臺灣證券交易所

The TWSE comprehensively assesses the potential impact of risks and ensures that risks are effectively controlled and managed through the internal control system or processes.

• To control financial risks, the Finance Department regularly and intermittently assesses financial instruments, transaction processes, and counterparties in accordance with relevant laws and regulations, as well as manages operational funds according to internal policies approved by the board of directors. The Finance Department then proposes improvement reports and is responsible for implementation.
• As market risk mainly involves external factors, rigorous review processes are implemented in consideration of the effect of external economic environments and market fluctuations to optimize the overall position of the market risk.
• Other emerging risks or potential material risks are reported to the board of directors for evaluation and handled once they are identified. Improvement procedures in progress are tracked to effectively minimize the effect of different risks.

For details of risk management related to the stock exchange market, please refer to the chapter "The Right Approach to Finance."

The TWSE established the Internal Audit Office to ensure the effective implementation of its internal control system, through periodic audits, supervision, and reviews. In addition, each year the TWSE prepares a report on internal controls regarding their design and implementation effectiveness to respond to changes in the environment and improve the quality of the self-supervision mechanism.

In 2020, the TWSE conducted 222 documentary audits and 203 on-site audits (including three special audits); no significant deficiencies were found, and the TWSE's risk management ability was determined to be properly administered.

The TWSE has a Business Continuity Committee headed by the president and established the "Implementation Guidelines for the Business Continuity Management System," which covers the business continuity plans of computer and business departments. The purpose of such plans is to properly handle emergency incidents when they first occur, initiate recovery procedures, restore normal operations within a specified period, and stabilize the market. The business continuity reporting procedures are shown in the below diagram.

Every year the TWSE conducts at least one drill and test, with items including paper test, sand table exercise, local physical test, and full-scale physical test, to create the best preparation for the worst scenarios.

In 2020, the primary center and second backup center of the TWSE became certified for ISO 22301 business continuity management. This outstanding risk management is a key factor in the implementation of business continuity management, and provides secure protection for the securities market.