TSMC Annual Report >  2015 >  Corporate Governance > Regulatory Compliance

Regulatory Compliance

TSMC’s robust compliance efforts are comprised of legislation monitoring, developing and implementation of effective compliance policies and programs, training, and maintaining an open reporting environment.

Legislative Monitoring

TSMC operates in many countries. To comply with governing legislation, applicable laws, regulations and regulatory expectations, we closely monitor domestic and foreign government policies and regulatory developments that could materially impact TSMC’s business and financial operations. Our Legal organization periodically updates our relevant internal departments, management and the Audit Committee of applicable regulatory changes so that internal teams ensure compliance with new regulatory requirements in a timely manner. We are a proactive advocate for local legislative and regulatory reform. For example, we achieved remarkable results in strengthening trade secret protection in Taiwan, and generally our comments and recommendations on legal reforms to the government have been accepted constructively. TSMC is increasingly dedicated to identifying potential regulatory issues and will continue to be involved in advocating public policy changes that foster a positive and fair business environment.

Policy and Compliance Program Development and Implementation

Under the framework of the Code, TSMC has established policies, guidelines and procedures in different compliance areas, including: Anti-corruption, Anti-harassment/discrimination, Employment Regulations, Antitrust (unfair competition), Environment, Export Control, Financial Reporting, Internal Controls, Insider Trading, Intellectual Property, Proprietary Information Protection (“PIP”), Privacy, Record Retention and Disposal, as well as procuring raw materials from socially responsible sources (“Conflict-free Minerals”). It is our belief that these policies are crucial in strengthening overall compliance with the Code and compliance programs. TSMC, its employees and its subsidiaries and affiliates are expected to fully understand and comply with all laws and regulations that govern our businesses and make ethical decisions in every circumstance.

Compliance Awareness Training

Training is a major component of our regulatory compliance program, conducted throughout the year to refresh TSMC’s employees’ commitment to ethical conduct, and to get updated information on laws and regulations related to their daily operations. Highlights of our training include:

  • Posters at our facilities, and news articles, compliance guidelines and tips which our employees can access through our intranet;
  • Live seminars focusing on specific topics such as Anti-Corruption (this was the highlight of our compliance training activities for 2015, as described in Section 3.3.1 below), PIP, Intellectual Property, Personal Data Protection, Conflict Minerals Compliance and Export Control Management. Training is made mandatory for those employees whose jobs are especially relevant to a particular topic to ensure sufficient awareness of relevant laws and internal policies;
  • On-line learning programs updated frequently to provide most up-to-date information and timely and flexible access for employees to understand the law and key compliance issues, covering topics of Antitrust, Anti-harassment, Insider Trading, Export Control Management, PIP, and Privacy Protection among others;
  • External training, in Taiwan and abroad, for TSMC’s legal team to receive current developments of new laws and regulations, and for its lawyers to comply with applicable continuing legal education requirements. External experts are also invited to give in-house lectures on key issues.

Reporting Channel

As mentioned above, TSMC provides an open reporting channel for employees and external parties such as our customer, vendors and subcontractors through its Ombudsman. Below is a summary of the Number of Reported Incidents:

FY 2014

FY 2015

Incidents submitted to the Ombudsman System (Note)

39

60

Incidents submitted to the Audit Committee Whistleblower System

-

-

Incidents reported to the “hotline”
which were treated as plausible

22

16

-

-

Sexual Harassment Investigation Committee
which were found after investigations

4

7

4

7

Note:

There were no incidents related to ethics, financeor accounting matters in 2014 or 2015.

Major Accomplishments

In 2015, TSMC achieved several major accomplishments in regulatory compliance:

  • Public Promotion Activities: In addition to rigorously fulfilling our obligations on regulatory compliance matters, TSMC exercised its civic duties as a responsible corporate citizen by advising the local government on law and policy reform, including urging the Government to amend certain outdated laws and regulations, which we believe were inconsistent with global practice, to improve Taiwan’s investment environment and economic development. For example, since Taiwan legislature’s acceptance of TSMC’s advice to impose criminal liability for trade secret misappropriation in 2012, TSMC continues to be an advocate of trade secret protection, and hosted multiple events to raise the event participants’ awareness of this topic that is critical to innovation and fair competition.
  • Internal Training: Throughout 2015, TSMC offered a wide range of training courses on various compliance topics, including 12 on-line training courses, and 37 topics covered via live seminars. These courses were all developed and conducted by compliance experts and legal professionals.
  • Anti-Corruption Program Enhancement: To provide more specific behavioral guidance to our employees, TSMC implemented new Anti-corruption Rules based on the anti-corruption provisions in the Code, and initiated a series of awareness activities to ensure our employees’ compliance with the requirements. Being the most interactive way of communication, the Legal organization provided a series of face-to-face training sessions to over 6,000 employees from different internal organizations. Employees who could not join the in-person training participated through the on-line training program. Overall, around 25,000 employees (including those of our subsidiaries) received the training and ahead into 2016, it is our objective to continuously provide compliance training that includes the topic of anti-corruption, among others, to this same group of the employees. We also plan to conduct face-to-face communications with our manager-level employees to promote awareness of and ensure compliance with TSMC’s business conduct standards when interacting with third parties.
  • Conflict-Free Supply Chain: As a recognized global leader in the electronics industry supply chain, we acknowledge our corporate social responsibility to strive to procure conflict free minerals in an effort to recognize humanitarian and ethical social principles that protect the dignity of all persons and have implemented a series of compliance safeguards. In 2015, TSMC has been making continued progress to ensure a conflict-free supply chain. Its conflict-free minerals compliance has also been highly ranked by independent third party rating agencies.
  • Export Compliance: In order to prevent any unauthorized export of controlled items by TSMC or any of its subsidiaries, a formal policy and export management system (EMS) existed for a number of years is continuously maintained to ensure compliance with all applicable regulations covering the export of information, technologies, products, materials and equipment. TSMC’s EMS allows TSMC to streamline its complicated SHTC (Strategic High-Tech Commodities) export process and creates efficiency for both TSMC and its customers. TSMC’s EMS was certified in September 2012 by the Bureau of Foreign Trade, the Taiwan regulator, as a qualified ICP (Internal Control Program) exporter. Because of its successful implementation, TSMC has also frequently earned recognition as “best in class” and was asked to share our experience on EMS implementation to third parties that included a variety of domestic and foreign organizations and industry peers.
  • Privacy: TSMC on behalf of itself and its subsidiaries adopted a privacy and personal data protection policy to meet global standards for handling personal data in compliance with relevant legislations respecting personal privacy in the workplace. A variety of promotion events were provided throughout 2015, including live, in-person seminars and online training programs, as well as the publication of educational materials such as a set of FAQs on TSMC intranet for employees’ easy access. All Human Resources staff received proper training as well. Flyers and eBanners posted throughout our facilities and through our intranet also successfully raised employees’ awareness on this topic. Through our dedication, we are fostering a culture whereby an individual’s personal data and privacy are protected and handled in line with global standards.