Corporate Governance Structure
Coporate Governance Structure Charter
Differences from the best governance standards/
Full description of the table below
The corporate governance model standard refers to the standard proposed by the Korea Corporate Governance Agency.
| Categorization | Adoption | Remarks |
|---|---|---|
| Composition of BOD(Board of directors) | ○ | 3 outside directors, 1 other non-executive director, 1 inside director |
| Regular BOD meetings | ○ | At least once a month |
| Provision of prior information about directors at board meetings | ○ | 3 days in advance, provide an explanation of the agenda |
| The role of the BOD and various committees and introduction of regulations on operating procedures |
○ | Board of directors, Audit committee, Outside Director Candidate Recommendation Committee, Internal Trade Commission, Compensation Committee, ESG Commission Regulations |
| Operation of the fair recommendation committee for director candidates | ○ | Operation of the outside director candidate recommendation committee |
| Explain the differences between corporate governance best practices | ○ | - |
Ethics and Compliance
We have a code of ethics of the company as the best ethical norm of the company and use it as a standard for judgment and action of the right value by establishing employee guidelines as a detailed code of practice.
The Main Content of the Code of Ethics of the Whole Company
-
-
- Chapter 1. The Preamble of the Code of Ethics
- 1) The pursuit of corporate ethics
· Declaration as the highest value of corporate ethics - 2) Contribution to the development of the state and society
· Contribution to the common prosperity/development of the country, society, customers, shareholders, partners, etc. - 3) Compliance and practice of ethical regulations
· Respect for the basic human rights of everyone
-
- Chapter 2. Management Principles
- 1) The attitude toward the customer
· Respect for customers: Respect for customers, realization of customer satisfaction, humbly accepting customer suggestions/discontents
· Customer protection: Protection of customers' safety, rights, information, honor, and property, and disclosure of transparent information about customers - 2) Attitude toward shareholders
· Respect for shareholders' opinions: respect for shareholders' demands, suggestions, decisions, and efforts for joint development with shareholders
· Protection of shareholders' rights and interests: equal treatment of shareholders, protection of minority shareholders, provision of conditions for guaranteeing shareholders' profits, and provision of related information - 3) Attitude toward competition/partnership
· Fair competition: respect for the market economy order, fair competition, compliance with laws related to fair trade at home and abroad
· Equal and fair relations: protection of intellectual property of partners, prohibition of abuse of superior status, prohibition of discrimination of partners, etc.
· Protection of information of a third party: Protection and prohibition of infringement of property, information, trade secrets, and intellectual property of a third party such as a customer/partner company - 4) Attitude toward the state/society
· Compliance with statutes: prevention/fair competition against corruption and compliance with international agreements, etc. of various statutes and societies of the State and society
· Protection of the environment, safety, and health: protection and promotion of the environment/safety/health, compliance with relevant laws and regulations, and efforts to create an eco-friendly workplace
· Contribution to society and region: faithfully fulfilling the requirements of the State and society, and the pursuit of joint development through respect, harmony, and cooperation of the local community
· Non-intervention with politics: respect for individual suffrage, prohibition of in-house political activities, prohibition of intervention in politics using employee status, prohibition of use of in-house organization, manpower, property, etc. in political activities, prohibition of provision of illegal political funds, etc. - 5) Attitude toward executives and employees.
· Respect for human beings: Respect for human dignity and fundamental rights of executives and employees.
· Fair treatment: Prohibition of unfair discrimination against executives and employees, preparation of standards for objective/fair evaluation, evaluation, and compensation
· Creation of a safe and healthy working environment: Fair grant of opportunities to create a health/safe work environment, comply with relevant laws, form sound labor-management relations, and improve the ability of executives and employees
· Protection of minors: Compliance with international standards and relevant statutes when hiring minors
-
- Chapter 3. Guidelines for Employees' Action.
- 1) Compliance with the Code of Ethics · Duty of faithful compliance/cooperation: Duty to faithfully comply with ethical regulations, to cooperate in education/activity in case of violation, and to report the fact of violation
- 2) Performance of work · Performance of faithful work and maintenance of dignity: faithful performance of one's mission, maintenance of dignity, and priority of the company's interests in case of conflict of interest · Performance of fair and transparent work: prohibition of manipulation and false reporting of documents, use of undisclosed information, fraudulent money transactions, solicitation, etc.
- 3) Order of trade · Compliance with the order of sound and fair trade: the promotion of fair trade, compliance with laws and regulations in transactions · Prohibition of discrimination against partner companies: Guarantee of fair opportunities for partner companies and prohibition of fraudulent acts
- 4) Assets and information · Protection of company's property and information: Prohibition of illegal use/leakage of company information, prohibition of dissemination of false information · Protection of property and information of a third party: Protection and legitimate use of tangible and intangible property by all third parties, such as customers, partners, etc.
