Our company regards the board of directors as the highest supervisory and decision-making body for corporate governance, establishing and implementing overall operational and risk management objectives and policies, and continuously supervising the effective operation of management mechanisms, bearing ultimate responsibility. Functional committees are established to aid the board in handling current or potential risk issues, thereby strengthening internal control mechanisms. Presently, the Sustainable Development Center is responsible for coordinating the identification of non-financial impact issues across ESG dimensions. Managers from different functional units propose risk response measures based on actual operations to manage the likelihood and impact of various business-related issues, thus protecting the rights of our stakeholders and enhancing the company's sustainable value.

Implement a specialized and diverse Board of Directors

The Board of Directors is the highest level of governance and consists of 11 directors, each tenure is 3 years, and the current tenure is from August 5, 2021 to August 4, 2024, with an average tenure of 8.3 years. The members have abundant experience in and professional knowledge of biology, electronics, food, education, and marketing to provide professional advice on operating judgment, accounting and analysis, operation management, industry knowledge, and international market outlook. The 11 seats of Directors include 3 seats of Independent Directors, accounting for 27.2% of the total number of Directors. The Board of Directors meets at least once a quarter, with the manager and the treasurer present for the consultation, and the audit director was reporting to the Board of Directors on audits. Total 13 Board meetings were held in 2023 with an actual attendance rate of 100%.

Board Performance Evaluation

• PharmaEssentia has established the "Board Performance Evaluation Policy" and the practices for "Board Self-Assessment or Peer Evaluation" to set performance goals and assessment systems for the board. An internal evaluation of the board’s performance is conducted at least once annually, with an external professional independent organization appointed every three years to perform the annual board performance evaluation. The results of the 2023 internal evaluation of the board and its members were reported to the board on February 26, 2024, in accordance with the law. The assessment was unanimously approved with no further recommendations.
• For external evaluations, the most recent was conducted by the Taiwan Corporate Governance Association for the period from November 1, 2020, to October 31, 2021 (the evaluation report can be accessed on the website). The evaluation recommended four improvements, including strengthening the director nomination process, developing a comprehensive management talent cultivation plan, establishing a robust whistleblower mechanism and communication channels, and creating a dedicated corporate governance section on the company’s official website. In response, PharmaEssentia has set up a corporate governance section on its official website; in 2023, the focus was on recruiting senior management talent for international expansion plans. The Taiwan headquarters will also initiate training programs for key personnel at all levels in 2024, with implementation following board approval according to the set program goals and internal approval authority.

Linking Director Remuneration Policy to Sustainable Performance

The remuneration for our company's directors is determined according to internal statutes, with an allocation not exceeding 5% of the profit remaining after offsetting accumulated losses for the year. Directors' compensation is based on their involvement in company operations, performance contributions, and results from board performance evaluations. Information regarding the remuneration of directors and senior management can be referred to in the annual report. We are in the process of revising the director remuneration policy for the next board election to align it with the company's sustainability goals and performance indicators.

• Rules of Procedure for Board of Directors’ Meetings
• Election of Directors
• The Rules for Performance Evaluations of the Board of Directors
• Performance Evaluations of the Board and Directors by internal self-evaluation
• Board Member Diversity Policy
• Communication Between the Independent Directors, Internal Audit Executive, and Accountant
• External performance appraisal results of the Board of Directors

Operation of Functional committees

Two functional committees have been set up under the Board of Directors, which are the Audit Committee and the Remuneration Committee. These committees comprise of the Independent Directors, and the Remuneration Committee also has an external expert (Professor Ming-Chuan Hsieh) to jointly supervise and inspect the management mechanism of Directors and Managers.

• Remuneration Committee
• Audit Committee
• Performance evaluation results of Audit Committee and Remuneration Committee

Internal Control and Internal Audit

To assist the Board of Directors and management in implementing corporate governance and strengthening internal control and audit functions, our company's Internal Audit Department reports directly to the Board of Directors. The department is headed by a Chief Auditor, with one to two auditors under their supervision. The appointment and dismissal of the Chief Auditor must be approved by the Audit Committee and passed by the Board of Directors.The Chief Auditor reports to the Audit Committee and the Board of Directors quarterly on the execution of audit tasks, enhancing the Board’s oversight of the implementation of the company's audit system. Regular meetings are scheduled for independent communication between internal auditors and independent directors. Furthermore, any deficiencies identified during the annual audit plan's internal control checks are continuously monitored and re-evaluated to ensure that the relevant units have taken timely and appropriate corrective actions.
Routine and project-specific audits, along with subsidiary oversight tasks, are conducted to assess the functionality of internal controls and identify potential risks. These efforts assist the Board of Directors and management in fulfilling their responsibilities. In the year 2023, the audit unit completed 55 audit reports without identifying any significant deficiencies.

