s main responsibilities are as follows:

1.Responsible for convening shareholders' meetings, executing resolutions of shareholders' meetings and reporting to shareholders' meetings

2.Deciding the company's operating and investment plans

3.Establishment of various functional committees of the company

4.Deciding important matters, such as annual budget and dividends

5.Proposing major matters such as capital increase (reduction), split and merger

6.Appointing and dismissing officers of the Company.And assessing the performance and remuneration of the company's management team;

7.Management team reports to the Board on various subjects (including ESG programs) periodically.

Board Structure

GUC attaches great importance to the diversity of board members. In order to reinforce corporate governance and promote sound development of board composition and structure, the capabilities that the board of directors should possess as specified in Article 20 of the Company's "Corporate Governance Code" are as follows: 1. Business judgment ability, 2. Accounting and financial analysis ability, 3. Management ability, 4. Crisis handling ability, 5. Industry knowledge, 6. Global market perspectives, 7. Leadership, and 8. Decision-making ability.

GUC's current board of directors consists of nine directors. Five of them, accounting for more than 50%, are the Company’s independent directors, and the relationship of spouses or relatives by blood within the second degree of relationship do not exist among the directors. Moreover, only one director is taking the Company's managerial officer position, i.e. Mr. Sean Tai, one of the juristic-person directors’ representatives, concurrently serving as the Company’s president. These facts indicate that the Board Independence requirement is met in the Company’s board of directors. Additionally, the Company's board members possess cross-industry and cross-field capabilities, demonstrating Board diversity and complementary support among board members. Directors also have their own skills and experiences in various professions such as legal, financial/accounting, industry, marketing/R&D, technology, business management. GUC's current implementation of Board Diversity Policy is indicated by individual directors’ portfolios listed in the table below:

Name of director

Nationality

Gender

Term of contract

Status of employee

Age

Capabilities

Operational management and business judgment

Finance and accounting

Crisis handling

Industry knowledge

Global market perspectives

Leadership and Decision-making abilities

Director Biographies

F.C. Tseng

ROC

Male

Sean Tai

ROC

Male

Yes

Lie-Szu Juang

ROC

Female

Wendell Huang

ROC

Male

Kenneth Kin

ROC

Male

Jesse Ding

ROC

Male

Huang, Tsui-Hui

ROC

Female

Cheng-Wen Wu

ROC

Male

Ho-Min Chen

ROC

Male

The diversity goals for the future include but are not limited to the following two aspects/standards:

Basic conditions and values: gender, age, nationality, culture, etc. One female director was elected in the by-election in 2023 shareholders' meeting. In the future, at least one female director seat will be reserved and long-term female seat target is one-third of all board members. And the age criteria will be planned to achieve a balanced structure.
Professional knowledge and skills: professional backgrounds (such as legal, accounting, industry, finance, marketing or technology), professional skills, industrial experiences, etc.
To keep independence, more than three consecutive terms of independent directors will be avoided.

Directors' Biographies

Title

Name

Experience

Director's Biographies

Chairman

Dr. F.C. Tseng

Current Position

Vice Chairman of VIS, director of TSMC, director of eMemory
Previous Position

President of TSMC
Academic Background

National Cheng Kung University

Director

Dr. Sean Tai

Current Position

President of GUC
Previous Position

President for Nuvoton Technology Corporation
Academic Background

Yale University

Director

Wendell Huang

Current Position

Chief Financial Officer and Spokesman of TSMC
Previous Position

Deputy Chief Financial Officer of TSMC
Academic Background

Master, Business Administration, Cornell University

Director

Lie-Szu Juang

Current Position

Senior Director, Design and Technology Platform (DTP), R&D, TSMC
Previous Position

Director of TSMC
Academic Background

University of Pennsylvania, MSEE

Independent Director

Jesse Ding

Current Position

Convener of GUC Audit Committee
Previous Position

Chair, President & CEO, Entie Commercial Bank President, Taipei Fubon Bank
Academic Background

MBA, University of Detroit

Independent Director

Huang, Tsui-Hui

Current Position

Honorary Chair of Taiwan Venture Capital Association Chair and CEO of Hotung Venture Capital Group
Previous Position

Chair of Taiwan Venture Capital Association Chair and President of Hotung Venture Capital Group
Academic Background

MBA. Cornell University, U.S.A.

Independent Director

Dr. Ho-Min Chen

Current Position

Distinguished Professor in the Department of International Business at National Taiwan University
Previous Position

Dean of the College of Social Sciences and Management at National Chung Hsing University, and a member of the National Development Fund Management Committee under the Executive Yuan.
Academic Background

Business Administration from National Taiwan University, Master's degree in Applied Statistics from the University of Iowa

Independent Director

Dr. Kenneth Kin

Current Position

Honorary Chair Professor of College of Technology Management in NTHU
Previous Position

SVP of TSMC
Academic Background

Columbia University

Performance Evaluation of Boards and Directors

GUC has established a Board's performance evaluation system. The Board of Directors approved the "Measures for Directors’ Performance Evaluation" in November 2016, and approved the "Performance Evaluation System for New Functional Committees" in October 2019 to encourage the Board and functional committee members’ self-invigoration, thereby enhancing the operational effectiveness of the Board and functional committees.Internal performance evaluation is conducted in the fourth quarter of every year, and the evaluation results were submitted to the Board in the first quarter of next year.

The external Board's performance evaluation is conducted at least once every three years by an external professional independent institution or an external team of experts and scholars, and the annual performance evaluation of the year is conducted at the end of the year.

Internal Performance Evaluation

The historical evaluation of the GUC's Board of Directors attained the result of "Good".Self-evaluation for〈Improvement of the Board's decision-making quality〉and 〈Participation degree in the Company's operations〉both continued demonstrating "Good".

In 2024, the Company’s Board of Directors received a rating of “Excellent” in its self-assessment. Compared to 2023, all self-assessment results showed improvement. In particular, there was great improvement in the self-evaluation results for the “Improvement of the Board's decision-making quality".

In 2024, the Company’s board members still received a rating of “Excellent” in the self-assessment. Compared to 2023’s self-evaluation results, although there was a decrease in the “Involvement of directors in the company's operations” aspect, all other aspects either maintained the same level or showed a slight increase.