- 5) Organizational culture · The formation of an organizational culture of mutual trust/respect: prohibition of slander, harassment, violence, sexual harassment, discrimination, formation of factions, etc.
-
- Chapter 4. Operation of Investigation/Disciplinary Action and Information
- 1) Investigation and disciplinary action
· Decision on whether to take disciplinary action by referring it to the Personnel Committee when confirming the violation of ethical regulations as a result of conducting an investigation and a disciplinary action if necessary - 2) Operation of the report
· Notification of the results of reporting/accusation, receipt and processing of reports, and processing through online/offline channels
· Protection of the identity of the informant: handling confidentiality of identity and content, allowing anonymous reporting, and preventing disadvantages of the informant
-
Compliance Program(CP)
The Background and Necessity of its Introduction
Hanwha Systems introduced CP for the first time in 2014 to meet the Global Standard which requires CP as a key element of corporate economic activities and completely upgraded/reorganized it in accordance with the standards of the Fair Trade Commission in 2022.
Concept
CP refers to the total internal compliance system, such as training and supervision, established and operated by companies themselves in order to establish a competitive order in economic activities and to comply with fair trade laws.
The Goal of Promotion
Hanwha Systems sets CP operating goals every year and strives to achieve them for fair trade self-compliance.
Goals for 2023
- Goals for 2023
- - Zero violations of fair trade and required laws and regulations
- - Compliance grade: A (4.0) or higher
- - Submission rate of ethics & compliance pledges: 95% or more
- - Completion rate of compliance(fair trade) training for executives and employees : 98% or more
The Subject of Management
CP manages all executives and employees of Hanwha Systems to comply with all fair trade and required laws and regulations including the MONOPOLY REGULATION AND FAIR TRADE ACT, FAIR TRANSACTIONS IN SUBCONTRACTING ACT, ACT ON THE PROMOTION OF MUTUALLY BENEFICIAL COOPERATION BETWEEN LARGE ENTERPRISES AND SMALL AND MEDIUM ENTERPRISES and UNFAIR COMPETITION PREVENTION AND TRADE SECRET PROTECTION ACT.
The Structure of CP Promotion
- Organization of compliance council(annual) and it’s activities(training of personnel in charge, self-inspection, etc.)
- Periodic publishing of compliance newsletters
- submission of ethics & compliance pledges (all executives and employees)
- ISO 37301 (Compliance Management System) / 37001 (Anti-bribery Management System)
- Annual compliance activity evaluation for all executives & team leaders
- Reward for excellence in compliance activities
- Compliance training for all executives and employees
- Periodic Reporting of CP Operational Performance to CEO and Board
- Revision of the Self-compliance Manual
Fair Trade Self-compliance Manual
Hanwha Systems' Fair Trade Self-compliance Manual is a textbook and guideline for employees’ fair trade self-compliance. It provides information necessary to comply with fair trade and essential laws, such as the company's CP system, related laws and regulations, checklists, etc.
Ethics and compliance organization system
-
Board of Directors
-
The appointment of a self-compliance manager/compliance officer
-
-
CEO
-
-
The law office
(Legal Secretary: Self-compliance manager) -
Overall supervision of the operation of CP in the whole company, reporting of all matters related to CP to the board of directors and the CEO
-
Compliance officer
-
General supervision of compliance control work, reporting of important matters to the Council
-
-
Compliance Team
-
Sending compliance letters, enacting and revising in-house manuals/regulations related to compliance, and conducting compliance education and inspection Collection of compliance pledges, etc.
-
-
The person in charge of the compliance council of each department
-
Propagation of behavioral guidelines related to ethics/compliance by department, participation in education, performance of self-inspection, etc.
-
-
-
-
- Board of Directors
- The appointment of a self-compliance manager/compliance officer
- The law office (Legal Secretary: Self-compliance manager)
- Overall supervision of the operation of CP in the whole company, reporting of all matters related to CP to the board of directors and the CEO
- Compliance officer
- General supervision of compliance control work, reporting of important matters to the Council
- Compliance Team
- Sending compliance letters, enacting and revising in-house manuals/regulations related to compliance, and conducting compliance education and inspection Collection of compliance pledges, etc.
- The person in charge of the compliance council of each department
- Propagation of behavioral guidelines related to ethics/compliance by department, participation in education, performance of self-inspection, etc.
CEO Compliance Message
- The Compliance Letter from the CEO of 2023
-
-
-
Hello, family members of Hanwha Systems.
The year 2023 has dawned. Last year, I would like to express my deep gratitude to you for doing your duty under a difficult business environment, and I wish you a new year when all your wishes come true.
Due to the recent economic recession at home and abroad, the external conditions surrounding companies are getting worse.
