ESG

Sustainability Management

ASPEED Sustainability Policies and Blueprint

Operation and Objectives of Sustainability Committee

As a Fabless IC design company, ASPEED Technology recognizes the importance of pursuing sustainable development as we continue to make profits. In 2020, we established a CSR Working Team and converted it into the Sustainability Committee under the Board of Directors in 2021 as a key decision maker for ASPEED’s sustainable development. The committee is headed by the vice president of sales who convenes and chairs meetings of the Sustainability Committee. Under the committee will be the Sustainability Development Working Team, which, in addition to regularly overseeing the performance of corporate sustainability-related activities, is even responsible for incorporating sustainable development into the decision-making process for corporate operations and important strategies, leading the five work teams of “Corporate Governance”, “Risk Management”, “Environmental Sustainability”, “Employee Relations” and “Social Participation” to coordinate the implementation of each aspect.

The Sustainability Development Working Team under ASPEED Technology’s Sustainability Committee is responsible for gathering the concerns from various stakeholders and keeping abreast of the development trends of domestic and foreign laws and policies. A meeting is held biannually for each work team to report on their operation. We conduct regular review on ASPEED’s sustainability strategies and short-to-medium term plans to make adjustments as needed. A meeting was held in each of the first and second half of 2022, covering: 1. Report on the progress of the Sustainability Development Working Team. 2. In light of the domestic and international regulatory policy trends, a review on the sustainability strategies for 2021 and adjustment on the three-year short-term goals. 3. Final Review of the 2021 Sustainability Report (Second Half Meeting). The Sustainability Committee reports to the Board of Directors once in each of the first and second half of the year. On the board meeting in March and November 2022, the committee presented the sustainability strategies and objectives, performance of annual sustainability projects, results of GHG inventories, implementation of TCFD projects, report on 2021 Sustainability Report and ESG Summary and submission for approval, while at the same time commits to the Board for its continued promotion and implementation of sustainability strategies and objectives.

Sustainability Strategies

ASPEED Technology uses core technologies to enhance green and power-saving R&D. By focusing on building a talented sustainable technology workforce in Taiwan, a robust system of corporate governance, and an inclusive society with shared benefits, we strengthen the corporate resilience of ASPEED Technology towards the next stage of sustainable growth.

Sustainability Blueprint
Strategic Development Achievements In 2022 Goals For 2023-2024
Environment Focusing on green energy-saving core technologies
  • Regularly performing incoming GHG inventories and passing third-party verification
  • Power saving and carbon reduction, formulating carbon reduction targets and actions
  • Strengthening core R&D and improving power consumption by chips
  • Joining Taiwan Climate Partnership and participating in various affairs
  • Passing the ISO14064-1:2018 GHG inventories at the organizational level
  • Responding to the Carbon Disclosure Project (CDP), the Responsible Business Alliance (RBA), and other international initiatives and ratings
 Constantly conducting GHG inventories and expanding the s cope of the Scope 3 inventory
  • Setting and applying for the SBTi SME scientific carbon reduction net zero goal
  • Strengthening R&D to improve energy consumption of 8th generation BMC chips
  • Purchasing renewable energy
Social Building a talented sustainable technology workforce in Taiwan
  • Developing core values of sustainability and promoting ESG for all employees
  • Strengthening the cultivation of talents and seeking to advance women in technology industry
 Emphasizing diversity and equality in workplace, implementing corporate diversity and inclusion. Specifying the D&I policy in the work rules of employees
  • Organizing workshops on sustainable talents, employees involvement in cultivating female technology talents
  • Creating compensation packages with market competitiveness and internal equality
  • Organizing cultivation activities for female technology talents
  • Planning a series of ESG courses to establish the sustainable awareness among all ASPEED employees
Governance Solidifying corporate governance and strengthening corporate resilience
  • Building a complete corporate sustainable governance framework and system
  • Strengthening risk management strategies
 Strengthening the structural diversity and supervisory obligations of the Board of Directors
  • Promoting the whistleblower system
  • Use the Task Force on Climate-related Financial Disclosure (TCFD) framework to evaluate the impact of climate change on risk management and responses associated with corporate governance, strategies, and financial risks
  • Initiating the digital transformation program
  • Completion of a third-party supervised whistleblower reporting system
  • Increasing the number of female board members in the 8th Board of Directors to strengthen the diversified structure
  • Considering linking ESG performance indicators to executives’ compensation
  • Continuously promoting the second phase of the digital transformation program

