Risk Management

Risk Management Policy
Risk management is a materiality issue for the insurance industry. KGI Life has set strict risk management as a business goal of concern in the future, and established and periodically reviewed the risk management policy, which is the highest guiding principle of internal risk management mechanisms. The policy clearly states overall risk management goals and strategies, organization and duties, capital adequacy assessment, risk appetite and limit, and identifies major risk categories and management processes. Besides matching the trend of Enterprise Risk Management (ERM), it is also the basis for establishing regulations, mechanisms, and implementation practices.
Identification and Response to Main Risks
Market Risk
Manage the price risk of interest rates, exchange rates, and equity securities according to the internal Market Risk Management Guidelines. Related mechanisms include market risk limit and warning indicator management, sensitivity analysis, stress test, and back testing. The Company also established an Asset and Liability Risk Management Unit responsible for measuring and monitoring risks related to assets and liabilities.
Credit Risk
Monitor issuers, counterparties, and other institutions and investment positions in accordance with the internal Credit Risk Management Guidelines. Related control mechanisms include country risk management, credit risk limit monitoring, credit rating change monitoring, and concentration management.
Liquidity Risk
Manage funds and market liquidity risks according to the internal Liquidity Risk Management Guidelines. Related mechanisms include using cash flow model to assess liquidity risks and stress tests.
Operational Risk
Use the three management tools for operational risks, namely Risk and Control Self-Assessment (RCSA), Key Risk Indicators (KRI), and Loss Data Collection (LDC) to continuously supervise and manage overall operational risks.
Climate Change Risk
Mainly divided into physical risks and transition risks. Physical risks arise from extreme weather that may be caused by climate change, which cause the supply chain or operations to immediately sustain losses, or the long-term impacts and losses sustained by the Company's operations due to sea level rise and global warming caused by long-term climate change. Transition risks originate from the impact of policies and regulations, low carbon emission technologies, and social preferences, as well as potential changes in operating costs in the process of transitioning to a low carbon economy.

We included climate change risks into the Company's "Risk Management Policy," formulated climate-related risk management guidelines, and established and regularly track metrics for climate risk appetite. In addition, the Company defined high climate risk regions and high carbon emission industries to analyze the physical risks and transition risks of climate change. We referenced international standards when setting climate scenarios, and conduct scenario analysis to assess the impact of climate change on investments, operations, and suppliers in different climate scenarios, so as to ensure that climate-related risks are effectively controlled or reduced. In the future, we will continue to improve climate change risk identification, assessment, and response plans to reduce future impacts, and respond to external stakeholders' expectations for the Company's climate change risk management.
Risk Management Technology and Automation

The market risk management system outputs value at risk, stress test, and back testing results, which are used for planning and application of an automated and visualized internal report analysis platform.

We use an automated process to update data and analyze information, reducing errors from manual operations so that users can choose graphs to present data according to their needs. To improve the
quality and efficiency of analysis, we utilized the manpower freed from the use of technology to increase output and added value from research and analysis.

Business Continuity Management

To ensure personnel safety and protect customer rights, business reputation, and assets, KGI Life has made a commitment to minimize damages and prevent the suspension of operations when a risk event occurs, and thus implemented business continuity management mechanisms in 2021. The Company also announced a business continuity management policy and statement that all employees are required to comply with. We adopted a systematic approach in establishing relevant management procedures and response plans for catastrophic disaster risks, and continue to strengthen and improve the procedures and plans to improve understanding and the implementation of responses, ensuring that the Company is able to continue providing key services under the acceptable minimum service level.

The Company obtained the ISO 22301:2019 management system certification in 2022. After improving the business continuity management system, we passed the periodic review for the ISO 22301:2019 management system in 2023, ensuring our post-disaster recovery ability based on international standards for business continuity.

In 2023, the Company held evacuation drills, remote work drills, information system disaster recovery drills, and 6 business continuity training sessions to help personnel of responsible units become familiar with post-disaster operations and response procedures, in the event of a catastrophic disaster, ensuring the personal safety of employees and business recovery ability after a disaster occurs. This reduces the impact of catastrophic disasters on the Company, achieves the goal of uninterrupted key services, such as policyholder services, claims, and new contracts, and fulfills our commitment to sustainability.