Section I General Provisions
- ARTICLE 1. (Purpose)
- Hanwha Corporation (hereinafter “the Company”) establishes and implements Compliance Policy (the “Policy”) as follows in order to achieve transparency in its operations, pursue sound development and secure trust from customers by complying with applicable laws.
- ARTICLE 2. (Definitions)
-
1.
“Compliance Control” means any policy establishment and control activities with the purpose of enabling the Company to achieve a comprehensive understanding of applicable laws and conduct internal compliance inspections so that the Company may prevent illegal conducts in advance and formulate a systematic response to legal risks.
-
2.
A “Legal Risk” means a risk arising from employee’s non-compliance with applicable laws that may incur a civil, criminal or administrative liability to the Company, or a risk arising from a void or unenforceable contract that may incur damages to the Company.
-
3.
“Compliance Officer” is a person, appointed in accordance with Civil Code Article 542-13, who assumes such responsibilities as implementing a compliance training program, conducting an inspection on whether the Policy is abided by, and reporting relevant matters to the Board of Directors.
- ARTICLE 3. (Application)
-
①
The Policy applies to all operations of the Company and relevant activities by its employees.
-
②
Any internal guideline or policy of the Company relating to the Policy must be consistent with the Policy and, except otherwise specified in applicable law or the Article of Incorporation, shall be preceded by the Policy.
- ARTICLE 4. (Amendment)
- The Board of Directors may amend the Policy as necessary.
Section II Compliance Control Structure
- ARTICLE 5. (General Principles on Organizational Structure and Assignment of Duties)
- Organizational structure and assignment of duties among relevant units shall be determined in a manner that ensures the efficiency of Compliance Control and the independence of Compliance Officer and clearly establishes responsibilities of relevant employees.
- ARTICLE 6. (Responsibilities of Each Unit)
-
①
The Board of Directors shall determine the Policy and relating matters of importance. The Board shall also oversee whether the Representative Director maintains and operates an effective Compliance Control system reflecting the Board’s decisions. In case of multiple Representative Director s, the Board may select one Representative Director to be responsible for Compliance Control matters.
-
②
Representative Director shall, as determined by the Policy and the Board, establish, maintain and operate a Compliance Control system corresponding to the scale and the nature of the business of the Company and supervise its operation.
-
③
Compliance Officer shall establish and implement a compliance training program, conduct an inspection on compliance with the Policy, report the findings and other tasks necessary for Compliance Control.
- ARTICLE 7. (Appointment of Compliance Officer)
-
①
The Board of Directors shall appoint a Compliance Officer.
-
②
Compliance Officer may not be dismissed within his term without a reasonable cause. Sufficient evidence to prove such cause must be presented in order to dismiss Compliance Officer during his term.
-
③
In case of a dismissal, new Compliance Officer shall be appointed promptly to ensure the continuity of his responsibilities.
- ARTICLE 8. (Qualification, Term and Position of Compliance Officer)
-
①
Compliance Officer shall meet the requirements of the Civil Code Article 542-13 and the Enforcement Decree thereof Article 41. The Board of Directors may establish additional requirements, within the boundaries of the Civil Code and Enforcement Decree, reflecting the needs of the Company.
-
②
Auditor or a member of the Audit Board shall not be Compliance Officer.
-
③
Term of office of Compliance Officer shall be 3 years. He or she must hold a full-time position.
- ARTICLE 9. (Authorities and Responsibilities of Compliance Officer)
-
①
Compliance Officer shall have the authority
- 1. to implement compliance education and training programs;
- 2. to conduct inspections on whether the Policy is abided by on a regular basis or as needed and report the results;
- 3. to request the collection and submission of information and testimony necessary for the Compliance Officer to perform his duties;
- 4. to request employees to comply with applicable laws or to demand cessation of, or corrective or improving measures with respect to matters judged to be illegal;
- 5. to request imposition of penalties on the employees who breached the Policy;
- 6. to attend and present his opinion at board meetings, etc. that are convened with regard to Compliance Control;
- 7. to supervise compliance supporting units and request appointments to positions within such units; and
- 8. to take such other actions as permitted by the Board of Directors.
-
②
Compliance Officer shall assume a fiduciary duty in performing his responsibilities and must not disclose, both within and after his term, business secrets of the Company.
-
③
Compliance Officer shall assume a fiduciary duty in performing his responsibilities and must not disclose, both within and after his term, business secrets of the Company.
- ARTICLE 10. (Independence of Compliance Officer)
-
①
Compliance Officer may report, timely and directly, to the Board of Directors and the Representative Director.
-
②
Compliance Officer shall be positioned in a rank which allows him to perform compliance support and control duties in an independent and effective manner. He shall be provided with necessary resources including resources and working environment.
-
③
The Company shall not disadvantage a former or current Compliance Officer based on his performance of his duties as Compliance Officer.
- ARTICLE 11. (Prohibition of Concurrent Positions of Compliance Officer)
- Compliance Officer shall not hold a sales-related position that may affect his performance of the duties relating to compliance.
Section III Compliance Control Activities
- ARTICLE 12. (Assessment of Legal Risks)
-
①
The Board of Directors shall establish and operate a comprehensive legal risks assessment and management system that operates in an effective manner under the existing company-wide risk management system.
-
②
Compliance Officer shall determine the likelihood of illegal conducts and categorize major activities that raise legal risks, taking into account the scale and frequency of the associated risks. Relevant units and employees who are requested by the Compliance Officer to cooperate with the task of categorization must respond promptly in a good faith.
- ARTICLE 13. (Management of Legal Risks)
-
①
An employee must fully comprehend and comply with domestic and foreign applicable laws and regulation, the Policy and other internal guidelines of the Company relating to legal risks associated with his responsibilities.