External Performance Evaluation

At the end of 2022, the Company entrusted an independent external agency, the “Taiwan Corporate Governance Association,” to conduct an evaluation on the performance of the Board of Directors for the period dating from November 1, 2021 to October 31, 2022. The agency appointed an on-site evaluation team (including two committee members, one director, and one researcher) to assess the performance of the Board of Directors based on indicators in the eight major aspects of Board composition, guidance, authorization, supervision, communication, self-discipline, internal control and risk management, and others (such as board meetings, support systems, etc.) through questionnaires and an on-site survey. The agency has only been involved in the training courses for the Company’s board members; therefore, it is considered independent. The agency submitted an evaluation report on December 12, 2022. Its summary and related suggestions are as follows, and the Company will report the results and improvement plans at the Board of Directors meeting on February 2, 2023.

Recommendations

In order to take into account supervision trends and corporate succession, the Company updates the members of the Board in stages. It is recommended that the Company set up a Nominating Committee at an appropriate time, or incorporate functions such as selection, cultivation and succession into the terms of reference of the Remuneration Committee so as to demonstrate the Company’s determination in pursuing corporate governance.

Improvement Plan

The Company plans to incorporate functions such as selection, cultivation and succession into the terms of reference of the Remuneration Committee.

Summary

The Company’s Board of Directors has a clear strategy formulation and discussion mechanism. Through the strategy meeting at the end of the year (now called the Strategy Committee meeting) and the follow-up meeting after the following year’s shareholders’ meeting, the heads of various units report to the Board members on aspects including finance, research and development (R&D), business, etc. Directors are invited to provide their opinions on such aspects, allowing them to participate in strategy formulation and take charge of medium and long-term risks and opportunities.
The Company is talent-oriented and focused on its strengths, based on technology and R&D. The Board of Directors and the management team are familiar with the Company’s potential risks and have established a risk-avoidance mechanism, which is specifically demonstrated in the aspects of talent retention and incentive measures to maintain the Company’s advantages among upstream as well as downstream supply chains and competitors.
The Company followed the initiative of the “Corporate Governance Best Practice Principles for TWSE/TPEx Listed Companies,” which stipulates that the consecutive terms of Independent Directors shall not exceed three terms. Considering the need for passing on its experience, the composition of the Board of Directors shall be gradually improved so as to continuously promote the renewal of the Board of Directors.
The Company has a comprehensive orientation system for first-time Directors, in which a business briefing is presented by the President, the operations of the Board of Directors are explained by the Secretary of the Board, and matters related to the corresponding functional committees are reported by the Secretaries of the Audit Committee and the Remuneration Committee. The Company also provides an orientation handbook for new Independent Directors, which contains the Company’s internal regulations and organizational structure, in order to help them understand the operations of the Company and the Board of Directors

Recommendations

Improvement Plan

The Company plans to incorporate functions such as selection, cultivation and succession into the terms of reference of the Remuneration Committee.

Major Resolutions of BOD Meetings

Date

Ratio of Attendance

Major Resolutions

2024/01/31

9/9

1. Approve 2023 financial statements and business report
2. Approve the proposal for each common share holder will be entitled to receive a cash of NT$14.0 per share allocated from retain earnings
3. Approve modification of "Strategy Committee Charter"1. Approve 2023 financial statements and business report

2024/04/25

9/9

Approve 2024 Q1 financial statements

2024/05/16

9/9

Approve 2023 ESG Report

2024/06/06

9/9

Approve modification of 2024 Capex

2024/07/25

9/9

1. Approve 2024 Q2 financial statements
2. Approve modification of "Audit Committee Charter"

Date

Ratio of Attendance

Major Resolutions

20230202

9/9

1. Approve 2022 financial statements and business report
2. Approve the proposal for each common share holder will be entitled to receive a cash of NT$14.0 per share allocated from retain earnings
3. Approve the nominated Directors (including Independent Directors) candidates

20230427

9/9

Approve 2023 Q1 financial statements

20230518

9/9

1. Elect F.C. Tseng as Chairman of Board Meeting
2. Elect Jesse Ding as Convener of Audit Committee
3. Elect Ho-Min Chen as Convener of Compensation Committee
4. Elect Kenneth Kin as Convener of Strategy Committee

20230727

9/9

1.Approve 2023 Q2 financial statements
2.Approve modification of "Strategy Committee Charter"
3.Approve Rules Governing Financial and Business Matters between GUC and its Related Parties

20231026

9/9

1.Approve 2023 Q3 financial statements
2.Approve 2024 audit plan
3.Approve modification of "Risk management policy"

20231207

9/9

1. Approve 2024 business plan
2. Approve 2024 Capex

Independent Director

Election of Independent Director

According to the relevant regulations, the election of Directors is conducted under the "candidate nomination system". The Directors shall be elected from the nominated candidates. The qualification of the nominated Directors (including Independent Directors) has been reviewed by the Board meeting on Feb 2, 2023. The tenure of newly elected directors shall commence on May 18, 2023 and expire on May 17, 2026.

After the election, all of the Company’s independent directors having served their independent-directorship for less than three consecutive terms.

The results of the election of Independent Directors in 2023/05/18 shareholders' meeting :

Title

Name

Votes Received

Independent Director

Ho-Min Chen

87,904,231

Independent Director

Kenneth Kin

87,889,346

Independent Director

Jesse Ding

87,880,002

Independent Director

Cheng-Wen Wu

87,867,916

Independent Director

Huang, Tsui-Hui

87,851,768

Independent Director Mail Box

acinfo@guc-asic.com

Independent Directors’ Communications with the Internal Auditor and CPAs

In the quarterly Audit and Corporate Governance Committee meeting, the head of Internal Audit regularly reports to the Audit and Corporate Governance Committee the implementation of the audit plan, important findings and the progress of previously suggested improvement items, interacting face-to-face with independent directors. The head of Internal Audit reports to and communicates with the independent directors every month via a written monthly report. The key communications and interactions between the independent directors and the head of Internal Audit in the Audit and Corporate Governance Committee meeting are recorded in the meeting minutes. In addition, communication among independent directors, or between the head of Internal Audit and the members of the Audit and Corporate Governance Committee on audit and other matters related to the responsibilities of the Audit and Corporate Governance Committee will also be conducted via email and communication software. The convener of the Audit and Corporate Governance Committee maintains a good communication channel with independent directors and the head of Internal Audit.

Independent Directors’ Communications with the Internal Audit

Date

Type of communication

Communication items, independent directors’ opinions and subsequent handling

2024/01/31

The 3th Session of 6th Audit and Corporate Governance Committee term

1. The Chief Audit Officer reported on the audit items, findings, and follow-up improvements for the fourth quarter of 2023. This quarter’s report focused on audits of the subsidiary in Mainland China and inventory management. The independent directors expressed their agreement with the report’s content.
2. The Chief Audit Officer presented the 2023 Internal Control Statement and explained the results of the risk and internal control self-assessment. The independent directors had no objections, and the report was submitted to the Board of Directors for resolution.

