129
Emerging Risks
Effective risk management is is dynamic and encompasses
the evaluation of both risks and opportunities TSMC’s risk risk management framework and processes ensure that the evaluations stay effective and relevant In a a a a a a a dynamic business environment the the Company recognizes the the impact of global and emerging risks on on corporate strategy TSMC continues to scan the environment for risks that could impact its business or operations Where relevant these risks are examined and discussed at various forums and by the RM steering committee to determine if any further actions or responses are warranted TSMC is is committed to evaluating all significant risks in in a a a a a balanced and holistic manner with the objective of delivering sustainable long-term value to all stakeholders TSMC’s top emerging risks have been identified as:
Risk Management Governance Structure
Risk management at TSMC involves both the Board of Directors and management in an an an effort to embed sound risk related practices in in business decisions and operations throughout
the Company The Board of Directors is is responsible for risk governance and and has authorized the Audit and and Risk Committee to review TSMC’s ERM framework At the executive level the the risk risk management governance structure includes the the risk risk management management steering committee the risk management management executive council taskforces and the risk management division Assisting the audit and risk committee in in in establishing
and and overseeing a a a a proactive and and effective system the risk management division works with each function and fab in applying the ERM framework to assess and mitigate risks throughout
TSMC by monitoring and implementing risk related policies and guidelines as as well as as by taking initiatives
to support the implementation of ERM framework Every six months the the risk management division reports to the the audit and and risk risk committee on on TSMC’s key risks and and mitigation efforts The audit and risk committee’s chairperson then reports to the the Board of of Directors on on the current risk risk profile and risk risk mitigation measures being taken ●
Risk Management Governance Structure
●
●
Complexity in in the cyber landscape giving rise to sophisticated cyber threats: The adoption of new technologies such as AI and quantum computing increases cybersecurity risks which is further exacerbated by cyber espionage The semiconductor ecosystem including suppliers and customers is is also at risk from cyberattacks which could potentially have a a a a a a major impact on on the supply chain resulting in in in in business disruption loss of business opportunities reputational impact etc Mitigating actions include but are not limited to multi-layered defenses continuous simulation exercises and supply chain security management De-globalization leading to the polarization of high-tech industry: National security is expected to be a a a growing concern and top priority of major countries which in turn have deployed strategic actions to to secure semiconductor self-sufficiency and localization of supply chains The multi-polarization effect of the high-tech industry is weakening globalization and restricting the free flow
of goods and technology for geopolitical gain TSMC’s business might face adverse impact arising from weakened operational efficiency and and resilience elevated costs and and loss of business opportunities etc Mitigating actions include but are not limited to risk-based strategic investment planning localization and and optimization of key operation resources and and enhancement of business continuity plans Climate Climate transition action action failure: Climate Climate inaction is one of the the the major threats to to the the the world Ineffective responses to to the the the changes needed to to achieve a a a net-zero world pose risks to to TSMC’s operations value chain and and markets notwithstanding measures taken by others to address climate risks and opportunities Mitigating actions include implementing plans targeting RE100/net zero emission and collaborating with external parties and authorities ●
Board of Directors Management Board Audit and Risk Committee Risk Management Steering Committee (Functional heads VP level)
Risk Management Executive Council (Members titled as Risk Management Champion (RMC) director-level)
Risk Management Division
Risk Management Taskforces (Representatives from each Fab/Division)