However, the more difficult the situation is, the more firm the company must walk on the "degree" without being swayed by the temptation of immediate profits or expedients, and only the companies that walk on the "degree" can overcome the crisis and grow into larger companies.
Our Hanwha System will also overcome the crisis and move toward a larger company in 2023, following the footsteps of "degree," and achieve this through the practice of "compliance with laws and principles and fair competition" and compliance management.
Regarding the practice of compliance management, the standards of legal and social values required by companies have recently been increasing due to ESG management, and related laws such as the Fair Trade Act and the Subcontracting Act have also been enacted and revised in a strict direction.
The Fair Trade Commission stated that it would investigate and sanction unfair internal transactions of large corporations in accordance with laws and principles, and that strengthening the fair trade base of SMEs, such as the unit price linkage system, would be a major task.
In order to establish and implement a compliance management system that meets these internal and external requirements, our company obtained ISO 37301 (compliance with norms) and 37001 (corruption prevention) management system certification in June 2022. In addition, by upgrading the Fair Trade Self-Compliance Program (CP) by appointing a Fair Trade Self-Compliance Manager in May 2022 and distributing the Self-Compliance Manual in June, it laid the foundation for implementing the Fair Trade ideology.
Furthermore, this year, we will actively practice the values required by compliance management by upgrading and solidifying the established system.
First, we will officially evaluate the CP introduction and operation performance through the Fair Trade Commission and obtain external public confidence in the practice of fair trade.
Second, we will continue to promote compliance management at a level recognized by the state and society through the first year of follow-up review of ISO 37301 (compliance with norms) and 37001 (prevention of corruption) management systems.
Employees and employees. Compliance management is only feasible when all executives and employees understand that it is a must, not a choice, and participate continuously and voluntarily.
We look forward to your deep interest and participation in overcoming the crisis and revealing the sustainable future of the Hanwha system through the establishment of law-abiding management based on laws and principles based on Hanwha's core value, "degree."
I wish you all a happy new year and once again wish you peace and happiness in your family.
January 5th, 2023
>Eoh, Sungchul, CEO of Hanwha Systems Co., Ltd
-
Hello, family members of Hanwha Systems.
-
Operation of Report
Types of Report
- Hanwha Systems (executives and employees)' violation of the Fair Trade Act and the Subcontracting Act
- Act of instructing or participating in the violation of the Fair Trade Act and the Subcontracting Act of executives and employees, and conniving it
- Case of double employment of executives and employees
- Facts of embezzlement and acceptance of public funds by executives and employees
- Handling the unfair work of executives and employees
- Acts of serious violation of other laws and regulations and violations of the company's regulations
- Participation of unfair shares of unlisted trading companies
- Facts of request or provision of money and valuables and entertainment
- Case of disorder of public morals due to sexual harassment
- Other matters that violate the Code of Ethics
Operation of Report
We prioritize prompt and accurate handling of reports that violate compliance/ethical management. The result of the process will be notified by phone or e-mail as soon as possible. If you need a separate inquiry or answer, please leave your contact information. The informant's personal information, information, and the informant's secret are thoroughly protected. Although anonymous reporting is possible, please write down the name and contact information of the informant as much as possible for the accuracy of the confirmation of facts and contents.
Contact
86, 18F, Cheonggyecheon-ro, Jung-gu, Seoul, Hanhwa Building, Hanwha Systems Management Diagnosis Team 04541
- ethics.hsc@hanwha.com
- Fax
- 0504.338.7175 (Mobile Fax)
- Phone
- 02.729.4802
Risk Management
We are strengthening enterprise-wide risk management systems and organizations to ensure a minimal and stable operational environment that may affect the enterprise.
Risk Management Principles
1 Must have a system of policy organization, procedures and reporting for the management of potential losses in connection with the company's management activities.
2 Manage it as an integrated management of types of risks at the enterprise level.
3 Should manage excessive control of risk by setting a level of risk that does not dampen profitable business activities and is inconsistent with management goals and strategies.
4 The indicators of risk maintain unity and consistency.
Risk Management Governance
We have created the risk management council to build enterprise-wide integrated risk management governance.
-
Board of Directors
-
-
Management
-
-
Risk Management Council
-
Plans and strategies for risk management across the company, the current status of major investments, supervision of the management of possible enterprise risks, and the establishment of policies *Chairman of the Risk Management Council: Financial Management Officer
-
-
Department in charge
-
Department in charge of risk management
-
Checking of the status of the establishment, change, implementation, and promotion of regular/irregular risk management of risk management policies and plans・report
-
-
Department in charge
-
Designation and operation of a person in charge of risk management for each department, and periodic inspection and management of risks for each department
-
-
Liquidity risk/exchange risk
-
Market risk
-
Business risk
-
Legal risk
-
Operation risk
-
-
-
-
-
- Risk Management Council
- Plans and strategies for risk management across the company, the current status of major investments, supervision of the management of possible enterprise risks, and the establishment of policies *Chairman of the Risk Management Council: Financial Management Officer
- Department in charge
- Checking of the status of the establishment, change, implementation, and promotion of regular/irregular risk management of risk management policies and plans・report
- Department in charge
- Designation and operation of a person in charge of risk management for each department, and periodic inspection and management of risks for each department
Risk Management Process
Identification of Risk
- Identification of important internal and external issues and risks related to management activities
- Notify the department in charge of identified risks.
