The Company has formulated risk management policies to promote the sound operation and development of the Company, establish the basis for the compliance and implementation of risk management in all operation activities, and serve as the highest guiding principle and management basis for the implementation of all units of the Company and its subsidiaries, shape an organizational culture that attaches importance to risk management, control risk within a tolerable range, and achieve balance between risk and returns, so as to enhance the value of the Company and its shareholders and ensure the sound operation and sustainable development of the Company. A Risk Management Committee is set up under the President to review risk management measures, procedures and structures. The Risk Management Department is responsible for the promotion and implementation of risk management, and shall compile and submit the Company’s risk management implementation report at least once a year.
Important risk management policies
Risk item |
Prevention and control mechanism |
Management unit |
Credit risk |
- Formulate strict credit evaluation and approval mechanism and review procedures, and implement risk management.
- Establish customer credit rating mechanism and statistical model to predict customer default risk probability.
- Establish post-loan management mechanism and strengthen credit supervision during dealings with customers.
- Monitor asset quality status, evaluate restrictions in the industry and dealings with customers, and diversify customer credit risk.
- Pay close attention to the economic environment, adjust the industry credit policy according to the development of the industry.
- Improve credit investigation skills and enhance the risk evaluation ability of auditors through education and training and case study.
|
First Review Division |
Legal risk |
- Protect customer data in accordance with the Personal Information Protection Act and relevant internal regulations.
- Develop intellectual property management methods and intellectual property management plans to safeguard the Company’s rights and interests and avoid infringement.
- Establish operating procedures for relevant businesses in accordance with applicable economic, social and environmental laws and regulations.
- Pay attention to the changes of laws and regulations all the time, and amend the Company’s rules in a timely manner.
- Infinite Finance complies with government laws and regulations, and conducts internal supervision to ensure the compliance of all business and contracts.
|
Legal Compliance Office |
Environmental risk |
Take reduction measures in environmental and energy management, including efficiency improvement and environmental protection, as well as conservation and recycling. |
Asset Management Department |
Information security risk |
- Define information and communication security policies and information security management measures in response to laws and regulations, technologies, corporate governance, and the needs of enterprise development, and periodically conduct inspection to implement information security management and internal control operations.
- Establish information security control systems and mechanism, and take appropriate protective measures to build in-depth defense and ensure the effectiveness of information security management.
- Conduct remote backup drills regularly to ensure the Company’s systems properly protected and data switched over and restored within a reasonable time limit, as well as to guarantee the continuity of the Company’s core business.
- Conduct self-information security review and risk assessment regularly, strengthen information security management capabilities and technologies continuously to optimize the Company’s information security management according to the PDCA cycle.
- Provide information security education regularly, strengthen employees’ intelliegnece and awareness of information security, improve information security intelligence, and establish a safe and reliable environment for information and communication operation.
|
Information Department |
Money laundering prevention risk |
- Prepare institutional risk evaluation reports, identify and evaluate the degree of money laundering and terrorism financing risks of the product structure, as well as the ability of its own system to counter product risks and residual risks, and take measures to strengthen monitoring for high-risk cases.
- Make plans and policies on preventing money laundering and combating terrorist financing, as well as plans and operating procedures on preventing money laundering and combating terrorism financing, and fully standardize relevant money laundering prevention and control measures.
- Establish the anti-money laundering management system and conduct detailed verification on customers who apply for financial leases. For factors related to suspicious transactions, monitor the transactions of such customers with the aid of system reports, and conduct regular reviews for customers with different risk levels. If any suspicious transactions are found, they shall be reported to the competent authority in accordance with the regulations.
- Carry out education and training on money laundering prevention and control continuously, and strengthen personnel’s awareness of money laundering prevention and control.
|
The 1st line of defense:
Business units
The 2nd line of defense:
Designated personnel responsible for money laundering prevention
The 3rd line of defense: Auditing Office |