Global Compliance Strategy framework & Business Conduct

Rules of Business Conduct and Ethics Standards

PharmaEssentia has established clear policies against corruption and bribery and regularly conducts training and educational sessions for all employees and directors. An internal control system assessment related to corruption risks conducted in 2023 revealed no corrupt activities within operational practices, and there were no incidents of corruption, anti-competitive, anti-trust, or monopolistic behaviors reported.

Specific Measures for Prohibition Against Insider Trading and Material Non-Public Information

The company has formulated the rules and regulations of " Operating Procedures for Handling Material Nonpublic Information and Preventing Insider Trading ". The Procedures has been approved by the board of directors, and the relevant specifications have been disclosed on the company's website. Thereby preventing improper information disclosures, ensuring the consistency and accuracy of information released to the public, and strengthening the prevention of insider trading.The Internal Audit Department/Legal Unit conducts training & education and outreach on relevant laws at least once a year for current directors, executives, and employees. 

The specific implementation for the current year is as follows:

   Two sessions were held on June 7 and November 29, 2023, providing relevant education and training on significant information regulations and the inclusion of insider short-term trading rights (including online) for a total of 31 individuals, including directors, managers, employees, and subsidiary managers.The course covered topics such as equity declaration regulations, insider trading, public operations, and violation handling, with a total training duration of 31 hours.

   On November 9, 2023, an educational training session was conducted for directors and corporate governance executives, involving a total of 11 individuals. The course covered topics such as "The Explosive Growth of Artificial Intelligence - Technological Developments and Business Opportunities of ChatGPT" and "Prospects and Challenges of Artificial Intelligence in Taiwan." The total training hours amounted to 66 hours, and the overall training hours for all directors complied with legal regulations.

Principles of Ethical Corporate Management

【Reporting of Violating Ethical Corporate Management】

• Stakeholder Contact：Human Resource unit of PharmaEssentia
• Telephone：+886.2 26550-7688
• Email Box：hr@pharmaessentia.com

• Codes of Ethical Conduct
• Principles of Ethical Corporate Management
• Sustainable Development Best Practice Principles
• Procedures for Ethical Management and Guidelines for Conduct
• Operating Procedures for Handling Material Nonpublic Information and Preventing Insider Trading
• Corporate Governance Code

Risk Governance and Management

The Board of Directors serves as the highest supervisory and decision-making body for risk management, endorsing the overall objectives and policies for risk management and continuously overseeing the effective operation of risk management mechanisms. The company has established internal risk management policies, procedures, and control systems in accordance with relevant standards, managing all risk issues, impacts, and corresponding significant topics properly. Annually, the overall risk management objectives and policies are ratified by the Board of Directors, which continues to ensure the effective operation of the risk management mechanisms through the regular supervision.

Risk Identification and Classification

PharmaEssentia adopts the 2018 COSO Enterprise Risk Management (ERM) framework, along with the biotech industry-specific requirements, to classify risks into nine categories. For each category of risk, different mitigation strategies are employed to reduce their impact on the company.

Risk Management Mechanism

The company has established a comprehensive remediation process for negative impacts, structured in three phases: prevention, grievance, and corrective action. This approach ensures effective responses to both potential and emergent issues.

Biopharmaceutical is a highly regulated industry, and all business conduct and products of the Group, from R&D, clinical trials, drug manufacturing and production, regulatory marketing approval review, to post-marketing safety monitoring, shall comply with relevant regulations from various countries.