Implementation of identification of risks according to the criteria for internal classification
Risk Analysis
- Risk quantifying analysis and grading by score, and determining priorities for processing
Priority : Report to council
Priority : Report to each department in charge
Response to risk
- Implementation of measures to mitigate the likelihood of occurrence and impact on the risk of high priority
Establishment of a single or multiple response strategy
Risk monitoring and report
- Constant supervision of changes related to risks
- Improvement of risk response strategy through regular evaluation
Review, supervision, performance of revaluation of risks, and the submission for consideration to the Board of Directors in the case of important risks
Protection of Information
To minimize the risk of information protection, we operate a system of security management and the management of information protection applied by the PDCA model.
The system of security management
The establishment and management of security policy
- Establishment of security strategy
- Evaluation of security level
- Education/public relations
Security check
- Homepage
- IT infrastructure business site
- Personal information
Management of the security system
- PC security SW
- Firewall
- MDS
- Account authentication SW
Physical security
- Control of entry and exit
- Access control
Response to security accidents
- Response to infringement accidents
- Response to malicious codes
- Forensics
Human resources (organization) /
workplace / terminal / network / server / application
Information security management system (PDCA Model)
Establishment and management of information protection policy
- Establishment of information protection guidelines/standards
- Establishment of information protection strategy
- Establishment of an annual information protection plan (including an education/inspection plan)
Management of the operation of security policy
- Implementation of the information protection policy
(Performance/operation in accordance with security standards) - Education to raise awareness of employees (information protection/personal information protection)
- Improvement of information protection/implementation of promotion tasks
Preparation of improvement plans
- Definition of next year's improvement/promoting task
- Enactment and amendment of information protection guidelines and standards
Inspection of information protection
- Inspection of information protection (personal information protection/infrastructure checks, vulnerability diagnosis, mock hacking, etc.)
- Training to raise employee awareness (e-mail hacking mock training, etc.)
- Information protection level assessment (Measurement of security level)
Information security organization system
Chief Information Security Officer (CISO)
Department in charge of in-house information asset protection- Overall control of information protection
- Policy/guidelines, establishment of standards
- Information security solutions, establishment/improvement of policies, Approval of the exception
- An internal audit of the relevant
- Performance of activities to raise awareness of information protection
- Management/response of related certifications
- Prevention and response of information protection accidents
Chief Information Security Officer (CISO)
Department in charge of protection of personal information- In charge of personal information protection
- Establishment and inspection of personal information protection guidelines, etc.
Department in charge of security operation
- Security control/CERT (Infringement Accident Response Team)
- Checking for security vulnerabilities
- Operation (maintenance) of security solutio
- Information security consulting business
Major activities and achievements
The protection of national industrial secrets
In addition to customer-related information, we maintain thorough protection of confidentiality, such as strict compliance with special laws on technology at the core of national defense and reporting matters of technical protection each year.
The introduction of an abnormal sign solution
Hanwha Systems' ICT division developed and introduced an abnormal sign solution that effectively and quickly prevents the occurrence of security accidents by detecting usual usage behavior and different activities in End Point (terminals and users) or internal systems.
Prevention of internal information leakage
We have established PC security settings, encryption of documents, separation of internal and external networks, and systems to respond to intelligent threats, and strictly control access to in-house servers and DBs of unauthorized personnel and devices.
Strengthening of personal information protection
As the center of the Chief Personal Information Protection Officer (CPO), we are taking thorough preventive measures to prevent personal information from being leaked, altered, stolen, lost, or damaged, such as regularly checking the status of storage and management of personal information.
Strengthening of the ability to protect information
In order to strengthen the level of personal information protection of executives and employees, our company conducts training for new entrants and business managers through online and offline, and periodically conducts education, management and guidance of personnel of external and partner companies, and inspection of compliance with security matters.
Status of external certification
Certification related to information security
| IT service management | ISO 20000 |
|---|---|
| Information security management system | ISO 27001 |
| Information security management system | ISMS |
| Cloud service information security | ISO 27017 |
| Firewall and IPS | EAL Grade 4 |
| Vaccine (V3) | EAL Grade 3 |
| Integrated Internal Information Leakage Prevention Audit System (DLP) | EAL Grade 2 |