Organization and Governance Policy

The Company established the ESG Committee in 2016. The committee is chaired by Steve Chen, Director and President, and its main responsibilities are to propose and implement policies or systems for the implementation of corporate governance, development of a sustainable environment, and maintaining social welfare. The committee consists of five sustainability-related task forces for corporate governance, humanistic care, innovative technologies, sustainable environment, and company value chain. The committee is responsible for establishing policies, goals, and organizing related activities to fulfill our responsibility to sustainability. The leader of each promotion team is usually the head of a center or division. The team's members are composed of relevant business departments, whose supervisors act as representatives in the committee. Complete documents are prepared at the end of each year and reported to the Board of Directors: 1. Review the effectiveness of ESG operations; 2. Identify material topics, management approaches, and set implementation goals for the year.

Regulation：WIN, by establishing the "Corporate Governance Best Practices Principles," promotes a sound corporate governance system, protects shareholders' interest, strengthens the functionality of the Board of Directors, and improves information transparency. WIN has established an effective corporate governance framework with functional committees under the Board of Directors, including the Audit Committee and Compensation Committee, to assist the Board of Directors by providing professional recommendations for governance.

Corporate governance supervisor：The Board of Directors approved the appointment of corporate governance supervisor on May 14, 2019. The positions are held by assistant vice presidents with at least three years of experience in legal affairs. The main responsibilities are to provide directors with necessary data for performing duties, assisting directors with regulatory compliance, and handling matters of Board meetings and shareholders' meetings in accordance with the law.

Major work was as below:

• 1. Acting as the secretary of the Board and the major contact between the Directors and the Company.
• 2. Assisting Directors to performing their duties and provide meeting materials information as they deem necessary as well as to help the communications between Directors and internal officers.
• 3. Providing continuing educations information to Directors and arranging training courses for them.
• 4. Assisting the arrangement the communication affairs between Audit Committee members, external CPAs and chief of internal auditor.
• 5. Setting up the Board meetings agenda, call the meetings and providing meetings materials. Reminder the director for rescue in advance if there is any conflict interests matter. Providing meeting minutes within 20 days after the Board meeting.
• 6. Assisting shareholders’ meeting affairs.

Education/training records：

Date	Host by	Course Title	Hours
03/18/2022	Taiwan Corporate Governance Associate	ESG reporting trends and business implications	3
08/12/2022	Taiwan Corporate Governance Associate	The only way to sustainable management of enterprises-external innovation	3
11/24/2022	Corporate Operating and Sustainable Development Association	Case analysis of disclosure of material information of the company and responsibilities of directors	3
11/24/2022	Corporate Operating and Sustainable Development Association	Practical operation and case analysis of corporate governance, board of directors and compensation committee	3
Total number of course hours in 2022			12

Regulation："Corporate Governance Best Practice Principles", "Ethical Corporate Management Best Practice Principles", "Guidelines for the Code of Ethical Conduct" , "Procedures for Ethical Management and Guidelines for Conduct","Management Procedures for Material Inside Information and Preventing of Insider Trading", "Procedures for Handling Whistleblower Cases" and "Anti-Corruption Policy".

Responsible unit：WIN shall designate the Human Resources Division as the responsible unit and in charge of the amendment, implementation, interpretation, and advisory services with respect to these Procedures and Guidelines, and periodically submits a written report on the implementation status to the Board of Directors.

The responsible unit is to be in charge of the following matters：

• 1. Assisting in incorporating ethics and moral values into the Company's business strategy and adopting appropriate prevention measures against corruption and malfeasance to ensure ethical management in compliance with the requirements of laws and regulations.
• 2. Adopting programs to prevent unethical conduct and setting out in each program the standard operating procedures and conduct guidelines with respect to the Company's operations and business.
• 3. Planning the internal organization, structure, and allocation of responsibilities and setting up check-and-balance mechanisms for mutual supervision of the business activities within the business scope which are possibly at a higher risk for unethical conduct.
• 4. Promoting and coordinating awareness and educational activities with respect to ethics policy.
• 5. Developing a whistle-blowing system and ensuring its operating effectiveness.
• 6. Assisting the Board of Directors and management in auditing and assessing whether the prevention measures taken for the purpose of implementing ethical management are effectively operating, and preparing reports on the regular assessment of compliance with ethical management in operating procedures.