Risk Management

Risk Management Policies

ASPEED Technology is a fabless IC design company. Having adopted a “Fabless Lite 2.0” operating model, our workforce primarily consists of R&D personnel, management and marketing staff, and administrators. We do not routinely engage in foundry production processes. Changes to the global economic environment and the potential internal and external operational impacts of sustainability risks underscore the importance of preventing problems before they emerge. Knowing how to avoid problems and respond to risk is critical. ASPEED Technology therefore formulated the Risk Management Policy, which uses corporate governance, environmental, and social topics as a foundation to identify risks that could have an impact on the Company’s sustainable development. The Company then crafts follow-up response strategies that are in line with primary areas of concern for our stakeholders as well as international trends.

Material Risk Management and Responses

To respond to unpredictable risks that emerge during business and to be on guard against the negative effects of internal and external environmental changes, ASPEED Technology established risk management units that are overseen by the Sustainability Committee, under the Board of Directors. After considering various business continuity standard requests and following internal evaluations, the risk management units implement control and management measures. The management framework primarily involves monitoring, analysis, and confirmation of risks by finance, business, administration, environment & safety, and information security units. They then report on these risks to management and launch response mechanisms. Investor relations, media relations, and public relations staff communicate these issues externally at the appropriate time to ease any concerns of stakeholders. By identifying risks, managing organizational and operational risks, and formulating countermeasures, related staff members play a critical role in risk control.

Risk Identification

ASPEED Technology carries out risk identification, analysis, evaluation, response, and tracking based on the Company’s internal organization and core business as well as external environmental conditions. Scope covers corporate governance, environmental, and social aspects, and other sustainable development areas. In 2022, seven material risk factors we identified were: “market risk”, “operation/technology”, “occupational safety”, “information security”, “public health”, “climate change risk” and “supply chain management”. In response to climate change risks, we have incorporated them into the risk identification procedures in 2022, and revealed four core elements: “governance”, “strategy”, “risk management” and “indicators and targets” based on the recommendations of TCFD to identify the material risks and opportunities that climate change may cause to ASPEED. At the same time, the risk team regularly considers domestic and international climate change topics, trends, and laws, as well as carbon emissions, and continues to manage and respond to the risks and opportunities posed by climate change shocks.