2024/04/25

The 4th Session of 6th Audit and Corporate Governance Committee term

The Chief Audit Officer reported on the audit items, findings, and follow-up improvements for the first quarter of 2024. This quarter’s report focused on the audit of the Japan subsidiary. The independent directors expressed their agreement with the report’s content.

2024/07/25

The 6st Session of 6th Audit and Corporate Governance Committee term

The Chief Audit Officer reported on the audit items, findings, and follow-up improvements for the second quarter of 2024. This quarter’s report focused on audits of information security and Board operations. The independent directors expressed their agreement with the report’s content.

2024/10/31

The 7st Session of 6th Audit and Corporate Governance Committee term

1. The Chief Audit Officer reported on the audit items, findings, and follow-up improvements for the third quarter of 2024. This quarter’s report focused on the audit of the procurement cycle. The independent directors expressed their agreement with the report’s content.
2. The Chief Audit Officer reported on the assessment of the integrity of the company’s internal control system. The independent directors expressed their agreement with the report’s content.
3. The Chief Audit Officer proposed the 2024 audit plan, formulated based on risk assessment. The independent directors unanimously agreed and submitted it to the Board of Directors for approval.

Independent Directors’ Communications with the CPAs

CPAs also attend the quarterly Audit Committee meetings, and communicate and interact with independent directors on financial statement reviews or audits, or issues related to finance, taxation or internal control.

Important content of the communication and interaction between independent directors and the financial controller, accounting controller, internal audit controller and attesting CPAs at Audit Committee meetings is also recorded in the Audit Committee minutes.

Date

Type of communication

Communication items, independent directors’ opinions and subsequent handling

2024/01/31

The 3th Session of 6th Audit and Corporate Governance Committee term

1. Inquired about the audit results of the consolidated and individual financial statements for 2023.
2. Inquired whether any additional audit findings were identified regarding the key audit matters in the 2023 financial statements.
3. Inquired about practical discussions on regulatory updates.

2024/04/25

The 4th Session of 6th Audit and Corporate Governance Committee term

1. Provided the review results of the consolidated financial statements for Q1 2024.
2. Inquired about the auditor’s assessment and recommendations on other discussion matters.

2024/07/25

The 6st Session of 6th Audit and Corporate Governance Committee term

1. Provided the review results of the consolidated financial statements for Q2 2024.
2. Inquired about the auditor’s assessment and recommendations on other discussion matters.

2024/10/31

The 7st Session of 6th Audit and Corporate Governance Committee term

1. Provided the review results of the consolidated financial statements for Q3 2024.
2. Inquired about the auditor’s assessment and recommendations on other discussion matters.

Committees

Audit and Corporate Governance Committee

The Audit Committee has been set up since 2008, and the latest-term committee was formed in 2023 by five new independent directors. This Committee is taking the responsibility for carrying out the fair representation of the Company's financial statements, appointment or dismissal of attesting CPAs and evaluation of CPAs’ independence and performance, effective implementation of the Company’s internal control, the Company's compliance with relevant laws and regulations, control and management of existing or latent risks, etc.

In 2024, the Company incorporated the topics of “Corporate Governance or Sustainable Development” of the 11round Corporate Governance Evaluation Indicators 2.14 into the duties of the Audit and Corporate Governance Committee and revised its organizational regulations to include corporate governance related issues in the supervision matters. The Audit and Corporate Governance Committee was renamed as the “Audit and Corporate Governance Committee” from then on.

The Audit and Corporate Governance Committee meets regularly each quarter. The Committee is empowered by its Charter to conduct any study or investigation it deems appropriate to fulfill its responsibilities. It can invite the Company's management team, internal auditors, the Company's independent external auditors, and all employees of the Company to join the meeting. The Audit and Corporate Governance Committee held six meetings during 2024, the in-person attendance rate of all members was 93%.

In order to improve the effectiveness of the Audit and Corporate Governance Committees and implement the corporate governance, the Committee examined its overall effectiveness in 2024 based on the self-evaluation questionnaire. That is, each director conducted an independent and objective evaluation of the effectiveness of the overall Audit and Corporate Governance Committee in relation to the following five aspects: participation degree in the Company’s operations, awareness of committee responsibilities, decision-making quality, committee’s composition and the selection/appointment of its members, internal control, etc. In 2024, the Company’s Audit and Corporate Governance Committee received a rating of “Excellent” in its internal assessment. Compared to 2023, performance in the self-assessment in all aspects showed improvement.

Five independent directors are selected at the Company’s Regular Shareholders’ Meeting to form the Audit and Corporate Governance Committee. Since Dr. Cheng-Wen Wu resigned on 2024/05/15 because he will become Minister of NFCT, so current Audit and Corporate Governance Committee members are four independent directors. To fulfill the purpose of supervision matters, the primary duties of the Audit and Corporate Governance Committee are classified as follows:

-The existing duties of the Audit Committee:

Stipulation or amendment of internal control system in accordance with Article 14-1 of the Securities and Exchange Act
Appraisal of internal control system effectiveness

The Audit and Corporate Governance Committee evaluates the effectiveness of the Company's internal control system, including approval authority, completeness, risk management, etc. (the scope includes but not limited to finance, operations, research and development, information security, legal compliance, and operations in relation to all stakeholders), and reviews the results of internal audits and attesting CPAs’ work. In addition to regular reports made by managerial officer, for matters of high operational risks, relevant controllers/officers are also requested to make reports on the improvement status. The above content is stipulated based on the Internal Control -- Integrated Framework issued by the Committee of Sponsoring Organizations of the Treadway Commission (COSO) in 2013. The Audit and Corporate Governance Committee deemed that the Company's risk management and internal control systems were effective, and the Company had adopted necessary control mechanisms to supervise and correct noncompliance or weaknesses with opportunities for improvement.

Formulate or revise the handling procedures for the acquisition or disposal of assets, engagement in derivative transactions, loaning of funds to others, provisions of endorsement or guarantee to others, and other significant financial or business actions in accordance with the provisions in Article 36-1 of the Securities and Exchange Act.
The annual financial statements signed or stamped by the chairman, managerial officers and accounting controller and the quarterly financial statements signed or stamped by the chairman, managerial officers and accounting controller, and reviewed by CPAs.
Business report, proposal for profit distribution or loss make-up.
Other significant matters stipulated by the Company or competent authorities.