Regulation："Corporate Governance Best Practice Principles" and "Procedures for the Prevention of Insider Trading".

Article 10 of "Corporate Governance Best Practice Principles"：To protect its shareholders' rights and interests and ensure their equal treatment, the Company shall adopt internal rules prohibiting company insiders from trading securities using information not available to the market.
It is advisable that the rules mentioned in the preceding paragraph include stock trading control measures from the date insiders of the Company become aware of the contents of the Company's financial reports or relevant results. Including prohibition of Directors from trading securities during a blackout period, which are 30 days before the announcement date of its annual financial report and 15 days before the announcement date of its quarterly financial reports.

Article 6 of "Procedures for the Prevention of Insider Trading"：The Company's insiders shall exercise the due care and fiduciary duty of a good administrator and act in good faith when performing their duties, and shall sign confidentiality agreements. No insider with knowledge of material inside information of the Company may divulge the information to others.
No insider of the Company may inquire about or collect any non-public material inside information of the Company not related to their respective duties from a person with knowledge of such information, nor may they disclose to others any non-public material inside information of the Company of which they become aware for reasons other than performance of their duties.

We promote education and promotion for Board of Directors or employees once or more each year. We organize related courses for Board of Directors and senior manager on Nov. 5 and Nov. 9, 2021, which are included Securities Fraud (Insider Trading) and Responsibilities of Directors and Supervisors. We organize related courses for new employees each year to educate them on the Company's core value of "integrity and accountability." At the end of the year, we promote the policy of integrity and RBA to raise employees' awareness of "integrity and accountability.

Regulation：The Board of Directors of WIN is the highest management unit responsible for the Company's operating risk. With the assistance of the Audit Committee, the Board controls and manages the existing or latent risks of the Company, including establishing internal control systems, implementing internal auditing. By establishing the "Rules for Risk Management" which is including organization frame and risks boundaries, and then approved by the Board of Directors to reduce the possibilities of risk occurrence and mitigate the impact of risk-induced damage. Furthermore, reporting on the implementation status to the Board of Directors yearly.

The responsible units in the risk management organization proposed 81 risk factors in 2022.

There was no item in need of immediate improvement identified in the 2022 evaluation, and the responsible departments have put forward mitigation measures for those requiring improvement, with the plan's efficacy being reviewed annually in light of actual circumstances.

WIN established regulations for "Emergency Response Plan" to reduce possible environmental impact, personnel injury, and loss of equipment and properties caused by potential accidents. They include procedures for processing gas leaks, fires, irregular scents, leaks of chemicals, earthquakes, other natural disasters, and power blackouts. The EHS Department is responsible for organizing emergency response training in the fabs and we use regular drills to familiarize employees with emergency response measures, reporting procedures, and the command system.

Sensitivity Analysis and Stress Test

WIN conducts sensitivity analysis and stress tests for risk items including financial issues such as exchange rate and interest rate fluctuations, instant voltage drop by TPC, interruption of the supply of main materials and chemical leaks caused by natural disasters, and information security risks. For details on stress testing related to climate change, please refer to the Climate Action section.

Purpose: The advancement of technology has made information security management increasingly complex. In the face of a variety of daunting challenges, WIN remains steadfast in safeguarding information security, actively implementing an information security management system within the organization to protect the confidentiality, integrity, and availability of information assets to ensure sustainable business.

