Risk Management
The risks faced by enterprises are getting more diverse and complex. With the threats of globalization, geopolitical conflicts, diseases, and climate change, how to comprehensively grasp and manage major risks that have major impact on operations and profitability has become a crucial issue.
Shih Wei identifies the opportunities and risks faced by the maritime industry in detail. For each category of opportunity and risk, the respective designated departments take responsibility within their scope of work to leverage advantages and implement corresponding strategies and actions. Risks related to vessel operations are managed in accordance with the ISM Code policies and procedures.
The Board serves as the highest governing body for risk management matters. In 2023, the Company launched a risk management implementation project and established a dedicated Risk Management Task Force to systemically oversee and integrate risk management issues. According to the Risk Management Policy and Procedures, Risk Management Team is led by the President; composed of Department heads and staff. The Risk Management Task Force meets quarterly to assess risk levels, implementation, and trends, with records compiled and at least one report made annually to the Audit Committee and the Board. 2024 Risk Management Operations Report was submitted to the Audit Committee and the Board of Directors on December 24, 2024.
Directors and Officiers Liability Insurance
To strengthen corporate governance and protect directors and key officers from personal liability and financial loss arising from third party litigation in the course of duty, the Company has placed Directors and Officers (D&O) Liability Insurance with Chung Kuo Insurance. This is intended to mitigate the potential liability exposure they face in the discharge of their duties, ensuring they can focus on the Company’s strategy and decision-making.
Given the capital-intensive nature of our industry and the scale of asset purchases, in recent years we have increased the insured amount to US$10 million to align with our asset size and the proportionality principle in risk management. This mechanism transfers potential liabilities arising from duty performance to the insurer, thereby mitigating unknown risks to overall operations, safeguarding the rights and interests of shareholders and stakeholders, and demonstrating our commitment to sound corporate governance.
Management Procedures and Risk Identification
| Management Procedures | Risk Identification |
|---|---|
| Shih Wei’s risk management procedures include objective setting and strategy planning, risk identification, risk analysis, risk evaluation, risk response, and risk monitoring and review. The Risk Management Task Force, with reference to the Best-Practice Principles for Risk Management of TWSE/TPExlisted companies and other international standards and good practices, develops the risk appetite and risk-analysis measurement standards, which, upon Audit Committee approval, serve as the basis for risk analysis, evaluation, and response execution. |
Each designated department identifies risks for its short-, medium-, and long-term objectives and business mandates in line with Company strategy and the risk management policies and procedures. Risk identification may adopt feasible analytical tools and methods, drawing on past experience and information and considering internal and external risk factors and stakeholder concerns, to comprehensively identify potential events that could hinder achievement of objectives or cause loss or negative impact to the Company. Risk sources include strategic, operational, financial, compliance, and other risks. |
Risk Identification Results
The Top 10 major risks identified by the Company are summarized below. For linkage to climate risks, please refer to 3.2 Climate Change Risks and Opportunities.
| Risk Aspect | Risk Category | Risk Event | Risk Management Measures |
|---|---|---|---|
| Governance | Strategic risk | Geopolitical and other external events | Adopt multiple measures to respond to geopolitical changes, including timely route adjustments, protective clauses and contingency mechanisms in contracts, regular screening against sanctions lists for specific regions/countries, and close monitoring of international political-economic developments to inform and implement response strategies. |
| Governance | Strategic risk | Asset acquisition and disposal | Strictly follow procedures and applicable regulations for acquiring/disposing of assets. Conduct risk assessments or valuation reports prior to vessel acquisition/disposal to ensure decision accuracy and reliability. |
| Governance | Operational risk | Ship inspection and rating |
|
| Social | Operational risk | Human resources and labor management |
|
| Governance | Operational risk | Damage to goods/assets/equipment |
|
| Governance | Operational risk | Business continuity & incident/crisis handling |
HQ:
Assess and plan measures. Establish BCP/DRP and conduct regular system-recovery drills
Fleet: Include protective clauses in contracts. Regularly screen sanctions lists. Rrack international political-economic developments. Issue fleet circulars on possible incidents, latest regulations, and cautions. Conduct accident-response drills and submit photo. if a ship is detained/arrested, identify causes, liaise with authorities for PSC re-inspection and release the ship, and amend Company procedures and notify the fleet. For incidents, the Master reports immediately and the Emergency Response Task Force is activated. For crew injury/illness, arrange medical assistance at the nearest port or crew change, and contact Maritime Rescue Coordination Center when necessary.
|
| Governance | Operational risk | Data security and personal data protection | Conduct regular data security and personal data protection training. Deploy firewalls with real-time updates. Install and update endpoint antivirus. Regularly update OS/software. Run social-engineering drills. Back up and test-restore data. Establish incident reporting/handling procedures. Implement personal data protection management. And encrypt electronic files during storage/transmission. |
| Governance | Financial risk | Working capital and liquidity | Perform investment evaluation and budgeting. Reinforce management of current assets/liabilities to avoid overuse of funds. Pursue an optimal capital structure with the lowest total capital cost within acceptable financing risk. Use financial instruments to hedge interest-rate risks. |
| Governance | Compliance risks | Regulatory Compliance |
Track the latest regulations/standards. Actively participate in seminars and engage with external bodies. Implement necessary measures and staff training; analyze regulatory trends and upgrade/replace equipment likely to fall out of compliance. Consult legal counsel or communicate with authorities on ambiguities. Analyze each violation and circulate learnings to prevent recurrence.
|
| Environmental | Compliance & other risks | Environmental risk |
|
For information regarding climate risks, please see Climate Change and Energy Management, or refer to the Sustainability Report.