-The duties related to corporate governance

Regularly supervise the operation of corporate governance and understand the discrepancy between operation and practice
To supervise the implementation of Integrity Operating Procedures and Ethical Practice Code.
Regularly review the important regulations, such as the Articles of Incorporation, the Rules and Procedures of Shareholders' Meeting, and the Rules and Procedures of Board of Directors' Meeting.
To establish and periodical review the director training plans.
Other matters as instructed by the Board of Directors.
Matters involving the personal interest of directors.
Transactions on material assets or derivative commodities.
Material monetary loan, endorsement, or provision of guarantee.
The offer, issuance or private placement of securities of equity nature.
The appointment, discharge or remuneration of certified public accountants.
The appointment and discharge of the head of finance, accounting, or internal audit.

Compensation Committee

GUC's Compensation Committee is formed by all independent directors (now four in total). The Committee holds at least one meeting per quarter, taking the responsibility for the formulation and regular evaluation of the Company's overall compensation policy; formulation and regular review (at least once a year) of the policy, system, standards and structure in relation to directors' and managerial officers' performance evaluation and compensation, regular evaluation and determination of the compensation for directors and managerial officers, employee stock option plan and employee bonus plan or other employee incentive plans.

Four independent directors form current Compensation Committee (Dr. Cheng-Wen Wu resigned on 2024/05/15 because he will become Minister of NFCT). The Compensation Committee met four times in 2024: 1/31, 4/25, 7/25, and 10/31.

Matters discussed included:

I. Reports on employee compensation

II. Yearly reward (profit-sharing) totals

III. Employee reward proposal

IV. Management salaries, compensation, and long-term incentive scheme

V. Chief internal auditor salary and compensation

VI. Director remuneration and compensation

VII. Discussion of director and management salary and compensation policy, system, structure, and standards

The Compensation Committee reviewed and approved of all matters listed above.

The self-evaluation measures have also been included in Compensation Committee’s performance evaluation since October

2022. In 2024, the Company’s Compensation Committee received a rating of “Excellent” in its self-assessment.

Strategy and Sustainable Development Committee

The Company established a Strategy Committee in 2022. The first Strategy Committee consisted of all the independent directors; their term of service was from October 27, 2022 to May 18, 2023. The first Strategy Committee meeting was held on December 1, 2022, to discuss the Company’s future operating strategy and policy. All members of the Committee participated in this meeting. The Committee provided many suggestions and guidance on the operational policy reported by the Company's management team. The Committee asked the management questions such as what should be done (or not be done) in terms of the Company's strategic direction, business strategy as well as each functional unit’s strategic implementation. The Committee also asked that each functional unit formulate feasible, measurable milestones to form a complete functional strategy loop. It was also decided in the first Strategy Committee meeting that the meetings shall be held at least twice a year. Within the scope of Committee’s scope of authority, management, experts, and other people may be invited to attend the meetings to provide relevant information.

In the second Strategy Committee, the members were changed to comprise of all directors, with a term of service from May 18, 2023 to May 17, 2026 and with Kenneth Kin, independent director, serving as the Committee convener. Kenneth Kin is well experienced in the industry. He has been in charge of Asia-Pacific operations for Convex Computer in the US, and has been the head of Motorola’s Computer Group. Later, he served as the Vice President of IBM’s Microelectronics Global Business and Services Department. In 2001, he was hired as Senior Vice President of TSMC’s Global Business and Marketing Department, where he was responsible for global business and services. In addition to his work experience, he has also served as a Director of the Massachusetts High Technology Council, and at National Tsing Hua University, where he was the Deputy Dean of the College of Technology Management and director of the EMBA program. He is a leader in the technology industry, with both industry and academic experience.

In 2024, sustainable development was added the Strategy Committee’s list of responsibilities. The committee was hence renamed the "Strategy and Sustainable Development Committee" with a mission to strengthen the evaluation and response measures for risks related to environmental, social, and corporate governance aspects, helping the company achieve sustainable business goals. In the context of responding to changes in international affairs and market changes, the committee will pay special attention to risk factors related to global trends and actively engage in close communication and collaboration with stakeholders, including shareholders/investors, employees, suppliers, customers, industry-government-academia-research organizations, and the general public, to ensure the feasibility and sustainability of the company’s strategies.

The Committee’s scope of authority includes planning and guidance on the following matters:

The company’s growth strategy, including short-, medium- and long-term development goals and strategies.
Major investment and M&A plans.
Risk management issues.
Formulate the direction, strategies, and goals for corporate sustainability development. Develop related management policies and specific implementation plans.
Track the implementation and effectiveness of corporate sustainability development.
Oversee sustainability information disclosure matters and review the sustainability report.
Decide on other important strategic and sustainability development issues.

Internal Audit

GUC's internal audit function is an independent organization that reports directly to the Board of Directors. The charter of Internal Audit is to mainly examine and evaluate the effectiveness of the internal control system, to measure the efficiency and effectiveness of the operation, the reliability of the financial statements and the compliance with the relevant laws and regulations. As well, it supervises improvements to ensure the control system is implemented effectively and sustainably.

There are two full time employees who dedicated for internal audit function. The performance assessment, salary and compensation of the audit controller are reviewed and approved by the Compensation Committee and the Board of Directors. Appointment, dismissal, performance review, salary and compensation of internal auditor are submitted by the audit controller to the Chairman for approval.

The majority of audit work is executed according to risk and an annual plan approved by the Board of Directors. Special audits or reviews are conducted as needed to timely discover possible internal control deficiencies, supervise improvement, issue audit reports, and regularly report to the Audit Committee and the Board of Directors. Internal Audit assists the Board and management to achieve goals by assessing and improving effectiveness of risk management, the control and processes.

In addition, Internal Audit also supervises all functions and regions to perform self- assessments to establish a self-supervision mechanism of the company. Taking the evaluation results as the basis, the Chairman and the president issue an Internal Control Statement.

Corporate Governance Officer

CGO Responsibility

Since 2020/07/30, Corporate Governance Officer(CGO) was appointed by the board of directors.

Mr.Charles Huang, Director of Legal Divison of GUC, is apponited by the board of directors as CGO starting from 2024/11/01

CGO Responsibilities

Responsible for corporate governance related matters, including handling matters related to the board of directors, audit and corporate governance committee, compensation committee and shareholders' meeting in accordance with the regulations; assisting directors in taking office and continuing education; providing directors with information necessary for performing their duties; and assisting directors in complying with laws and regulations.

Main business execution in 2024

Main business execution in 2024:

The Corporate Governance Officer assisted the board of directors in business execution based on the following eight aspects:

1. The composition of the board of directors.

There are nine seats on the board of directors, comprising four legal representatives and five independent directors. The composition of the GUC board of directors is diverse. The independent directors are all leaders in their fields and their backgrounds include law, financial accounting, industry, corporate governance, and marketing research/development as well as technology.