Risk Type Risk Factor Responsible Unit Operating Impact Response
Market Risk High risk transaction Finance & Legal unit Engaging in high risk, highly leveraged investments, lending of funds to others, endorsement of guarantees and derivatives, etc., where the risk of default may result in financial loss
  • The Company has established relevant management measures. The relevant transactions shall be carefully evaluated by the finance and accounting, legal and relevant units for necessity and reasonableness, and are subject to effective approval before proceeding to minimize the possible loss
Change in interest rate and foreign currency exchange rate Finance & Legal unit Impact of interest rate and foreign currency exchange rate changes on income and expenditures, and financial profit or loss
  • Long-term monitoring of international conditions and investment markets. Follow appropriate risk standards when evaluating investments and hedging interest and foreign exchange rates.
  • In terms of exchange rate management, the import and export transactions of ASPEED Technology are mainly denominated and calculated in USD, so changes in the NTD/USD exchange rate have certain impact on the profit and loss of the Company. Exchange gains (losses) accounted for (1.47%) and 3.69% of net operating income in 2021 and 2022, respectively, showing that changes in exchange rates did not have a material effect on profit and loss. The Company has dedicated personnel to collect information on changes in international exchange rates and keep in contact with the foreign exchange department of the banks, referring to the professional consulting services provided by them, and timely currency exchanges to reduce risk exposure in response to the Company’s cash requirements. At the same time, depending on the position of foreign currency, hedging is carried out in accordance with the Operating Procedures for Asset Acquisition or Disposal when necessary.
Operation/Technology Contractual dispute Finance & Legal unit Financial risk and brand impact arising from litigation dispute
  • Trim disputes or litigations through contract review process developed by the Legal Management Division and engage external professional lawyers to assist
    • Intellectual property risk Finance & Legal unit Loss of assets and profits due to infringement of intellectual property rights
    • Comply with relevant laws and regulations on intellectual property rights, apply for and maintain and advocate the protection of relevant intellectual property rights
    Occupational safety Workplace hazards Administration and environment safety & health unit Unsafety at workplace affecting employees and operations
    • Continue to obtain ISO14001 environmental management system certification
    • Regularly conduct hazard identification and risk assessment and control the identified results
    Information security Unexpected information interruptions caused by hacker attacks or major natural disasters Information security unit Cyber attacks and information outflows will affect the protection of internal and external intellectual property information, causing serious problems such as disrupted operations, financial damage or violation of laws and regulations. Long-term damage to goodwill and customer relationships will affect the foundation of sustainable corporate development
    • Continue to obtain ISO27001 information security management certification
    • Set up firewalls, conduct relevant information security education and training, and continuously convey information security concepts to employees
    • Regular annual internal audit on information security and all-staff drill
    • Implement information security recovery drill to test the effectiveness of the information system recovery process and ensure the continuous operation of the Company’s systems due to natural disasters or malicious attacks
    Public health Large-scale infectious disease outbreaks Risk management unit Large-scale infectious disease outbreaks lead to production suspension, which in turn lead to a reduction in the Company’s productivity, disrupted operations, shortage of materials in the supply chain and reduction in the pulling power of customers, resulting in operation loss
    • The pandemic prevention team formulates plans and implements pandemic prevention policies according to pandemic changes
    • Conducting group work drill and emergency drill for epidemic upgrade warning
    • Strengthen environmental disinfection, announce and put up signs to remind the factories to continue with epidemic prevention
    • Encourage employees to take vaccines to increase protection
    Climate change Power and water disconnection Risk management unit Operational inefficiency caused by power and water disconnection, failure of personnel to work properly or endangering their safety at work may also cause financial impact
    • Conducting group work drill and emergency drill for epidemic upgrade warning
    Supply chain management Price hikes due to insufficient production capacity, or unexpected natural disasters such as earthquakes, typhoons, and explosions Risk management unit Abnormal events may cause interruptions in the supply of materials, suspension of the processing factories, and delays in delivery to customers, for which the Company is liable for liquidated damages
    • Perform short-, medium- and long-term inventory risk assessments
    • If necessary, procurement-led emergency meeting is held for inventory control
    Climate change risk and opportunity management

    Global warming and extreme climate have caused significant operational impact on enterprises. The challenges of climate change faced by enterprises are currently one of the most urgent issues. Since 2022, ASPEED Technology has voluntarily adopted the proposed guidance on Task Force on Climate-related Financial Disclosures (TCFD), and revealed four core elements: “governance”, “strategy”, “risk management” and “indicators and targets” in accordance with the recommendations of TCFD to identify the material risks and opportunities that climate change may cause to ASPEED Technology, and put forward relevant response strategies. In April 2023, the Company officially signed as the “Task Force on Climate-related Financial Disclosures (TCFD)” Supporter. We pay close attention to the trend of global climate change and international development. At the same time, we also incorporate climate change issues into the key material issues of corporate sustainable development, and evaluate the impact and impact time within the Company. Meanwhile, based on the results of the analysis, we continue to control and respond to the risks and opportunities posed by the impact of climate change.

    Identification process for climate change-related risks and opportunities

    ASPEED Technology carries out matrix analysis on the potential impact of various climate change risks, including the direct or indirect physical impact of extreme climate, and the risks and opportunities of the impact of transformation with regulations, technologies or market demand. Based on the analysis results, we propose corresponding response measures, assess the financial impact of climate risks and opportunities, thereby adjusting the relevant internal management mechanism, and establishing an open and transparent communication channel with various stakeholders to reduce climate change risks and grasp the opportunities brought by climate change. ASPEED Technology identifies the risks and opportunities brought by climate change based on two or more climate change scenarios. Through climate change risk and opportunities workshops, we engage divisional heads and key members groups to conduct climate change research, discussion, information compilation, and review of climate risks and opportunities.

