Risk Governance

EGCO Group has a transparent and independent risk management structure, with clearly defined roles and responsibilities between the Risk Oversight Committee and the Risk Management Committee. This ensures that the risk management process follows enterprise risk management frameworks, best practices and supports the efficient business operation.

Risk Oversight Committee:

The Chairman of the Risk Oversight Committee is an independent director, with other board members and the President of EGCO also serving as committee members. The Executive Vice President for Corporate Strategy acts as the secretary. The Risk Oversight Committee plays a key role, including:

  • Reviewing, assessing, and providing feedback on risk management policies, frameworks, best practices, risk management strategies and acceptable risk levels.
  • Overseeing the evaluation of corporate risks, emerging risks and impacts, as well as monitoring and assessing risk management plans.
  • Reporting the results to the Board of Directors regularly.

Risk Management Committee:

The Chairman of the Risk Management Committee is the President of EGCO, with Senior Executive Vice Presidents from all business groups serving as committee members. The Senior Vice President of Risk Assessment Division acts as the secretary. The Risk Management Committee plays a key role, including:

  • Implementing the organization’s risk management policies and guidelines.
  • Supporting risk management activities at all levels, from the corporate level to the operational level.
  • Reporting the status and results of risk management to the Risk Oversight Committee and the Board of Directors.
  • Notifying and reporting any new risk factors, incidents and emerging risks that could have a significant impact.

In addition, EGCO Group has adopted the Three Lines of Defense (3LOD) approach for risk management to ensure a comprehensive and effective risk control and oversight system.

First Line of Defense: Risk Owners

  • Directly responsible for managing operational-level risks.
  • Key Role: Identify and assess risks, implement and execute risk management measures, monitor results, and report the status of risk management.

Second Line of Defense: Risk Assessment Division

  • Supports and oversees the management of strategic risks.
  • Key Role: Assist in identifying and assessing risks, develop risk mitigation measures, operate risk management information system, serve as the secretary for the Risk Management Committee and assistant secretary for the Risk Oversight Committee, report the status and results of risk management to the Audit Committee every 3 months and report the status and results of risk management of new investment opportunities to the Investment Committee.

Third Line of Defense: Internal Audit Division

  • Conducts independent risk audits.
  • Key Role: Assess and assure the effectiveness of the overall risk management system, report audit results directly to the Audit Committee. The Audit Committee approves audit plans and evaluates the performance of the Internal Audit Manager.

Framework for Corporate Risk Management

Click to Enlarge