A corporate governance (nomination) committee will be set up under the planning board of directors.

2. The guidance of the board of directors.

A GUC strategy meeting is held in December every year. After the strategy is set, the board of directors will make necessary adjustments in May of the following year.

In the first quarter of each year, the CEO summarizes the entire year's strategy implementation and risks, and reviews the medium and long-term plans as well as critical potential risks.

The GUC management team reports to the board of directors annually on risk management plans (information security risk management, contract risk management policies, and intellectual property management).

The board of directors authorizes the President to serve as the chairman of the inter-departmental ESG committee and report to the board of directors on the results and plans every year.

The performance of the directors and managers over the previous year shall be evaluated in the first quarter of each year, and the remuneration policies, systems, structures, and standards of the directors and managers shall be reviewed in the second quarter of each year.

3. The authorization of the board of directors.

The functions and powers of the board of directors, functional committees, chairman of the board, and general manager shall be reviewed regularly every year.

Regularly review changes in important laws and regulations, important complaints from employees and stakeholders, and major asset transactions every year.

4. Supervision by the board of directors.

The independence, competence and professionalism of the certified public accountant shall be evaluated on an annual basis.

The operating outlook is stated quarterly.

5. Communication with the board of directors.

Regular meetings with accountants as well as auditing and accounting managers are necessary every year to implement the internal audit and control system.

Company information required by the directors shall be provided, and smooth communication between directors and executives shall be maintained.

The financial supervisor provides monthly reports to the board members so they can understand the company's current operation and financial status and other non-financial information.

Briefings on business performance shall be held with legal personnel every six months, investment discussions shall take place from time to time, a dedicated staff shall be set up to serve shareholders, and diversified communication channels with investors will be established.

6. Internal control and risk management.

Reports shall be sent to the board of directors, independent directors, and the audit committee on the GUC's governance operation status. It shall be confirmed whether the shareholders meeting and the board of directors meeting are in compliance with laws and corporate governance regulations.

The "Operation Committee" led by the CEO performs various risk assessments and evaluates potential risks before reporting to the board of directors.

The directors will be provided with assistance and reminded of the laws and regulations to be followed when executing business decisions or making a formal resolution of the board of directors.

7. The self-regulation of the board of directors.

The board of directors must regularly evaluate their own performance as well as that of functional committees and individual directors in accordance with the "Performance Evaluation Measurement of the Board of Directors and Functional Committees".

An evaluation of this process should be performed by an external executive at least once every three years.

The results of the performance evaluation of the board of directors shall be fully disclosed in the annual report and on the website.

8. Others

Reference materials shall be provided for new directors, and the CEO shall explain the company's vision, strategy, organizational rules, annual goals, operations, and major contracts, etc. This process allows new directors to perform their functions quickly.

The release of information about important resolutions of the board of directors after meetings shall be reviewed. The legality and correctness of the content and the equivalence of investor transaction information shall be ensured.

The agenda of the board of directors meeting shall be drafted and directors shall be notified seven days in advance. The meeting will be convened and meeting materials provided, participants shall be reminded in advance if the issues require interest avoidance. The meeting minutes shall be completed within 20 days of the meeting.

In accordance with the law, the pre-registration of the date of the shareholders meeting shall be held. Meeting notices, handbooks, and minutes shall be prepared within the statutory time limit. Changes to registration matters shall be handled during the amendment of the articles of association or the re-election of directors.

The director of corporate governance conducts relevant training courses on a regular basis every year in accordance with the regulations of the competent authority. Please refer to the MOPS for the detailed information of the training courses and the number of training hours.

Major Internal Policies

Shareholders' Meeting

Name

DOWNLOAD

File Download

Rules and Procedure of Shareholders' Meeting

Board of Director

Name

DOWNLOAD

File Download

Rules of Election of Director

Committees

Name

DOWNLOAD

File Download

Strategy and Sustainable Development Committee Charter

Corporate Governance

Name

DOWNLOAD

File Download

Articles of Incoporation

Procedures for Ethical Corporate Management and Guidelines of Conduct

Risk Management

The 《Risk Management Policy》 was approved by the Company's Board of Directors in 2010, serving as the highest guidelines for the Company's risk management. All management units regularly conduct evaluation and review of risk items, and report the evaluation results to Operation Management Risk Committee. The president will then summarize major risk items and report them to the board of directors on a regular basis.

In the process of business operations/management, the Company adopts prevention and control measures for possible risks, and creates relevant alert mechanisms.In addition, the Company also conducts assessments of risks in relation to the Company's operations in accordance with the materiality principle as a reference basis for the Company's risk management and operational strategies. With effective risk identification, assessment and control, the Company’s risks arising from business activities can be controlled within an acceptable range.

GUC's Risk Management Scope

Intellectual Property Management Plan
Information Security Risk
Contract Risk
Product Quality and Competitiveness Risk
Climate Change and Emergency Response for Environmental Risk Management
Operational Risk

Operation

The Operation Management Committee holds two meetings every month. Units included in the Committee give presentations about the implementation of operation plans, and report on the risk control status of relevant duties as well as evaluate latent risks and provide countermeasures. Major risks that will affect operation plans will be summarized, and then be reported to the board of directors by Operation Management Committee’s chairperson.

Operation in 2024

In 2023, the Company's division-level units had reported to Operation Management Committee on the risk control status of relevant duties based on the annual plan.

The Company's president also reported on the Company's mid-/long-term plans and critical latent risks as well as countermeasures against them at the board meeting on Jan. 31, 2024.

Moreover, the Company's management team also reported on the Company's risk management strategies in relation to information security risk management, contract risk management policy, intellectual property management plan, etc. at the board meeting on Oct. 31, 2024.

Succession Planning

Management Team Succession Planning

Management Team Succession Planning

Our company, steadfast in our commitment to excellence and sustainability, has carved out a unique position in a fiercely competitive market. Recognizing the critical role of robust leadership and corporate governance, we are dedicated to the ongoing implementation of succession planning as a key strategy for future growth.

Identifying and Selecting Talent

We pride ourselves on identifying potential successors who embody the values of integrity, accountability, and innovation. Our Human Resource department has established robust talent development mechanisms, working closely with our executives to define key positions. We screen potential successors for crucial management roles through a comprehensive series of evaluations using a variety of tools. Furthermore, we champion personal development plans for successors, ensuring they are implemented 100%. Moving forward, we will maintain our focus, conducting regular evaluations and providing feedback to ensure the development and progress of our successors remain on track.