    The specific identification process for risks and opportunities related to climate change is shown as follows:

    A. Setting a climate change scenario B. Assessing operational environmental impact C. Identify climate risks and opportunities
    Setting two climate change scenarios:
    SSP5-8.5: Hit up to 6°C
    SSP1-2.6: Hit up to 2°C     		Evaluating the impacts and consequences of two climate change scenarios on the operational environment and stakeholders of ASPEED Technology Building a climate risk and opportunity matrix to identify high risks and opportunities of climate change

    After the completion of the identification of climate risks and opportunities, we identified 3 high-risk factors and 3 high-opportunity factors in 2022 based on the “possibility of occurrence” and “degree of impact” of risks or opportunities. The risk matrix and opportunity matrix of ASPEED’s climate change in 2022 is as follows:

    Description of risks associated with climate change
    Risk prioritization Type of risks Risk factor Time of occurrence
    1 Transition risks – market Rising raw material costs Short-term
    2 Entity risks Extreme changes in climate patterns have led to severe disasters Medium-term
    3 Transition risks – policies and regulations Increased regulation of existing products and services Medium-term

    Note: definition of time horizon: short term: 2022-2024, medium term: 2024-2030, long term: 2030-2050

    Risk 001: Rising raw material costs
    Impact scenario:
    Due to climate change and global energy crisis, the difficulties in mining and production of silicon raw materials have increased, and the mining area may face the problem of power limitation and shortage of electricity. As a result, the cost of silicon raw materials increased greatly. Due to the increase in raw material costs and product costs, the Company’s competitiveness has been affected, resulting in a decrease in revenue.

    Risk impact oriented assessment
    1. Delayed delivery of goods: Production capacity and raw materials require higher prices and longer production cycles than ever before.
    2. Unstable supply: Increase in raw materials and production costs, coupled with insufficient labor capacity, have directly and indirectly affected output, leading to longer delivery time and unstable access time.
    Financial impact oriented assessment Increase in production costs

    Risk 002: Extreme changes in climate patterns have led to severe disasters
    Impact scenario:
    Due to the increasing severity of extreme weather, the adverse climate such as the increased intensity and duration of typhoons have caused flooding and power outages, affecting the operations of the Company and its foundries As a result of the severe weather:

    1. Decrease in production capacity, damage to equipment and difficulty in transportation of foundries led to reduction in supply or prolonged delivery
    2. Power outage caused damage to laboratory equipment, disrupted testing, and impacted product development progress; slower revenue on delayed output of the Company’s products
    Risk impact oriented assessment
    1. Capacity decline: Capacity loss is caused by the outbreak of severe climate, the flooding that results in staff being unable to return to work, and cargo transportation being hindered.
    2. R&D loss: The power outage caused damage to laboratory equipment, disruption of testing, and impacted product development progress.
    Financial impact oriented assessment Increase in operating costs, decrease in revenue

    Risk 003: Increased regulation of existing products and services
    Due to the policies and regulations of various countries, customers require that the specifications of products need to be adjusted in the direction of low energy consumption, energy saving and power saving, and in line with green product regulations, so that the products can meet the regulatory specifications. Unusual changes in policies and regulations led to higher technical requirements for customer demand and higher uncertainty, resulting in higher costs for the Company; if the product design adjustment fails to meet the requirements of policies and regulations, it will have a negative impact on the internal and external stakeholders of the Company and affect the Company’s goodwill.