Data Security Management and Objectives

In 2022, to enhance our information security defenses and management mechanisms, and to comply with the "Guidelines on the Establishment of Internal Control Systems by Publicly Listed Companies," PharmaEssentia amended its "Information Security Management Procedures." Additionally, the company established a Cybersecurity Promotion Team, responsible for driving, coordinating, supervising, and reviewing matters related to information security management. The information security officer reports annually to the Board of Directors, with the most recent report completed on December 26, 2023.

【Annual implementation of Data Security management】

• In October 2023, PharmaEssentia implemented the ISO 27001 Information Security Management System and anticipates receiving ISO/IEC 27001:2022 third-party certification of SGS by 09.July, 2024.
• To enhance the information security awareness of all employees, the company conducted a social engineering training session and two educational sessions focused on ISO 27001 in 2023, involving a total of 271 participants and approximately 323.5 hours. Additionally, one employee undertook a 40-hour course to become a Lead Auditor for ISO/IEC 27001:2022, and has since obtained the certification.

Implementation of Customer Privacy Protection

• Scope of Information Security and Privacy Protection:

  In addition to our internal employees, the scope of our information security and privacy protection efforts extends to healthcare professionals, medical institutions, outsourced partners, and clinical trial participants.

• Patient Information Security:

  All external research organizations working with PharmaEssentia and medical staff involved in clinical trials at hospital sites are required to strictly adhere to our privacy protection policies. They must also comply with various national and international regulations, such as the European Union's General Data Protection Regulation (GDPR), Good Clinical Practice (GCP) guidelines, the Declaration of Helsinki, Taiwan's Human Research Ethics Policy Guidelines, and the Medical Act. These measures are part of our commitment to ensuring the protection of personal data. In 2023, there were no incidents of employee or customer data protection and privacy complaints, nor were there any complaints regarding the loss of customer data across all PharmaEssentia.

Patent Structuring and Strategy

PharmaEssentia has established "Intellectual Property Management and Utilization Procedures" to regulate the acquisition, protection, maintenance, and utilization of the company's intellectual property rights. From a legal perspective, the company has set "Litigation and Significant Dispute Management Procedures" to regulate the control of legal cases and significant disputes.

【Annual implementation of IP management】

• Each year, the Intellectual Property Department regularly reports to the Board of Directors on the execution of the previous year's intellectual property management plan and the plan for the upcoming year. The execution of the 2023 intellectual property management plan and the new plan for 2024 were reported to the Board of Directors on February 26, 2024, ensuring the effective management and protection of the company's intellectual property rights. The Board's full awareness assists the company in enhancing its intellectual property strategy and protection, moving towards greater refinement.
• In 2023, we conducted four sessions of intellectual property-related training for R&D directors and R&D personnel in the United States (PIRC) and Taipei headquarters, totaling 53 hours.

Patent and Trademark Management

Patent infringement, protection and specific measures

PharmaEssentia has taken a number of measures to ensure the protection of intellectual property rights against patent infringement. In terms of internal control system, the Company has formulated the "Regulations for the Management and Use of Intellectual Property Rights", which not only applies for patents in a timely manner to strengthen the protection of rights and interests in view of the risks of core patent rights, but also issues legal warnings or requests for compulsory orders from the court against suspected infringers.
In terms of employee confidentiality obligations, the company and employees have signed employment contracts and confidentiality agreements, which clearly regulate confidentiality obligations and liability for breach of contract. Specific measures have also been taken to ensure non-infringement, including technology search and analysis at the start of R&D projects, ensuring that future development directions do not infringe on the technology of others, and monitoring the emergence of new technologies at any time during the development process. Through these comprehensive measures and systems, PharmaEssentia is able to effectively protect the key core technologies developed by itself and avoid significant impact on the company due to negligence in R&D or technology-related links.

Our company has established the ethical marketing policy governs, strictly requiring personnel to adhere to the regulations of various international pharmaceutical industry organizations, such as Taiwan's IRPMA, the United States' PhRMA, and NCPDP, for pharmaceutical marketing promotion. As of 2023, no violations in ethical pharmaceutical marketing across all countries.

PharmaEssentia's Ethical Marketing Policy:

Annual dissemination and process audits for interactions and marketing related to healthcare professionals. Based on seven principles：

• Patient health and welfare priority.
• High standards for quality, safety, and efficacy.
• Ethical interactions
• Accurate information
• Ethical marketing
• Privacy respect
• Transparent research