Cultivating an Exceptional Leadership Team

We place a strong emphasis on practical experience in the development of our management levels. They are not only involved in numerous cross-functional projects to achieve company goals, but also regularly participate in senior management meetings and strategy sessions. This approach enhances their strategic thinking and management capabilities. In addition, we conduct annual performance evaluations to review their work outcomes. Based on their performance, we plan project work, job rotations, expatriate assignments, or other personal development plans, using performance results as a reference for promotion and salary compensation.

We also engaged senior consultant with extensive industry experience to provide professional coaching for our key management levels. Through one-on-one coaching sessions with the consultant over a period of more than six months, our key management levels not only achieve the company’s business goals, but also attain multiple aspects of business acumen and self-development in the sharing and exchange of leadership experience, thereby effectively enhancing their succession capabilities.

Planning Strategic Leadership Training

Our Human Resource department meticulously plans training courses for our management levels each year, aligning with organizational strategies and leadership competencies. In 2023, our potential successors have successfully completed 100% of the required leadership courses. Additionally, we arranged for potential successors and key management levels to participate together in the “Individual Development Workshop”. This encouraged the exchange of ideas on subordinate development and succession planning, with a focus on achieving a win-win situation for career and personal development. We have also organized advanced technology courses and personal effectiveness training for our key management levels. These course arrangements are diversified and carefully planned, with the aim of strengthening our future management team and equipping our management echelon with a more comprehensive skill set.

Through our comprehensive training and development programs, we continuously enhance the decision-making and judgment capabilities of our management levels, thereby ensuring a high-quality talent pool. Our succession planning strategy underscores the importance we place on corporate governance, our commitment to the future, and our dedication to sustainable development. We remain steadfast in our mission to cultivate exceptional leaders and implement company policies.

Information Security Policy

I. Information Security Governance System, Goals and Strategies

GUC aims at building a tight and effective information security defense network as its information security vision. With consistency in information security governance, the Company is gradually improving its comprehensive protection capabilities, and hopes to become an enterprise with outstanding performance and maturity in information security governance. The Information Security Department is in overall charge of the information security system and relevant compliance. It also promotes the implementation of relevant operations to continue the improvement of information security awareness and professional capabilities. Through the application of technologies, the information security risks and weaknesses are identified, for which effective reinforcement measures are taken to build up a sound governance system and comprehensive information security protection capabilities, and meanwhile to cultivate employees' information security awareness.I. Information Security Governance System, Goals and Strategies.

II. Security Policy ImplementationII. Security Policy Implementation

1. Formulate information security management guidelines in line with regulatory and customers’ requirements.

2. Build a consensus on the comprehensive implementation of information security protection through all employees’ awareness.

3. Protect the confidentiality, completeness, availability and legal compliance of the Company’s and customers’ information.

III. Security Organizations

1. Security Committee

The "Information Security Committee" is responsible for the management and planning of information operations security, and the establishment and maintenance of information security management systems. As the top information security supervisors, they oversee the execution of the company’s entire information security operations and the efficacy of the information security risk management mechanism, report to president, update the progress in the management meeting of senior executives each quarter, and present the execution outcome of the overall information security management organization related information security operation and system to the Board of Directors each year to ensure that senior executives and Board members fully understand the company’s current information security management status and enforce management’s requirements for information security policies. Act as the highest-ranking officer responsible for information security. A “meeting of information security representatives” is held at least once per year and the meeting participants cover the responsible personnel of relevant information systems and external information security consultants in a number exceeding 13 persons to review the information security development plans and implementation results, and to announce policies related to information security and implementation focuses.

2.Proprietary Information Protection (PIP) Committee

PIP Committee: The PIP is constituted by the representatives designated by supervisors of the respective divisions of the entire company (including its branches throughout the world). The committee has a total of 21 colleague members including the chairperson; the executives at the vice general manger level holds quarterly meetings, responsible for the research/discussion, establishment, audit, promotion, etc. of all the Company’s proprietary information control operations. Protecting proprietary information is GUC's commitment to customers, shareholders and the Company’s employees. GUC understands that proprietary information protection is closely related to the Company's current and future competitive advantages. Thus, the《Proprietary Information Protection (PIP) Policy》has been formulated to clearly define the Company's proprietary information protection management procedures and regulations, by which the Company can properly control its trade secrets and undisclosed confidential information related to GUC to ensure the best interests of the Company, shareholders, employees, customers and suppliers. GUC's proprietary information protection is carried out based on the management cycle of Plan-Do-Check-Act (PDCA), which continuously strengthens the ability to protect proprietary information, and enhances personnel's correct concept about and vigilance over proprietary information protection, thereby reducing the risk of proprietary information leakage.GUC has also formulated management measures to incorporate information security and ethical management within employee performance evaluations.

2.1 Inspections are conducted on a quarterly basis to ensure the implementation of the Company's proprietary information protection measures.

2.2 Raise the awareness of proprietary information and the rules to follow through everyday work and various occasions.

2.3 Conduct educational training to improve employees' information security awareness and capability. In addition to listing proprietary information control as a mandatory topic for new employees’ training, all employees should also be re-trained twice every year to continuously strengthen and enhance their information security awareness.

2.4 Regarding PIP violations, management measures have been formulated, and reporting mechanisms have been established to assess responsibility and administer penalties.Relevant punishments and required corrections have been made in accordance with the cause of the violation and the degree of the impact, and dissemination as well as educational training has continued. The PIP violations occurring over the years are listed as follows:

The total number of violations resulting from employee’s failure to comply with the proprietary information protection procedure in 2024 accounts for 0.12% of the number of employees.2.4 Regarding PIP violations, management measures have been formulated, and reporting mechanisms have been established to assess responsibility and administer penalties.Relevant punishments and required corrections have been made in accordance with the cause of the violation and the degree of the impact, and dissemination as well as educational training has continued. The PIP violations occurring over the years are listed as follows:

The total number of violations resulting from employee’s failure to comply with the proprietary information protection procedure in 2024 accounts for 0.12% of the number of employees.

PIP training

Total number of employees in the prevailing year

Ratio of employees who completed the training

2022

2023

2024

759

819

839

100%

PIP Violation

Number of violations by colleagues

Number of violations by outsourcing suppliers

2022

2023

2024

IV. Security risk management framework countermeasures

1. Information security defense capability reinforcement and maturity evaluation:

Conduct regular information security tests for system strengthening, and continue the implementation of business continuity drills. Develop cybersecurity incident response plans, and take corresponding reporting and recovery actions. At the same time, risk analysis is conducted through third-party verification (3rd-Party Risk Assessment), utilizing objective results and threat intelligence from platforms such as Security Scorecard and Panorays to further enhance the information security management framework.

