momo has set-up a risk management mechanism, with the management and employees all playing a part in the implementation. The mechanism identifies potential risks so that early action can be taken and helps momo maintain steady growth. It also protects the interests of stakeholders so that we can fulfill our responsibility on social sustainability.
Risk Management Organization
The momo Risk Policy is enforced by the President who convenes the responsible units to execute risk management measures according to the type of risk, and underlines the importance of comprehensive risk control by all staff and the regular implementation of layers of prevention in order to keep the risk in check effectively. Meanwhile, regular meetings are held by functional committees to maintain the effectiveness of relevant risk management strategies. To ensure the implementation of risk management, the Sustainable Development Management Committee is tasked to coordinate the review of risk management issues and report regularly to the Board of Directors.
Threefold Assessment and Supervision Mechanism for Risk Management Operations
Risk Management Mechanism
As part of our efforts to strengthen the Company's governance, momo instituted the “Risk Management Regulations” on October 29, 2018, which were approved by the Board of Directors and serve as the Company's top guiding principle for risk management, with a view to establishing a sound risk management strategy, identifying potential issues that may affect the Company and managing risks within the Company's risk appetite. In addition to considering the material topics identified during the year, the Company also keeps an eye on emerging global risks and climate change risks.
Faced with emerging risks that may threaten the Company's operations, management convenes the relevant units hit hardest to discuss countermeasures, assesses the likelihood of occurrence of each risk factor and the extent of impact, consults external advisors as necessary, considers existing internal controls and the degree of risk appetite, and incorporates the impact factors into operational strategy planning and decision-making. After a decision is made, the relevant units will carry out risk response measures, including the estimated implementation schedule and resources required. Management will continue to monitor the progress of implementation, make timely adjustments and review the resources required for under-investment to ensure that the Company's objectives are met in the face of emerging risks.
Relevant units compile and report on risk management information to the Board of Directors from time to time to enable Board members to oversee the management's grip on and response to the various risks facing the Company. The Audit Office reviews the compliance of each executive unit with the vetting authority and relevant management practices and procedures to maintain the awareness of risk management and the enforcement by all staff.
To enhance and ensure the implementation and effectiveness of the Company's risk management, the “Risk Management Best Practice Principles” and the “Risk Management Policies and Procedures” will be revised to establish a better risk governance and management framework to facilitate the execution of the Company's risk management.
Risk Identification
Management identifies the main operating risks based on their experience and expertise and evaluates the source of such risk. Risk management is then enforced in accordance with the defined risk management policy.
Supervision and Management of Internal Auditing Unit
The Company has set up an internal audit arm under the Board of Directors to assess, plan and step up review procedures in relation to principal risks for annual and ad hoc audits in the spirit of independence and objectivity and based on the major operational risks identified by the Company. The scope of the audit covers the financial and business operations and management functions of the Company and its subsidiaries to identify possible flaws in the internal control system in a timely manner, and to produce audit reports to provide timely recommendations for improvement to each unit and management to ensure the continued and effective administration of the internal control system, and for the chief auditor to report regularly to the Audit Committee and the Board of Directors on the execution of the audit. In 2022, no internal control deficiencies or irregularities were identified under the audit program, and only recommendations were made on operational processes as a reference for departments to boost management quality.
The internal audit undertakes routine audits and also supervises the implementation of annual self-evaluation by each unit within the Company to establish a self-monitoring mechanism for the Company. The results of the self-evaluation are used as the main basis for the Board of Directors and the President to assess the effectiveness of the overall internal control system and to issue a statement on the internal control system.
Internal Auditing Process
Engaging in Risk Culture
momo is committed to the practice of business ethics in accordance with “integrity”, our core value and philosophy. To give our internal and external stakeholders a better understanding of our corporate ethical guidelines and in the spirit of ethical business practices, the “Code of Ethics” was drawn up using the “Guidelines for the Adoption of Codes of Ethical Conduct for TWSE/GTSM Listed Companies”. All directors, managerial officers and employees are expected to adhere to the Code. In addition to publishing the Code on the corporate website, momo also expects all employees to maintain a high level of personal integrity and professional ethics at work and when conducting company business. If any illegal behavior or violations of the Code of Ethics are encountered at work or when conducting company business, employees should also file a report or complaint, thereby upholding corporate practice and protecting shareholder interests.
