1. Risk Management Policies and Procedures
For the purpose of stable operation and sustainable development of the company, the company has formulated "Risk Management Policies and Procedures", which are supervised by the Audit Committee and approved by the Board of Directors on August 10, 2023 as the highest guiding principle of the company's risk management.
The company's risk management team regularly coordinates the planning and implementation of risk factor identification for each operating unit every year to identify relevant risks that may affect the sustainable development of the company, select risk management areas, and monitor potential risks based on the latest developments and standards requirements. Implement preventive measures to strengthen risk management; formulate risk management policies for various risks, covering management objectives, organizational structure, rights and responsibilities, risk management procedures and other mechanisms, and implement them to control various risks arising from business activities. acceptable range.
For the full text of the company's "Risk Management Policies and Procedures", please refer to the "Risk Management" section of the company's website:
Risk Management
2. Risk Management Structure
The company’s Risk Management Structure is as follows:
Board of Directors: The top governance unit of risk management, approving “risk management policies and procedures”. Audit Committee: Assist the board of directors in supervising the company's establishment of a risk management operation mechanism.Risk management team: The general manager serves as the convener, gathering managers at all levels to participate in promoting implementation, and integrating various risk issues through the "risk management team" for overall risk-related analysis, prevention and monitoring or major risk management and control issues, report the annual risk assessment and risk management operations to the board of directors at least once a year.Each operating unit: identify, analyze, evaluate and respond to risks within the unit, establish relevant crisis management mechanisms when necessary, and regularly report risk management information to risk management promotion and execution units.
3. Risk Management Operating Status in 2025
The company actively promotes the implementation of the risk management mechanism, which is supervised by the audit committee. The risk management team reports its operations to the board of directors at least once a year. The main operations in 2025 are as follows:
- 1. Formulate the company's "Risk Management Policies and Procedures" and organizational structure, submit them to the Audit Committee for review and supervision, and approve them by the Board of Directors on August 10, 2023.
- 2. Evaluate various risks faced by the company, including risk categories, management units, risk content and management and control mechanisms, identify the company's eight main types of risks for the current year, report the response actions in the above risk categories, and submit a report to the audit committee Supervision, and report to the board of directors on November 12, 2025.
Scope of Risk Management
In order to reduce the attack and impact of internal and external risks, the company identifies risks related to corporate governance and economic, environmental, social and other issues related to operations based on the principle of materiality and the company's business and operating characteristics, plans relevant management and monitoring measures, and conducts regular reviews risk management status and report it to the board of directors. The identified risk categories, risk details, control mechanisms, and responsible management units from 2024 to September 2025 are summarized as follows:
| Item | categories | Risk content | Control mechanisms | management units |
|---|---|---|---|---|
| Environmental | Climate change risk | In response to issues related to climate change and natural disasters, greenhouse gases, carbon emission management, energy use and other related issues, as well as the need to comply with international norms and local government laws, may have risks that may affect the company. | 1. Greenhouse Gas Inventory: The company has independently conducted and disclosed its greenhouse gas emissions inventory and will continue to do so annually. In line with Taiwan's 2050 net-zero emission pathway, the company has set 2020 as the baseline year and aims to achieve a 30% reduction in carbon emissions by 2030. As of 2024, a 29.01% reduction has been achieved, meeting the current stage's target. 2. Climate Risk Management: To address physical risks from natural disasters (e.g., floods, droughts) caused by global warming, as well as transitional risks from government regulations and international initiatives (e.g., increased electricity rates and renewable energy costs in Taiwan), the company conducts annual climate risk and opportunity assessments based on the "Task Force on Climate-related Financial Disclosures (TCFD)" framework. This includes governance, strategy, climate risk and opportunity analysis, climate scenario analysis, risk management, metrics, and targets. Relevant information is disclosed on the company's official website and in the sustainability report. | Store Expansion and Construction Division Governance and Sustainable Development Office |
| Energy risk | Due to the increase in electricity and water usage, as well as the rise in electricity and water rates, there is a potential risk of increased energy costs for the company. | 1. Energy and Water Inventories: Electricity consumption is primarily sourced from Taiwan Power Company. Total electricity use in 2024 was 539,868 kWh, representing a 1.15% increase compared to 533,706 kWh in 2023; however, electricity intensity decreased by 7.68%. Water consumption is mainly supplied by Taiwan Water Corporation. Total water use in 2024 reached 3,280 metric tons, an increase of 6.67% from 3,075 metric tons in 2023, while water intensity decreased by 3.13%. 2. Energy-Saving Investments: Investments in energy-efficient air conditioning equipment for retail outlets amounted to NT$ thousand 7,444 in 2024 and NT$ thousand 5,388 from January to September 2025. 3. Energy-Saving and Carbon Reduction Policies: Policies focus on energy conservation, water saving, and electricity efficiency through equipment upgrades. Retail renovations are progressively adopting energy-saving LED lighting, inverter air conditioning systems, green building materials, and eco-friendly construction materials. 4. Energy-Saving and Carbon Reduction Advocacy: Quarterly campaigns in 2025 (on 4/18, 7/14, and 10/1) will promote energy conservation, greenhouse gas awareness, carbon footprint labeling, and a net-zero green lifestyle to all employees. | Store Expansion and Construction Division Governance and Sustainable Development Office | |