The target score for Security Scorecard in 2024 is set at 95 or above, with the score maintained at 98 or higher since January 2024.

The target score for Panorays in 2024 is set at 90 or above, with the score maintained at 97 or higher since January 2024.

The frequency of External Vulnerability Scan has been increased from once per week to currently once per day. Any high-risk vulnerability being identified can be fixed at once.

To further reinforce its anti-hacking capabilities, the Company engaged a locally-renowned white hat hacker team to simulate offensive and defensive assessments with a Red Team in 2022 and conducted penetration testing in 2024. Apart from taking the initiative to understand hacker’s thinking and strengthening employees’ anti-hacking awareness, such experience has been used to continue to improve the intranet automatic joint defense system.

2. Information security management procedures upgrade:

GUC successfully met the ISO 27001 international standard for information security in 2021 and obtained certification. Through annual surveillance audits, the company continuously improves its information security management system.

In response to the International Organization for Standardization (ISO) officially releasing the ISO/IEC 27001:2022 standard on October 25, 2022, the company completed the document review and on-site audit in October 2024, Passing the transition review and re-certification audit with no nonconformities.

3. Risk management

The major risks concluded from the analysis of various possible combinations of threats and weaknesses assessed in annual risk assessments are as follows:

3.1 Fraudsters use fake emails to trick company’s employees into sending money or making transactions.

3.2Those who commit industrial espionage or a company’s competitors use hacking techniques to continuously hack into the company’s internal hosts and steal the company’s internal information.

3.3 Crime groups work with hackers to distribute contents with malicious links through emails, text messages, social software, and communication software. A victim's computer data may be encrypted and kidnapped, and a high ransom will then be asked for the recovery.

3.4 Hackers launch a large number of connection requests through the Internet, interrupting the normal operations of a company's network.

3.5 Internal employees use illegal software, or copy the company's confidential and sensitive information to portable storage devices, which may lead to information leakage if the devices are lost, stolen or sold.

3.6 Information software/hardware may be damaged due to natural or man-made disasters, resulting in service interruption or data loss.

3.7 The evaluation suggests that likely losses resulting from the overall information security risk is still low and falls within the range of self-protection. The results of annual evaluations are also reported to the Board of Directors.

3.8 Currently no Information Security Insurance has been taken out; however, for the above-mentioned risk concerns, several measures such as the application of information security management principles, introduction of technological solutions, and reinforcement of information security educational training are concurrently employed to establish fortified information security management mechanisms. The key measures are as follows:

(3.8.1) .Regular internal and external audits are conducted to ensure compliance. The company obtained ISO 27001:2013 certification in Q4 2021 and successfully passed the annual certification audit and transition review to the updated standard in October 2024. The company has obtained the new ISO 27001:2022 certification and continues to enhance its information security management system.

(3.8.2) Two social engineering attack simulation exercises are conducted every year. Employees who fail an exercise or who fail two consecutive exercises are required to then attend information security reinforcement training. Such training enhances employees’ sense of alertness against email fraud.

(3.8.3) Install antivirus and MDR(Managed Detection and Response) protection systems on the client side to provide real-time anomaly detection and alerting as well as forensic analysis and endpoint recovery functions. Block USB storage device connection and stop users from installing software. Moreover, provide Backup File Server for users to back up important data.

(3.8.4) With respect to the network layer, incorporate the use of firewalls to control network traffic and applications. Develop a security monitoring and management mechanism for intranet protection and database access.

(3.8.5) Employ the DRM (Digital Right Management) confidential and sensitive document management system and disk encryption technologies to protect the confidentiality of documents.

(3.8.6) Adopt mail filtering and auditing systems and Anti-APT solutions to reduce the risks arising from email usage.

(3.8.7) Introduce fingerprint identification systems and swipe-card systems in gateway management to meet the physical security requirements of two-factor authentication.

(3.8.8) Centralize the management of hosts and establish environmental control and alarm mechanisms for the data center. Perform regular data backups and carry out emergency recovery drills on a yearly basis.

(3.8.9) The multi-factor authentication mechanism has been compulsorily used for the remote access, so as to reduce the risk of password theft and credential stuffing attack. In addition, full video-taping has also been made to effectively record the use behavior and establish the audit track.

3.9 An important information system’s disaster recovery drill has been performed twice per year to ensure timely response when system abnormalities occur, reduce system downtime, and lower the impact on the company’s operations.

3.10 The Red Team Assessment was conducted in 2022 to simulate an invasion attack while not affecting the company’s operations so as to authenticate information security detection and response abilities and grasp the potential risk condition. The eight information security leaks found in the assessment have all been promptly improved upon and protection measures have been adopted.

3.11 In 2024, a penetration test was conducted to identify and remediate potential vulnerabilities in systems containing highly sensitive data. This initiative aimed to further improve and strengthen security measures. As a result, two vulnerabilities have already been addressed and reinforced.

3.12 The responsible persons of respective information systems have been weekly convened to discuss current week’s information security incidents and adopt required protection measures.

social engineering attack simulation

Total number of employees in the prevailing year

Ratio of employees who completed the simulation

2022

2023

2024

759

819

839

100%

4. Training

he Information Security Department also conducts Information Security Awareness-raising Educational Training for all employees on a quarterly basis. The topics are determined based on the encountered internal/external threats. The topic for each quarter of 2024 is listed as follows:

2024 Information Security Awareness-raising Educational Training

Quarterly Result

TOPIC

CONTENT

Quarter 1

What is Stealer Malware

Quarter 2

Precautions When Using Social Media

Quarter 3

How to Prevent Deepfake AI Scam Videos

Quarter 4

How to Identify Fake News in the Digital Age

V. Resources invested in information security

The Company keeps investing resources in information security related fields. Resources being invested in improving the fundamental structure for governance and technology, strengthening the equipment for information security defense, information/data monitoring and analysis, incident response drills, educational training, etc. to comprehensively enhance the information security capabilities.

VI. Incidents

A specific information security reporting and handling process has been established to report and handle information security incidents. Information security incidents are accepted and graded by the reporting point of contact of the information unit. If the incident is a major information security incident, it will be reported to the risk management panel, and the information unit shall eliminate and solve the incident within the scheduled time limit, and conduct a root cause analysis and adopt remedy measures after the incident is fully handled, so as to prevent a repeat occurrence.

So far in 2024, we have not suffered any losses due to major security incidents.