-
②
If an employee finds out a violation of applicable laws and the Policy, he must immediately report the incident in accordance with the procedure prescribed in the Policy. He must not take a part or cooperate in such conduct.
-
③
Relevant units and the Compliance Officer must take measures to prevent legal risks from spreading or expanding to other units.
-
④
Compliance Officer must, based on the results of legal risks assessment, take measures to enable employees to fully recognize and understand their responsibilities under Paragraphs ① and ②.
- ARTICLE 14. (Compliance Training Programs)
-
①
Compliance Officer shall establish and implement a detailed and systematic compliance education and training program so that employees may identify in advance and respond to legal risks associated with their duties.
-
②
Compliance Officer must provide, at least once a year, compliance training and education for all employees. He may provide a special, targeted program for a unit with high legal risks.
-
③
Compliance Officer shall assess the effect and validity of a compliance education and training program and, if necessary, conduct an improvement survey.
-
④
In addition to an education and training program, Compliance Officer may establish a hotline for employees who are exposed to high legal risks.
- ARTICLE 15. (Constant Compliance Support)
-
①
Compliance Officer shall provide legal counsel to employees on a regular basis. An employee must always consult with Compliance Officer prior to conducting any activity that is closely associated with legal risks, including, for example, singing a contract.
-
②
Representative Director must establish a system where an employee can communicate effectively with Compliance Officer regarding legal risks arising over the course of business operation or compliance-related issues.
- ARTICLE 16. (Compliance Self-Evaluations by Employees)
-
①
Each department must establish a compliance self-evaluation plan and assess the operation thereof on a regular basis.
-
②
Each department may prepare a self-checkup checklist for an effective assessment.
-
③
Compliance Officer shall supervise a department’s efforts to establish a self-evaluation plan as described in Paragraph ① and assess the operation thereof.
- ARTICLE 17. (Compliance Inspection by Compliance Officer)
-
①
Compliance Officer shall establish and operate a compliance inspection system to assess all employees’ compliance with the Policy, etc.
-
②
Compliance inspections by Compliance Officer include a regular inspection, which shall be conducted more than once per year, and a special inspection, which shall be conducted with regard to a specific legal issue identified.
-
③
Compliance Officer shall report the results of a compliance inspection to the Board of Directors.
-
④
Compliance Officer may, where necessary, report to or consult with the statutory auditor over the course of a compliance inspection.
- ARTICLE 18. (Internal Reporting)
-
①
Representative Director may establish an internal reporting system under which an employee may report, directly to Compliance Officer or other relevant personnel, an illegal conduct or other wrongful activities by another employee.
-
②
A person who receives or processes such reporting must keep confidential the identity of the reporter and the content of the report.
-
③
If an employee reports an illegal conduct or wrongdoing that involves himself, such factor will be taken into consideration. Under no circumstances reporting shall result in a disadvantage to the reporter.
- ARTICLE 19. (Disciplinary Measures to Breaches)
-
①
If a breach of the Policy or other applicable laws or regulations is found, Compliance Officer may report to the responsible officer of the relevant unit or the Representative Director and request an appropriate measure such as cessation of said conduct or ordering corrective or improving measures or penalty to the said employee. Where necessary, Compliance Officer may consult with relevant units to prepare a comprehensive countermeasure and discuss with the Representative Director. However, if urgent, Compliance Officer may use his best judgment and take necessary measures, including, for example, sending a request to the employee to cease, improve or correct the said conduct.
-
②
The Company shall take an appropriate disciplinary measure, against the person who breached the Policy or other applicable laws or regulations, corresponding to the magnitude of the breach.
-
③
Compliance Officer may prepare a plan to prevent the reoccurrence of a same or similar conduct and discuss with the Board of Directors or the Representative Director. Should the plan be adopted, Compliance officer shall notify the said department and other relevant departments and reflect the plan in revamping a relevant program or policy.
- ARTICLE 20. (Circulation and Management and Information and Data)
-
①
Compliance Officer may request that an employee of a relevant department submit the information or data necessary for the Officer’s compliance control duties in an readily usable form. An employee who receives such request must promptly respond in good faith.
-
②
Compliance Officer shall establish a comprehensive information management system to organize and store, in a systematic and secure manner, information and data relating to Compliance Control.
-
③
Information and data formulated under the compliance control system shall be retained for a considerable period.
Section IV. Validity Assessment
- ARTICLE 21. (Criteria and Procedures of Validity Assessment)
-
①
The Board of Directors shall review, on a regular basis, the validity of the design of and the effectiveness of the operation of the Policy and relevant systems. If a review reveals an issue that needs addressing, the Board shall formulate measures for improvement.
-
②
Compliance Officer shall conduct an independent assessment of the validity of the compliance support and assessment system and report the results to the Board.
-
③
The Board of Directors may, apart from the Compliance Officer’s independent assessment, conduct an annual, company-wide validity assessment of the compliance control system.
-
④
A validity assessment must include empirical review of the propriety and effectiveness of the contents of the Policy, legal risks assessment and management system, compliance inspection and reporting system, independence of the Compliance Officer, and disciplinary measures to a breach.
- ARTICLE 22. (Follow-Up Measures Following Validity Assessment)
-
①
The Board of Directors shall establish an improvement plan for issues identified in a validity assessment. In doing so, the Board shall consult with Compliance Officer.
-
②
Representative Director shall implement an improvement plan following a validity assessment.
-
Section V. Miscellaneous
- ARTICLE 23. (Reward)
- Compliance Officer may propose a reward or promotion of a person who he considers has fully complied with the Policy and contributed in preventing or decreasing potential damages to the Company.
- ARTICLE 24. (Details)
- Compliance Officer may set forth necessary details in implementing the Policy.
Supplementary Provision
This Policy shall be effective upon the approval of the Board of Directors.