Risk Management
The Board of Directors is the highest decision-making unit for the Company's risk control, and directly supervises the Company's risk governance structure. In response to changes in the global economic environment and sustainable risks, the Company has established a complete risk management organizational structure and implementation promotion levels to identify and grasp the relevant risks that may affect the sustainable development of the Company based on the three major aspects of economy (including corporate governance), environment and society. Through relevant management strategies and response measures such as risk transfer, reduction and avoidance, possible risks are minimized and even transformed into operating opportunities.
Chroma defines various risks in accordance with the "Organizational Context Analysis and Risk Management Procedure" established by the Operation Management Center and the Company's overall operating policy, and establishes a risk management mechanism for early identification, accurate measurement, effective supervision and strict control. It prevents possible losses within the acceptable risk range, continuously adjusts and improves the best risk management practices based on changes in the internal and external environment, in order to protect the interests of employees, shareholders, partners and customers, increase the Company's value, and achieve the principle of optimizing the Company's resource allocation.
The corporate risk management process consists of three steps:
Step 1 Risk Category Identification
Environment
1.1.1 Risks related to the management of greenhouse gas emissions, carbon credits, and energy management in response to climate change and natural disasters; and risks of compliance with international and local environmental laws and regulations, such as the management of air, water, waste, toxic substances, noise emissions, or environmental impact assessment requirements.
Social
2.1.1 Operational aspect: includes risks t o the Company caused by occupational health and safety, chemical management, safety protection and emergency response, and other risks resulting from improper or erroneous human management and operations.
2.1.2 Workplace environment aspect: includes risks related to issues of a safe working environment for employees or contractors.
Economic (Including corporate governance)
3.1.1 Political and economic aspect: includes risks to the Company’s finances or business caused by domestic and international political, economic, and regulatory factors.
3.1.2 Industry aspect: includes risks t o the Company’s finances or business caused by changes in domestic and international technology and industry trends. Chinese competitors are rapidly launching products with highly competitive specifications and prices, not only in the Chinese market but also expanding into European and American overseas markets.
3.1.3 Financial aspect: includes risks o f changes in value of the Company’s financial assets or liabilities (including assets and liabilities both on and off the balance sheet) caused by fluctuations in market risk factors (interest rates, exchange rates, stock prices, commodity prices, and electricity prices), resulting in various losses.
Step 2 Risk evaluation
Chroma, in accordance with the "Organizational Context Analysis and Risk Management Procedure" established by the Operation Management Center, conducts quantitative assessments of each risk item based on its severity and probability of occurrence. The importance is determined using the "Risk Analysis and Management Strategy Matrix" to identify major topics and evaluate key critical risk items. This enables Chroma to further take necessary response measures, such as transferring, accepting, reducing, or avoiding risks. Through the operation of the PDCA management cycle, the Company continuously and effectively improves and monitors various risk factors, aiming to reduce the probability and severity of risk-related losses.
Step 3 Establish risk control measures
Environment 
Social 
Economic (Including corporate governance) Risk Type
1.1 Environmental Risks
Risk control measures
- Continuously improving processes to reduce carbon emissions in response to environmental protection issues.
- Showcasing the results of technological innovation in the superior perf ormance and functionality of new products, and introducing green design at all stages of the product life cycle to reduce environmental impact, thereby fulfilling product responsibility and consumption.
- Setting the goal of“ net-zero emissions at office sites by 2030; net-zero emissions across all sites by 2050.”
- Starting in 2025, gradually increasing the proportion of green electricity by an average of 5% annually, aiming to achieve RE30 by 2030.
Risk Type
2.1 Workplace Hazard Risks
Risk control measures
- Formulating various operational management guidelines in compliance with relevant regulatory requirements.
- The Occupational Safety and Health Committee regularly reviews compliance with environmental and occupational safety laws and regulations.
- Continuously improving in accordance with ISO 45001:2018 requirements and has achieved the goal of zero incidents.
Risk Type
2.2 Human Resource Risks
Risk control measures
- Conducting regular manpower inventory and audits.
- Planning and implementing employee education, training, and development programs.
- Designing competitive compensation and employee benefits measures.
- Comprehensive training and local talent development programs.
Risk Type
3.1 Market Risks, 3.2 Operational Risks, 3.3 Investment Risks, 3.4 Regulatory Compliance Risk
Risk control measures
- In recent years, the electric vehicle-related automotive electronics components, batteries, and charging station industries have been booming. Additionally, the issue of climate change has driven carbon reduction and energy transition measures. Solar, wind power, and smart grids/energy storage have also driven the demand for power converters.
- Such products require stringent quality standards and must comply with relevant regulatory requirements on performance and safety, thus placing higher demands on testing equipment in terms of power and functionality. The Company’s power electronics testing equipment has evolved in response to industry needs toward high power, bidirectional energy recovery, and multifunctional capabilities to address complex and versatile testing requirements.
- The Company continues to develop automatic testing systems for power converters used in various industries, providing a powerful software platform with built-in test items tailored to different test objects, serving multiple industries such as onboard chargers, charging piles, and power conditioning systems (PCS), thereby maintaining the competitive advantage of this product line.
- Each year, the Company invests significant R&D resources and invests in companies with unique technologies to ensure leadership in key technologies. It leverages its highly integrated capabilities in optics, mechanics, electronics, temperature control, and software to maintain the Company’s competitive edge and growth, achieving the goal of sustainable management.
- Over the years, the Company and its subsidiaries have been deeply rooted in the instrumentation and automation industries, which have high technical entry barriers. The Company continues to maintain a leading position in various product technologies. However, with the continuous launch of new products, maintaining competitiveness requires ongoing product line expansion, enhancement of product technological capabilities, collaboration with top-tier manufacturers, improvement of R&D capabilities, and investment in companies with unique testing technologies to maintain product advantages.
Risk Type
3.5 Information Security Risk
Risk control measures
- ISO 27001 information security certification was obtained in January 2022, and the Plan-Do-Check-Act (PDCA) model is implemented to achieve a cycle of continuous improvement. Furthermore, in December 2024, we completed the ISO 27001:2022 version upgrade verification audit, which also extended the certification scope to include subsidiary ADIVIC Technology Co., Ltd. and the Netherlands branch.