| Resources and waste Waste management risks | There is a risk of negative environmental impact caused by waste generated from operational activities, as well as potential impacts on the company due to local government regulations. | 1. Waste Reduction: The company is committed to minimizing the environmental impact of waste by avoiding excessive product packaging, enhancing resource utilization efficiency, and classifying and recycling various types of waste. 2. Eco-Friendly Packaging for New Products: For the new lutein product “Golden Vision+” launched in 2024, the gift box design not only provides effective product placement and display functions but also complies with regulations on restricting excessive packaging. The outer box clearly indicates that the packaging materials are sourced in accordance with FSC (Forest Stewardship Council) standards, one of the world’s most recognized international forest certification systems, underscoring the brand’s commitment to environmental sustainability. 3. Reduction of E-commerce Packaging Materials: In July 2023, the Ministry of Environment announced the “Restrictions on Internet Shopping Packaging and Implementation Guidelines.” Since July 2023, the Company has been fully compliant with these regulations and has obtained assurance from a certified public accountant. In 2024, the Company encouraged customers to pick up their orders in-store and adopted tamper-evident mailer bags, resulting in an overall packaging reduction of 28.6%, surpassing the required 25% reduction target. The reduction target for 2025 is 30%. | Optometry Business Division | |
| Social | Occupational safety risk | The working environment includes issues related to the working environment of employees or suppliers, occupational safety, health and health, product management, safety protection and emergency response, and risks to the company caused by personnel misconduct or mistakes. | 1、 Enhanced Occupational Safety Management: To enhance the responsibilities and project timelines of occupational safety management, the Company conducted a comprehensive revision of 21 Occupational Safety and Health (OSH) management documents in March 2025. These revisions covered OSH policies, management plans, organizational structures, planning, and implementation mechanisms. Throughout 2025, the Company will continue to carry out monthly OSH awareness campaigns, onboarding safety training for new employees, as well as related drills and environmental safety inspections. 2、 Disaster Response Plan: In October 2024, the company reviewed its emergency response plans for earthquakes, typhoons, heavy rain, power outages, and fire incidents, covering preventive measures, response strategies, and operational procedures. (1) Head Office: A fire drill and a 6-hour refresher training for the occupational safety and health supervisor were conducted on October 4, 2024. (2) Retail Stores: By the end of September 2025, a total of 77 employees had completed the self-defense firefighting (emergency response) training program. Each session was four hours in length, resulting in a total of 72 training hours delivered. 3、 Implementation of Contractor Management: For contractors involved in clinic or retail renovations, the company enforces labor safety, health, and environmental protection regulations through contractual agreements and conducts random inspections during project execution to ensure compliance. A supplier meeting on January 3, 2025, will include occupational safety and health training and ESG sustainability advocacy for suppliers. 4、 Employee Health and Well-being: Employee health examinations were conducted on August 25 and 26, 2025. The Company also provided 2025 employee travel subsidies and organized monthly birthday celebrations, among other employee welfare activities. | Store Expansion and Construction Division Human Resources and Administration Division |
| Labor dispute risk | Risks such as labor tension, forced labor, workplace discrimination, human rights issues, recruitment shortages, and brain drain. | 1. Labor-Management Communication Channels: Quarterly labor-management meetings in 2025 (scheduled for 3/26, 6/27, and 9/25) will establish communication channels and an employee grievance mechanism to foster harmonious labor-management relations. 2. Workplace-Friendly Protection: Measures to strengthen the collection, processing, and use of personal data are being enhanced, with continuous improvement of written regulations to respect and protect employee (subject) rights. 3. Talent Selection, Development, and Retention System: The company is improving diverse recruitment channels, equitable education and training programs, and implementing fair and appropriate performance evaluation and promotion systems. 4. Compliance with Labor Regulations: Management procedures and related administrative operations for human resources are ensured to align with legal requirements. | Human Resources and Administration Division | |
| Governance | Strategy risk | The risk of losses caused by improper business strategies or changes in the company's operating environment. | 1. Business Report: The management team reports, communicates, and discusses its operational strategies and performance updates during each board meeting. 2. Board Supervision: Board members provide recommendations based on their professional expertise regarding the management team's reports. If the goals or strategies involve significant operational risks, the board prioritizes addressing these issues. 3. Subsidiary Operational Strategy: Beginning in 2024, reforms to the medical insurance system in Mainland China tightened the medical insurance fund, resulting in reduced reimbursement for cataract procedures. In 2025, the impact of the U.S. Tariff 2.0 policy, coupled with intensified internal competition and weakened consumer spending in Mainland China’s domestic market, further affected industry demand. Response Measures: (1) In 2025, the Company completed the closure of its self-operated Linping Eye Hospital and terminated the cooperation arrangement with Xiaoshan Hospital’s ophthalmology outpatient department, successfully reversing operating losses and achieving breakeven. (2) The Company continues to transition self-operated clinics and partner hospitals with sufficient operating scale toward self-pay (out-of-pocket) medical services, thereby reducing reliance on cataract medical insurance reimbursements and mitigating associated risks. | CEO's Office |