    Risk impact oriented assessment Failure of meeting the requirements resulting in the revision of product specifications may affect the schedule of sales: the market demand for energy saving and carbon reduction is getting stronger, the power consumption standard of the end products is becoming more stringent in all countries, and the demand for products with low power consumption is increasing. If the products do not have enough competitiveness in terms of power consumption, the orders will be reduced and the time for product specification modification will be extended, affecting the revenue.
    Financial impact oriented assessment Decrease in revenue
    Response strategies for climate change-related risks
    Response strategies to address rising raw material cost:
    1. Reduce the risk of supplier disconnection: We will explore the possibility of introducing multiple suppliers in the future, stabilize the source of raw materials and supply demand, negotiate with suppliers and increase the amount of raw material stock and inventory turnover.
    2. Enhance customer relationship maintenance: We will improve customer brand loyalty, strengthen communication to enhance customers’ willingness to cooperate, and reduce the impact of sales loss.
    Response strategies to tackle severe disasters due to extreme changes in climate patterns:
    1. Set up an operation continuity plan: We will introduce remote work process and necessary tools, regularly conduct education and training, so that employees can understand the on-going operation mechanism, be familiar with the remote work process and collaborative tools, so as to cope with the contingencies and maintain productivity.
    2. Reduce the risk of supply chain disruption:
      1. Optimize the supplier evaluation system: We will assess the operation continuity plan of the foundries, the prevention and contingency measures of physical disasters, and conduct regular audits.
      2. Capacity replacement plan: We will select areas with high terrain or low rainfall intensity to build a diversified network of foundries to facilitate the relocation of capacity in the event of a disaster.
    3. Establish a cloud backup mechanism: In conjunction with the ongoing digital transformation project of ASPEED, we will establish a cloud backup mechanism for the R&D of key software and important data, so that the R&D will not be disrupted by physical disasters, and R&D data and information will be kept at any time to avoid the loss of R&D investment caused by the interruption of data collection or transmission.
    4. Maintain continuous laboratory operations:
      1. Uninterrupted power supply: We will import a smart power or uninterrupted power system, and set up self-owned emergency generator.
      2. Improve energy efficiency: We will purchase energy-saving and power-saving electrical appliances which will automatically switch to standby mode or shut down when idle.
      3. Set up a backup laboratory: We will evaluate the location of the backup laboratory and consider replacing part of the existing laboratory work with cloud services.
    Response strategies to strengthen the regulation of existing products and services:
    1. 1. Keep abreast of product regulations and trends: Through the taskforce for product regulations and trends in the Legal Unit, we will regularly track the latest product-related regulations and trends, and conduct regular staff education and training sessions to discuss the trends so as to assess the existing product revision needs and response strategies, such as re-obtaining certifications that meet product standards.
    2. Strengthen raw material management: Raw material components used in supply chain production must conform to regulations and ensure compliance with the requirements of EU REACH and RoHS. Such requirements shall be included into the supplier evaluation system for regular supervision.
    Description of opportunities associated with climate change
    Opportunities prioritization Type of opportunities Opportunities factor Time of occurrence assessment
    1 Opportunities – products and services Developing and increasing low-carbon goods and services Medium-term
    2 Opportunities – products and services Changing consumer preferences Short-term
    3 Opportunities – resource efficiency Adopting more efficient and effective ways of working Medium-term

    Opportunity 001: Developing and increasing low-carbon goods and services
    Impact scenario:
    Following the global trend of decarbonization, the Company has expanded its low-carbon product range, such as high performance and low-energy low-carbon chips, development of cloud or AI-related application chips, and chips that can be used for smart energy saving. By developing low-carbon products, the Company will improve its market competitiveness, increase market share and raise revenue.

    Opportunities impact oriented assessment
    1. Developing low-carbon products to improve market share: With the global trend of decarbonization, low energy consumption products help the increase in demand for products with enhanced decarbonization efficiency; by developing relevant products, the Company can improve its market competitiveness, increase market share and raise revenue.
    2. Expanding new low-carbon and green domain applications: Expanding product applications to low-carbon and carbon reduction-related applications can increase product demand and revenue.
    Financial impact oriented assessment Increase in revenue

    Opportunity 002: Changing consumer preferences
    Impact scenario:
    In response to the international trend of energy conservation and decarbonization, the demand for remote work and online services has increased significantly. The server industry has a clear growth trend, and the quality requirements of video equipment have also increased. The demand for server management chips and audio/video chips has been on the rise. Through changes in market trends and consumer preferences, the demand for the Company’s products will continue to increase, which will increase the Company’s revenue and enable the Company to continue to grow.

    Opportunities impact oriented assessment
    1. Developing new low-carbon opportunities: due to customers’ increasing demand for remote management of devices, the market has not only applied remotely-managed chips to server products, but also expanded to more product applications; such as AI servers, storage devices, network switches and edge computing devices.
    2. New applications developed in response to green environment: in response to the trends, product are used in virtual reality and remote control related fields to expand product opportunities.
    Financial impact oriented assessment Increase in revenue

    Financial impact oriented assessment
    Impact scenario:
    In response to the requirements of decarbonization, the Company will promote the digitization of its systems and processes and optimize the product development model. The systematic or cloud approach allows the Company to reduce carbon emissions, carbon expense and operating expenses.