Information Security Governance Organization

• Steve Chen, the General Manager of Corporate Administration, has been appointed as the Chief Information Security Officer (CISO) of the company, reporting directly to the Board of Directors on matters related to Information Security Management performance and achievements. Additionally, an Information Security Management Committee has been established with Steve Chen as its Chairman. The Information Security Management Committee was established, with members appointed by the heads of the Auditing Department, the Legal Affairs & Public Relation Department, the Procurement Department, the Information Technology Department, EPI manufacturing BU, Global Service BU, Wafer Manufacturing BU, Technology Development and Strategic Marketing BU, Quality Assurance BU and President Office.
• The committee is responsible for ensuring that the information security policies are in line with the company's strategy, coordinating the resources required for information security work, and overseeing the effective implementation of information security policy objectives and measures, as well as the overall operation and implementation of the information security management system.
• In order to drive various information security operations, including enhancing employee information security awareness, assessing and mitigating information security risks, auditing internal and external information security management systems, coordinating information security work across departments, and continuously improving information security management systems, the Company has established a dedicated information security management department called the Cyber Risk Management Office, with the office head serving as the General Director of the Information Security Task Force.
• To guarantee the smooth operation of the information systems and ensure information security, the department head of the Information Department has been designated as the leader of the Information Security Incident Reporting and Handling Team, the department head of the Information Risk Management Department has been designated as the leader of the Information Security Team, and the head of the Audit Department has been designated as the leader of the Information Security Audit Team. Additionally, the Audit Department will include information security in the annual audit and report the results to the Audit Committee and Board of Directors to ensure the effectiveness of the information security management system.

Information Management Strategy and Framework

Specific Management Plans

With the commitment and support of our management, we have adopted a cyclical operation mode called "Plan-Do-Check-Act" (PDCA) to establish an information security management system and maintain its effective operation and continuous improvement.
● Plan: Instituting an information security organization to oversee potential threats and vulnerabilities, organize risk assessments, and develop control mechanisms to establish an effective information security management system.
● Do: Enforcing the control mechanisms of the information security management system.
● Check: Overseeing the implementation of all tasks as required by the information security management system and auditing their efficacy.
● Act: Formulating and implementing corrective actions in accordance with the results and recommendations of the monitoring and audit processes to ensure the sustainable operation of the information security management system.

Regulation: “Intellectual Property Rights Management Regulations”.

1. Intellectual Property Rights Management Plan
As a leader of compound semiconductors in Taiwan, WIN is committed to the development and innovation of 5G/6G, key optical component technologies, and advanced manufacturing processes, which will achieve the Company's competitive edge in wireless communication, key optical components technologies, and semiconductor wafer fabrication sectors. We continue to obtain high-quality patents in key technical fields and ensure that the acquisition, protection, maintenance, and utilization of intellectual property comply with relevant regulatory requirements to avoid intellectual property infringement. We established the Intellectual Property Rights Management Regulations to manage the acquisition, maintenance, and utilization of patents, trademarks, publications, and trade secrets.
WIN established an Intellectual Property Management Committee (IPC) that encourages employees to disclose R&D results through IP proposals and patent allowance incentives to embody the intellectual property into patents, trade secrets, and papers.
WIN established an intellectual property disclosure system. Before the IPC decides to apply for a patent or treat it as the Company's trade secret, a patent engineer will evaluate the patentability of each IP proposal and ensure that the content of the proposal does not infringe on patents of any third party and contract agreements. Moreover, we enhance the Company's patent strategy to improve overall patent strength and increase the Company's competitiveness in the wireless communication and optical semiconductor wafer manufacturing sectors.

2. Status of the Operations

• ● Amendment to the Intellectual Property Rights Management Regulations in December 2019.
• ● Promoted the policy of Trade Secrets for all employees in December 2022
• ● Promoted the policy of Intellectual Property Rights for all employees in December 2022.
• ● Present the status of the Intellectual Property to the Board of Directors on December 30, 2022.
• ● 181 patents were obtained as of the end of 2022.