TSMC’s commitment to integrity has been the cornerstone of TSMC’s robust compliance efforts, which are comprised of legislation monitoring, compliance policies, training and an open reporting environment.

TSMC operates in many countries. Therefore, in order to achieve compliance with governing legislation, applicable laws, regulations and regulatory expectations, we closely monitor domestic and foreign government policies and regulatory developments that could have a material impact on TSMC’s business and financial operations. TSMC’s Legal Organization periodically updates our internal departments, management and the Audit Committee of applicable regulatory changes so that internal teams may comply with new regulatory requirements in a timely manner. We are also a proactive advocate for local legislative and regulatory reform. For example, we have achieved remarkable results in strengthening trade secret protection in Taiwan, and our major comments on legal reforms to the government have been accepted constructively. TSMC is increasingly dedicated to identifying regulatory issues and will continue to be involved in advocating public policy changes that foster a positive and fair business environment.

Under the framework of the Code, TSMC has established policies, guidelines and procedures in different compliance areas, including: Anti-bribery/corruption, Anti-harassment/discrimination, Antitrust (unfair competition), Environment, Export Control, Financial Reporting/Internal Controls, Insider Trading, Intellectual Property, Proprietary Information Protection (“PIP”), Privacy, Record Retention and Disposal, as well as procuring raw materials from socially responsible sources (“Conflict-free Minerals”). It is our belief that the above-mentioned policies are crucial in strengthening overall compliance with the Code. TSMC, its employees and its subsidiaries and affiliates are expected to fully understand and comply with all laws and regulations that govern our businesses and make ethical decisions under any circumstances.

Training is a major component of our compliance program, conducted throughout the year to refresh TSMC’s employees’ commitment to ethical conduct, and to get updated information on laws and regulations related to their daily operations. Highlights of our compliance training program include the following:

• Publicizing our compliance policies via posters, news articles, and compliance guidelines which our employees can access through our intranet;
• Live seminars focusing on such specific topics as Anti-bribery/corruption, PIP, Contract Management, Intellectual Property, Privacy Protection, Conflict Minerals, Insider Trading, and Export Control (latter two being primary topics in 2014) which are mandatory for employee affected by these topics to ensure adequate awareness;
• A wide range of on-line learning programs updated frequently to provide most up-to-date and accurate information and timely and flexible access for employees to understand the law and key compliance issues, covering Antitrust, Anti-harassment, Insider Trading, Export Control Management, PIP, Privacy Protection, to name just a few;
• External training of TSMC’s internal teams in Taiwan and abroad to receive on current developments of new laws and regulations. External experts are also invited to give in-house lectures on key issues, while our internal lawyers comply with applicable continuing legal education requirements.

To ensure that our conduct meets the highest legal and ethical standards, TSMC provides multiple channels for reporting business conduct concerns. First of all, we have implemented the “Complaint Policy and Procedures for Certain Accounting and Legal Matters” and “Procedures for Ombudsman System” that allow employees or any whistleblowers with relevant evidence to report any financial, legal, or ethical irregularities. To foster an open culture of ethics compliance, we encourage employees to report suspected wrongdoing within the organization or any parties with whom we do business via the above-mentioned reporting system. We also established an Ombudsman system open to external reporting. Below is a summary of the Number of Reported Incidents:

Major Accomplishments

In 2014, TSMC achieved several major accomplishments in regulatory compliance, including the following:

• In addition to rigorously fulfilling our obligations to regulatory compliance matters, TSMC has discharged its civic duties as a responsible corporate citizen by advising the local government on law and policy reform. TSMC regularly urged the Government to amend any outdated laws and regulations, which may be inconsistent with global practice to improve our investment environment and economic development. For example, after Taiwan’s legislature accepted TSMC’s advice of imposing criminal liability on trade secret misappropriation in 2012, TSMC worked closely with the authorities concerned to carry out the amendment of relevant laws including the Communication Security and Surveillance Act, the Intellectual Property Case Adjudication Act, and the Witness Protection Act. To protect R&D work and fair competition, we will continue to be an advocate of trade secret protection.
• Throughout 2014, TSMC offered a wide range of training courses on various compliance topics, including 12 topics via on-line education and 36 topics via live seminars. These courses were developed and conducted by compliance and legal professionals. In 2014, we primarily focused training on insider trading and export control, having achieved a high completion rate for both courses (over five thousand employees for insider trading and over fifteen thousand employees for export control). TSMC will regularly review and update our training programs and identify new areas of training as necessary.
• TSMC is subject to the U.S. Securities & Exchange Commission (SEC) disclosure rule on conflict minerals released under Rule 13p-1 of the U.S. Securities Exchange Act of 1934. As a recognized global leader in the hi-tech supply-chain, we acknowledge our corporate social responsibility to strive to procure conflict free minerals in an effort to recognize humanitarian and ethical social principles that protect the dignity of all persons. We have implemented a series of compliance safeguards and maintained frequent communications with our suppliers and subsidiaries. We make it an annual requirement for our suppliers and subsidiaries to sign and submit the conflict-free representation letter as well as Conflict Minerals Reporting Template. In 2014, we also provided our suppliers and subsidiaries with in-person training lectures to promote awareness.
• In order to prevent any unauthorized export of controlled items, a formal system, namely EMS, has existed for a number of years and continuously updated and sustained to reinforce TSMC’s internal compliance measures, which measures are taken to ensure compliance by TSMC and all of its subsidiaries with all applicable regulations covering the export of information, technologies, products, materials and equipment. TSMC’s EMS allows TSMC to streamline its complicated SHTC (Strategic High-Tech Commodities) export process and creates efficiency for both TSMC and its customers. TSMC’s EMS was certified in September 2012 by the Bureau of Foreign Trade, the Taiwan regulator, as a qualified ICP (Internal Control Program) exporter. Because of its successful implementation, TSMC has also frequently earned recognition as “best in class” and was asked to share our experience on EMS implementation to third parties that included a variety of domestic and foreign organizations and industrial peers.
• TSMC adopted its Personal Data and Privacy Protection Policy to comply with the Personal Information Protection Act of Taiwan that became effective in 2012. This Policy aims to provide TSMC and its worldwide subsidiaries with global standards for handling personal data and respecting personal privacy in the workplace. Furthermore, to educate TSMC individuals about the restrictions and procedures applicable to handling personal data and respecting personal privacy in the workplace, TSMC rolled out several privacy awareness initiatives, including a variety of training programs such as seminars and both in-person and online courses. All staff within our Human Resources department were provided with proper training to ensure their compliance with relevant policies and guidelines when handling personal data of TSMC employees. Compliance posters in our facilities also increase employees’ awareness of privacy protection in the workplace. Through these action steps, we are dedicated to promoting awareness of data protection and privacy and to creating a culture whereby an individual’s personal data and privacy are protected and handled in line with global standards.