    Opportunities impact oriented assessment
    1. Operational process optimization: process optimization reduces resource wastage and manpower cost consumption
    2. Improving operational effectiveness and increasing efficiency
    Financial impact oriented assessment Cost reduction
    Financial impact oriented assessment
    Execution strategies to develop and enhance low-carbon products and services:
    1. Optimize existing products: We will use green energy and green raw materials in the development process, reduce the carbon footprint of products, increase the proportion of the Company’s existing low-carbon products and services, and improve the overall revenue contribution of low-carbon products and services.
    2. Develop low-carbon products to enhance competitiveness:
      • We will introduce green design concepts in the R&D process, take low energy consumption and power-saving design as the main design logic, such as software and system integration; and optimize the process to reduce energy and resource consumption and waste.
      • In order to reduce power consumption, ASPEED has continued to invest in the development of low-carbon chips by applying more advanced technology in new product development, gradually advancing from 40 nm to advanced technology, and adopting 12 nm technology in the latest 8th generation of remote management product AST2700. The new product will feature 3-4x of the original performance, but power consumption per chip will decrease.
      • We will recruit outstanding R&D engineers with the concept of sustainable design, and invest a fixed proportion of revenue each year as R&D budget, so as to continuously meet the needs of customers by keeping track of key R&D achievements.
    Execution strategies in response to changing consumer preferences:
    1. In-depth understanding of market demand: The marketing team members, together with business units, regularly conduct in-depth interviews with existing customers and new customers; to ensure that the functions planned in the new generation of remote management products can fully meet the needs of servers and storage devices, network switches and edge computing devices and be modified in a timely manner.
    2. Existing product promotion: In response to the trend of the post-epidemic era, the Company’s major products, server management chips and audio/visual chips, have expanded to more product application fields; for example, storage devices, network switches and edge computing devices; further marketing and promotion plans were made in line with the above trends to continuously explore new customers in new markets.
    3. Planning and development of functions in new products: We will plan the market positioning of new products, functional specifications, the process of use, and set the timetable for the development and release of new products, formulate marketing plans and arrange live-machine demonstrations with customers. For example, the new products have added a wide range of industrial specifications, and the product operating environment temperature has evolved from previous commercial specifications to being able to support the industrial specifications to meet the environmental temperature needs for different clients and markets.
    4. Stable supply in response to market demand: We have recruited supply chain management professionals and product packaging and testing professionals as the counterparts with upstream suppliers to improve suppliers’ delivery quality and delivery rate.
    Execution strategies to adopting more efficient and effective ways of working:
    1. Operational process optimization: We will introduce digital transformation and electronic process to assist the optimization of the operational process of warehouse, finance and business divisions, so as to avoid duplicated processes to reduce labor costs and waste of resources caused by errors.
    2. Digital management: We will establish a digital management platform to integrate data and optimize the enquiry methods, including the financial gross profit margin, the accounts receivable system, the warehouse shipment management system, etc., to accelerate the enquiry of personnel, reduce the time for personnel data consolidation, and ensure the accuracy of information; we will establish an electronic verification system to improve operation efficiency, reduce paper-copy costs, and plan to import all data into the BI system for data analysis.
    Climate change-related indicators and targets
    Regularly implement laboratory emergency disaster protection drill
    Climate risks Management targets Management indicators
    Extreme changes in climate patterns have led to severe disasters Reduce the direct impact of climate disasters on work Improve the implementation frequency of employees’ remote workflow
    Improve the implementation frequency of workflow/cloud-based system
    Improve the disaster response capacity of laboratories Laboratory RTO established: Time target for disaster recovery
    Laboratory RPO established: Time target for systems & data recovery
    Regularly implement laboratory emergency disaster protection education and training
    Improve the disaster response capacity of foundries Increase the proportion of foundries that develop operation continuity plans
    Increased regulation of existing products and services Ensure that the Company is responsive to the latest legal and regulatory requirements Regular updates on laws and regulations related to products
    Regularly confirm whether the work process is updated in accordance with product-related regulations
    Regularly confirm whether the requirements of suppliers are updated in accordance with product-related laws and regulations
    Regular sharing of product-related laws and regulations

    Information Security

    Information Security and Data Protection

    As part of a commitment to managing information security, in addition to the introduction of Cortex XDR 2.0 in 2021 to prevent hack virus extortion, ASPEED Technology obtained ISO27001 information security certification in May 2022. With the “Information Security Policy” and 23 information security-related standards, these standards manage and protect the Company’s information security and reduce information security risks in our network, in order to protect personal information and customer privacy, and uphold the rights and interests of stakeholders. At the same time, the Company actively publicizes information security measures to raise awareness among employees.