| Operation risk | In the process of business operation, the risk of changes in corporate value arises due to uncertain factors and business decisions in production, supply, marketing, service and other processes, such as customer relationships, product safety, supply chain, and technological trends. | Departments manage annual operational plans and goal achievement through business meetings. 1. Customer Relations Standard operating procedures (SOPs) and complaint channels have been established to address consumer rights concerns such as products, services, and personal data protection. Customer service training is conducted to enhance service quality. 2. Product Safety A "Product Safety Monitoring" system has been implemented to establish internal regulations and ensure compliance with external laws. This system covers product development, evaluation, assessment, and quality management to improve the safety and quality of products and services. 3. Supply Chain Management Efforts are made to carefully evaluate and actively develop new material sources while strengthening strategic partnerships within the supply chain. Safe inventory levels and shelf-life controls are established to flexibly respond to market demands. Market intelligence and research are utilized to monitor market conditions and prepare for future trends proactively. 4. Technology Trends Customer needs, end-use applications, and advancements in product and equipment technologies are closely monitored to adapt to rapidly changing external environments. Industry trends, market dynamics, and customer developments are analyzed to inform service improvements, technological advancements, and product development strategies. | Ophthalmology Business Division Optometry Business Division | |
| Finance risk | Factors such as overall economic and industrial changes at home and abroad have an impact on the company's finances, such as interest rates, exchange rates, credit and solvency, liquidity risks, accounting policies and other risks. | 1、 Interest Rate Risk: Monitor changes in the interest rate market, assess capital requirements, maintain strong banking relationships, and strive for optimal financing and deposit rates. 2、 Exchange Rate Risk: Primarily involves adjustments to foreign currency conversions related to long-term overseas investments. Receivables and payables generated from operations are mainly settled in New Taiwan Dollars (NTD) through local market transactions and agent procurement, with minimal direct import, export, or overseas sales. Therefore, the impact of exchange rate risk is relatively small. 3、 Credit Risk: Receivables are monitored by monthly reports for brand-authorized partner clinics and daily cash/credit card reports for direct-operated optical retail customers. 4、 Financial Changes: Regular monitoring of financial statements to track financial structure, debt repayment ability, operational performance, profitability, and cash flow. | Finance and Accounting Division | |
| Cyber security risk | The company's information system security fails, hackers attack, customers or employees' personal information is leaked, and corporate business secrets are stolen, resulting in risks to the company. | 1. Information Security Protection Mechanism: In August 2025, the Company obtained the updated ISO/IEC 27001 information security management certification, conduct risk assessments and improvements for servers, networks, and applications. Establish file encryption mechanisms and plan secure cloud services to reduce the risk of sensitive data leaks. Regularly review external service system vulnerabilities, perform penetration testing and network risk detection, and implement timely improvements to ensure system security. Conduct regular disaster recovery drills to strengthen data backup mechanisms and build incident response capabilities, ensuring business continuity. 2. Information Security Policies: Formulate and revise the Information Security Policy and over 20 related execution procedures, which are published in the company’s document management system for compliance. Develop and update measures to protect and manage personal data in line with the Personal Data Protection Management Regulations. The IT and HR departments implement protective measures, while the legal department enforces trade secret protections to ensure confidentiality obligations are upheld. 3. Information Security Risk Awareness: Enhance employees' awareness of information security risks through training programs. From January to September 2025, the Company completed the following information security activities: • May 15, 2025 – Information Security Awareness Session: 120 participants • June 26, 2025 – Information Security Training: 320 participants • August 5, 2025 – Social Engineering Drill: 120 participants | Information System and Equipment Division | |
| Legal compliance risk | Risks such as improper conduct, illegal infringement, transaction risks, intellectual property infringement and other risks. | 1、 Implementation of Ethical Business Practices: Establishment of the Code of Ethical Business Conduct, Code of Ethical Behavior, and Employee Ethics Guidelines and Whistleblowing System. Regularly promote the values of ethical business practices and corporate culture to guide employee behavior in accordance with moral standards, thereby avoiding involvement in illegal activities. 2、 Internal Control and Audit Operations: Internal control processes monitor company transactions, projects, risks, and disputes. Internal audits are conducted to promptly identify issues and track improvements. 3、 Dedicated Legal Functions: Provide legal consultation and recommendations on regulatory compliance, disputes and litigation, investments and mergers & acquisitions, and intellectual property management. 4、 Contract, Seal, and IP Management: Utilize a contract management system to oversee the signing and risk control of various company contracts. A seal management system supervises the issuance, usage, and cancellation of company seals to mitigate overall legal risks. The Intellectual Property Management Policy is implemented, with regular inventory and validation. As of the end of September 2025, the company holds 147 trademarks and 17 patents. | CEO’ office Each operational units |