The Company has established a three-tier compliance management organizational structure of "Governance-Management Implementation & Supervision". The governance layer is represented by the Board of Directors and its subordinate Audit Committee, responsible for decision-making on the Company's compliance strategy, policies, and medium to long-term goals. The management layer consists of the Governance Risk Compliance (GRC) Committee, which manages the compliance management system. The GRC holds meetings monthly to review regulations and major issues in the compliance field. The implementation & supervision layer is composed of business departments, compliance management functions, and the Audit and Inspection Department, which represent the "three lines of defense" of the Company. Business departments, as the first party responsible for compliance, strictly implement the Company’s rules and regulations. Every compliance management functional departments formulate compliance management policies, and conduct daily compliance monitoring, supervision, and training. The Audit and Inspection Department implements independent auditing supervision and investigations.