    For internal management, ASPEED Technology established a comprehensive internet and computing security network to maintain vital corporate functions, such as manufacturing operations, procurement and sales, and accounting. The Company periodically reviews and assesses cybersecurity architecture to ensure adequacy and effectiveness. Besides enhancing efficiency and backing up important information stored in our databases, in an evolving landscape of internet security threats, the Company must protect computer systems to prevent external network attacks that can cripple our systems. These measures prevent theft or hacking attacks on our trade secrets, intellectual property, and confidential information. For external suppliers and cooperative partners, ASPEED Technology achieves mutual assurance of information confidentiality by periodically confirming that suppliers have comprehensive information security management and backup plans in place. Furthermore, ASPEED Technology protects confidentiality by requiring 100% of employees to sign a nondisclosure agreement. For some projects and cases cooperative partners must also sign an NDA to guarantee that each parties’ information is protected.

    In 2022, ASPEED Technology was not aware of any material information security incidents or cyberattacks, nor had it been involved in any legal proceedings or regulatory investigations related thereof. The audit and assurance firm Deloitte conducted an information operations audit on the Company in 2022 that covered the following areas: understanding the customer’s computer processing environment, general computer controls, and application system automated controls. It did not uncover any problems.

    Information Security Policy and Goals

    For business to proceed smoothly and to ensure confidentiality, integrity, and availability, ASPEED Technology formulated an information security policy that all employees must follow.

    Information Security Management Methods

    To evaluate whether information security management goals are met, ASPEED Technology adopted the following management methods:s

    To support ISO27001 information security certification, the information security education and training for employees of ASPEED Technology were held twice a year in 2022 to strengthen information security awareness. The aim is for ASPEED Technology’s information security management to provide a more secure environment for employees, customers, suppliers, and cooperative partners.

    The implementation and achievement of ASPEED Technology’s information security in 2022 are as follows:

    • 23 Standards completed documentation for information security-related standards.
    • 1 Time each year the Company holds at least one information security management review meeting.
    • 2 Time each year the Company holds at least two information security education and training meetings.
    • 100% all 120 employees completed 2 hours of information security education and training class.
    • 25 a total of 25 employees of relevant divisions completed 2 hours of information security management system document-based class.
    • 12 information security promotion at least one information security promotion per month.

    Ethical Corporate Management

    Ethical corporate management is a core value of ASPEED Technology’s corporate governance and the highest principle of the Company’s conduct. The Company therefore formulated the “Corporate Code of Ethics” and the “Procedures for Ethical Management and Guidelines for Conduct.” It includes adherence to ethical corporate management policies as a condition of hire for new employees. When fulfilling work duties, all employees must act honestly and fairly while adhering to government laws and regulations. Board members and senior-level managers must also uphold ethical principles when running the Company. If the Company discovers that a business counterparty, supplier, or other partner conducts business in an unethical manner, we shall immediately terminate the business relationship and abstain from future business relations. These measures ensure effective implementation of our ethical corporate management policy.

