1. Home
  2. Governance

Risk Management

Risk Management Organization

An organization’s risk management plays a critical role in monitoring and managing the risks and opportunities that stem from the internal and external forces that can impact a company’s profitability, success, or even survival.

Risk Management Organization

Construct a proactive risk management mechanism so that relevant units can respond to risk events in a timely manner through risk management procedures, reduce or avoid the impact of risk events, and ensure sustainable operations.

The responsibilities of each role are as follows:

Risk Management Policy and Process

In order to strengthen corporate governance and risk control capabilities, and continue to optimize risk management policies and procedures, the company has formulated the “Risk Management Policy and Procedure” and approved by Audit Committee and the Board of Directors to determine the group’s material risk items from top-down.

The Material Risk will coordinate and control by Risk Owner, set up key risk indicators (KRI) to provide early warning functions, so that the Company can respond to and resolve the possible impacts of risks early. The risk execution unit conducts self-risk identification, analyzes the level of risk impact, and proposes a risk treatment improvement plan.

In response to possible risks that may arise in the course of business both internally and externally in a systematic way and in line with annual plans. We have developed the “Risk Management Operation Manual" to ensure the effective implementation of risk management operations. For material incidents, in order to immediately reduce disasters and resume normal operations, we also set up the “Crisis Management Operation Process.”

pdfRisk Management Policy and Procedure
Risk Management Evaluation Matrix

We conduct risk and opportunity matrix analysis to identify the possibility and the influence degree, and each give them a score of 1 to 3. The probability multiplied by the influence degree will become the risk level, and then take corresponding actions.

pdfExplanation of Risk Evaluation Matrix
Other Related Information

In the changing environment, new types of risks are constantly emerging, including climate crises, sudden disease crises, and the like, which have a huge impact on the environment, society, and economy. At the same time, companies must continue to review and adjust response strategies to remain competitive.

For climate change risk management and response, please refer to "Climate Change Risks and Opportunities"
For the assessment of other opportunities and risks, please refer to Opportunities and Risks

Internal Audit System

Independence

The internal audit unit (Auditor Office) is subordinate to the Board of Directors, and set up an Audit Supervisor. The appointment, removal, evaluation and remuneration of the Audit Supervisor shall be approved by the Audit Committee and Remuneration Committee before a resolution of the Board of Directors. In addition, the appointment, removal, evaluation and remuneration of other auditor staffs, should be reported by the Audit Supervisor, and approved by the Chairman of the Board of Directors. Audit supervisors are required to attend all Audit Committee and Board meetings and report on the implementation of internal audit business. Communication meetings are arranged twice a year with Independent Directors.

Risk orientation

Formulate and implement the Group's annual audit plan based on the risk assessment results, and plan audit operations based on the risk assessment results and control status of the audit items.

Systematize self-assessment assignments

Design and implement a self-assessment system. The internal control self-assessment at the operation level of each unit of the Group were carried out using the online system; a five-point scale has been developed to quantify the assessment results.

pdfThe internal audit organization, operation, and process

Digital Resilience and Information Security

Information security risks such as data theft and cyberattacks remain critical concerns for experts and decision-makers worldwide. With the success of digital transformation, digital resilience has become a key factor in ensuring operational continuity. As a real estate brokerage, Sinyi Realty relies heavily on extensive databases and information systems to serve its clients. Throughout the property transaction process, the Company handles a significant amount of client data, making the smooth operation of information systems and information security essential to its business operations and a vital competitive advantage. With the rapid advancements in internet technology and communication, the importance of information security continues to grow.

The responsibility for information security lies with the IT Service and Information Security Management Department, which is tasked with establishing internal information security policies, planning and executing information security operations, and promoting and implementing information security policies. The department regularly reports the information security implementation plan and its progress to the Board of Directors annually to ensure that the internal information security management mechanisms continue to operate effectively.

pdfInformation security management policies and measures