Code of Ethics
The momo“Code of Ethics”, published on the corporate website and internal employee website, sets out company expectations on corporate ethics, duties and responsibilities for all employees. The Code of Ethics was reviewed by the Audit Committee, implemented with the approval of the Board of Directors, and submitted to the Shareholder Meeting for reference. Compliance matters such as the Code of Ethics and Ethical Corporate Management Best Practice Principles are covered during orientation training for new hires and enhance employee awareness on rules relating to integrity, ethics, and trade secrets. New hires are also required to sign a declaration indicating their commitment to the employee code of conduct. Regular online courses and tests are held for current employees every year. Employee education on related topics is also conducted regularly. Performance evaluations take employee conduct in the workplace into account, with well-defined rewards or disciplinary action depending on their performance. Article 10 of the momo “Code of Ethics” requires employees to report suspected violations to the Code of Ethics to the Audit Committee, their manager, Chief Audit Officer, or other appropriate management personnel. They should provide sufficient information to facilitate follow-up by the Company. Complaints will be handled in strict confidence and the Company will do everything possible to protect the whistleblower.
Ethical Corporate Management Best Practice Principles
The “Ethical Corporate Management Best Practice Principles” are published on the corporate website and internal employee website. It is also incorporated into the internal control system. The internal auditing unit is responsible for conducting internal audits to identify ethical violations and for making regular reports to the Board. The momo Ethical Corporate Management Best Practice Principles explicitly bans the offering and taking of bribes, illegal political contributions, improper donations or sponsorships, as well as unreasonable gifts, hospitality, or other improper benefits. It includes relevant preventive measures and procedures. Business transactions with parties that have a past record of unethical behavior should be avoided. Clauses on ethical conduct should also be explicitly stated in the relevant business contracts. Incoming employees, managerial officers and directors receive training upon hiring to ensure their familiarity and compliance with the rules. Online courses and training are held every year to strengthen their ethics and self-discipline. For business activities at higher risk of unethical behavior, effective accounting and internal control systems have been put into place. External and secret accounts are not used either. The system is continuously reviewed to ensure the continued effectiveness of its design and implementation.
Well-Defined Whistleblower Mechanism
It is encouraged to report illegal activities or conduct that violate the Code of Ethics or Ethical Corporate Management Best Practice Principles in order to ensure proper enforcement. The “Regulations Governing the Handling of Complaints on Illegal, Unethical, or Dishonest Behavior”was created for this purpose. To establish effective internal and external whistleblower channels and processing mechanism at momo, the processing unit, complaint channels and procedure are explicitly noted on the corporate website and internal employee website. This ensures the proper enforcement of the Code of Ethics and Ethical Corporate Management Best Practice Principles created by momo while also protecting the legal rights of whistleblowers and corresponding parties.
Whistleblower complaints can be made through three channels: in person, over the phone, or by mail. An independent whistleblower contact (audit@fmt.com.tw) was also set up for the use of internal and external personnel. There were no employee violations of the Ethical Corporate Management Best Practice Principles in 2022.
Education and Training Performance and Outcomes
To ensure every employee knows their rights, as well as company policies and practices, new hire training is complemented by regular online education courses, testing and evaluations for all employees annually. Employees must complete the course and achieve a score of 80 to pass. The education program applies to all employees and was completed by 100% of employees regardless of grade, region, and gender.
Compliance
We continue to practice and actively strengthen our compliance management and we are working to establish a sound compliance culture. In addition to tracking and assessing existing regulations and assigning certain regulations to dedicated units, the Company has also devised various policies and rules for implementing compliance. Education and training are utilized to assist employees and related supplier partners with understanding the laws and standards that must be followed in their work. Finally, annual compliance self-assessments are conducted in conjunction with internal control operations so that each unit can examine their compliance performance during their year. The systematic approach outlined above is used to construct an effective safety net for preventing risk events.
momo strictly abides by the regulations and administrative directives of the relevant authorities, and adds and modifies internal workflow management mechanisms at any time pursuant to the latest regulatory amendments and enactments to ensure that all business operations are carried out by law. In 2022, there were a total of six major non-compliance incidents(Note), including five advertising violations and one label breach; all corrective measures were taken immediately to rectify the issues as instructed by the competent authorities to ensure compliance with the law.
To cultivate a proper understanding of the law, the Legal Affairs Office continues to conduct legal education for suppliers and their employees on a regular and ad hoc basis. Important business laws and regulations are verified by the Legal Affairs Office based on the date of publication. The relevant units are then directed to disseminate and implement the information.