    The Sustainability Committee’s Corporate Governance Group and the Administration Division are responsible for advocacy and implementation of ASPEED Technology’s ethical corporate management. They formulate, explain, and consult on the procedures for ethical management and guidelines for conduct, while carrying out related procedures and oversight, including reporting and registration procedures as well as making periodic reports by the Sustainability Committee to the Board of Directors. The division holds regular and ad hoc educational training courses with employees to promote ethical corporate management, so the employees clearly understand related concepts and standards. The division also makes announcements to employees and discusses ways to strengthen ethical corporate management with managers. Employees must fully grasp the importance of ethical corporate management and practice it in their everyday work. When joining the Company, 100% of new employees must sign a guaranteed letter stating that they will adhere to the Articles of Incorporation and ethical corporate management principles. Moreover, they pledge to not violate or infringe intellectual property rights. If unethical behavior is found, administrative managers and managers from related departments review the incident, make improvements, and report to the Board of Directors. ASPEED Technology has always upheld fairness and justice, which is why we are firmly committed to fair business practices. We are firmly opposed to anti-competitive practices and support anti-trust and anti-monopoly practices. If any inappropriate behavior relating to ethical corporate management, anti-competitive practices, or anti-trust and anti-monopoly practices is discovered, employees and external stakeholders can directly report their findings to info@aspeedtech.com. In 2022, ASPEED Technology scrupulously abided by laws and social norms. No employees were involved in any work-related bribery or legal troubles, and none faced any work-related fines or penalties in Taiwan or overseas. ASPEED Technology recognizes the importance of moral business practices and internal ethical control mechanisms. In 2022, the Company began to plan an anonymous whistleblower system that is overseen by the Company’s internal Legal Management Division and audit units. We adopt an impartial and independent third-party reporting system, overseen by independent directors, to prevent internal corruption or unethical behaviors. The system is expected to go live in the second quarter of 2023, enabling ASPEED Technology to move towards a more complete and transparent governance operation.

    Intellectual Property Rights Protection and Preservation

    In the face of the global development of enterprise operations, the protection of intellectual property rights can be regarded as an important part of the global economic and trade layout and is the key to the sustainable development of enterprises. Innovation and R&D are the most important asset and mission of ASPEED Technology. We attach great importance to the acquisition and protection of intellectual property rights and patents of key technologies. In terms of patent distribution, we will continue to increase the quality and quantity of patents through the development of core technologies and high-quality products. Since its establishment in 2004, ASPEED Technology has devoted considerable efforts in obtaining and protecting patents and has encouraged its R&D team to actively obtain key patents. Following the establishment of a full-time Legal Management Division in 2021, in addition to evaluating the feasibility of patent applications and taking charge of domestic and foreign patent applications, we also embark on the planning of the intellectual property portfolio and the trade secret registration system, develop internal assessments and enhance bonus for patent applications, and actively encourage employees to innovate and develop. In 2022, we adhered to short-term and medium-to long-term development strategies, and make ASPEED Technology to adopt a more systematic approach to protect technological innovation and intellectual property rights, and continue to make efforts to build a long-term intelligent property rights layout. Looking ahead, ASPEED Technology will continue to improve the penetration and acquisition of SoC hardware and software R&D talents in the area of patents and intellectual properties, significantly enhancing the intellectual property layout of chips, thereby enhancing ASPEED Technology’s corporate value and international visibility.

    Protection Strategies for Intellectual Property Rights
    Timeline Strategy
    Short-term development
    • Establish a digitalized patent management system
    • Optimize patent review and evaluation procedures to improve patent quality
    • Cooperate with the Administration Division to establish systematic intellectual property rights-related education and training
    Long-term development
    • Continue to ensure that ASPEED’s technology is completely protected during development through building intellectual patent portfolio management for new products
    • Design a diverse innovation mechanism supplemented by a graded evaluation process to motivate employees to make invention applications
    • Establish links between patent proposals and trade secrets registration and management systems to ensure that intangible key secrets which are more suitable for trade secrets protection are detailed in the centralized management system
    • Gradually increase the number of patent applications and applying countries to expand the protection of intellectual property rights and global layout

    By 2022, ASPEED Technology had acquired 58 patents, consisting of 31 patents in Taiwan, 22 in the United States, and an additional five from Broadcom’s Emulex Pilot™ business. In 2022, the Company achieved its patent acquisition and application targets, including having acquired six four new Taiwan patents. The Company currently has 9 patent applications underway in Taiwan, 10 applications in the United States and 9 applications in China. Our patent applications cover a wide range of technologies found in core products, including seamless stitching and rotating of panoramic images as well as core technologies for image displays and tracking in wide-angle/panoramic image meeting systems.

    Key achievement 2020 2021 2022 2022 achievements
    Patent application 5 24 27
    • Number of applications raised to 27
    • Number of acquisitions was 9
    • Patent application countries covered Taiwan, the United States and China
    Patent acquisition 3 4 9