Cyber security incidents

Material cyber security incidents

Number of data leaks

Number of employee and customer’s personal information leaks

Amount of penalties resulting from information security incidents

2022

2023

2024

IP Right Management

GUC has established the following strategy by aligning the key objectives of business operation with protection of intellectual property rights. For the specific development of silicon intellectual property ("SIP") and advanced package technology("APT", patent engineers and R&D personnel review the results of research and development to evaluate the feasibility of patent applications. GUC will actively apply for patents for those cases with patent portfolio value, and keep track of the progress. To strengthen GUC's competitiveness in specific areas, this approach is also valuable to patent the SIP project/IC product and eventually achieve the goal of protecting SIP project/IC product. The relevant management between patented intellectual property and SIP can also be used as the benchmark for evaluation of patented intellectual property as well. By the date of December 31, 2024, GUC has obtained 560 patents in the world. The manager of the legal department reports to the board of directors meeting on the implementation of the intellectual property management plan at least once per year.

Moreover, GUC has initiated the related management plans for intellectual property rights since 2000. The main achievements are illustrated as follows:

"The Patent Application Procedure" was promulgated in 2000. The then-current version is 22th edition released on Aug 09, 2022.

"The Proprietary Information Protection Procedure" was established in 2003. The latest version was 10th edition released on May 26, 2021.

"The Trademark Management Regulation" was enacted in 2008. The latest version was 3rd edition released on May 23, 2012.

"The Proprietary Information Protection Policy" was published in 2012.

In 2015, GUC's patent management on-line system ("System") was launched. It significantly improved the management of patent-related affairs, such as proposal management, application management, bonus management, contractor (i.e., external IP firm) management and comprehensively enhanced the efficiency of patent-related operations. Meanwhile, the System has recorded the complete internal technology and patent research/development results which cover the phases from patent proposal to submission of the said application.

"The Policy of Intellectual Property Rights Management" was formulated in 2016.

Complaint Policy and Procedures

Complaints Policy

For safeguarding the rights and interests of employees, developing mutual labor relations and establishing a complete management system, Global Unichip Corporation has established the Global Unichip Corporation Complaints Policy to institute the Company's complaint filing channels and investigation procedures, and to protect the Company's legitimate rights and interests.

Complainant may provide the above information through the following channels: Inbox: ombudsman@guc-asic.com, Mail address: No. 10, Li-Hsin 6th Rd. Hsinchu Science Park, Hsinchu City, Taiwan/GUC’s Human Resource. GUC employees shall file reports in accordance with the procedures under this Regulation. Unless under exceptional circumstances, complaint cases shall not be disclosed to external third parties (e.g. news media, public representatives, affiliated companies) without authorization.

GUC Complaints Policy

Whistle Blowing Policy

For the purpose of establishing a corporate culture of honest business operations, and in accordance with the provisions of Article 5, Paragraph 5 and Article 25 of Global Unichip Corporation's "Procedures for Ethical Corporate Management and Guidelines of Conduct", Global Unichip Corporation has established the Global Unichip Corporation Whistle Blowing Policy to clearly establish the Company's whistle blowing channels and investigation procedures, and to protect the Company's legitimate rights and interests.

GUC Whistle Blowing Policy

Whistleblowers may provide the above information through the following channels: ombudsman@guc-asic.com, fax/telephone line: 03-5790696, mail address: No. 10, Li-Hsin 6th Rd. Hsinchu Science Park, Hsinchu City, Taiwan/GUC’s Internal Audit, GUC's official website for Irregular Business Conduct Reporting System, or the Chairman of the Audit Committee's mailbox (acinfo@guc-asic.com).

Irregular Business Conduct Reporting System

Download Policy

Item

DOWNLOAD

File Download

GUC Complaints Policy

GUC Whistle Blowing Policy

Necessary cookies

Necessary cookies allow us to offer you the best possible experience when accessing and navigating through our website and using its features. For example, these cookies let us recognize that you have created an account and have logged into that account.

Functionality cookies

Functionality cookies let us operate the site in accordance with the choices you make. For example, we will recognize your username and remember how you customized the site during future visits.

Analytical cookies

These cookies enable us and third-party services to collect aggregated data for statistical purposes on how our visitors use the website. These cookies do not contain personal information such as names and email addresses and are used to help us improve your user experience of the website.

guc h1

Corporate Governance

Overview

Taiwan Stock Exchange Corporate Governance Evaluation Top 5%

TIMELINE OF IMPLEMENTED COPORATE GOVERNMENCE MEASURES VS. LEGAL REQUIREMENTS

A dedicated corporate governance unit

Dedicated integrity management unit

Board of Directors

Board Responsibilities

Board Structure

Directors' Biographies

Performance Evaluation of Boards and Directors

Major Resolutions of BOD Meetings

Independent Director

Independent Directors’ Communications with the Internal Auditor and CPAs

Committees

Audit and Corporate Governance Committee

Compensation Committee

Strategy and Sustainable Development Committee

Corporate Governance Officer

CGO Responsibility

Main business execution in 2024

Major Internal Policies

Shareholders' Meeting

Board of Director

Committees

Corporate Governance

Risk Management

Risk Management

Succession Planning

Management Team Succession Planning

I. Information Security Governance System, Goals and Strategies

II. Security Policy ImplementationII. Security Policy Implementation

III. Security Organizations

IV. Security risk management framework countermeasures

V. Resources invested in information security

VI. Incidents

COOKIES

Cookies Policy

What Are Cookies?

Why Do We Use Cookies?

Cookies Used on This Website

Privacy Policy

I. Introduction

II. Information We Collect About You and How We Collect It

Information You Give to Us.

Information We Collect About You.

Google Analytics.

Cookies Used on This Website.

III. How We Use Your Information

Necessary for entering into or the performance of a contract with you. For example:

Necessary for us to comply with a legal obligation.

Necessary for the purposes of the legitimate interests pursued by a third party or us (to the extent it does not infringe on any data subject's fundamental rights and freedoms). For example:

IV. Disclosure of Your Information

V. Cross-border Transfers of Personal Data

VI. Data retention

VII. Choices About How We Use and Disclose Your Information

Cookie Settings.

Promotional Offers from Us.

Categories of Personal Information We Collect

VIII. Your Rights With Regard to Your Personal Data

IX. Data Security

X. Third-party Websites

XI. Children Under the Age of 18

XII. Revisions to Our Privacy Policy

XIII. Data Controller & Contact Information

Legal and Trademark

Please Read These Terms Carefully Before Using This Site.

Trademark Information:

Copyright and Ownership:

Feedback

Use of Your Information

Disclaimer