esg-governance-risk-management-control

Risk management system

The Company strictly complies with relevant domestic and overseas laws and regulations, and has issued relevant system documents such as the Internal Control Management Policy, Compliance Management Policy, and Code of Business Conduct. In 2023, we continued our endeavors to improve the “three lines of defense” of compliance risk management, and saw to it that the responsibilities of all departments at all levels are clearly defined to ensure the Company’s stable and compliant operations.

First line of defense
- Business departments As the primary bodies responsible for risk management in their respective domains, business departments are tasked with controlling risks in business operations.
Second line of defense
- Risk Control Management Department and other related departments Those departments are responsible for building and optimizing the Group’s risk control and management system. They put forward methods and tools to facilitate and oversee effective risk management work in various businesses.
Third line of defense
- Audit and Supervision Center The Center is responsible for independent assessments of the effectiveness of business risk management, as well as investigation into fraud and implementation of accountability measures.

Compliance management

LONGi has built the compliance management system and carried forward the certification projects in line with the ISO 37301: 2021 Compliance Management Systems - Requirements and Guidance. The Company managed to identify and assess business risks involving around 14 compliance issues including but not limited to labor employment, anti-monopoly, and anti-bribery. And the company is developing targeted measures to address the risks identified, embedding compliance risk management into daily operations and management. In 2023, we obtained the ISO 37301 Compliance Management Systems certification.

In addition, the Company factored “Compliance Violation Incidents” indicators into the performance of departments and organizations, with corresponding scoring rules put in place.

Chief Compliance Officer
- Assumed by the Vice President, responsible for leading the Group’s compliance risk management efforts
Risk Control and Management Department
- As the coordinator of the Company’s compliance management, the Department assists the Chief Compliance Officer in organizing, coordinating, and overseeing compliance risk management efforts.
Compliance Risk Control Owner (RCO)
- The RCOs are tasked with overall management and capacity building of compliance risk management, responsible for the overall results of compliance risk management and control.
Risk Control Joint Meeting
- As the integrated platform for compliance discussions and decision-making within the Company, the Risk Control Joint Meeting is responsible for formulating, implementing, and supervising corporate compliance policies and measures, ensuring consistent and effective compliance risk management across departments.
Business Compliance Officer
- Responsible for assisting the heads of business units in managing compliance risks specific to their respective units.

Audit and supervision

Internal and external audits are conducted on a scheduled basis to drive business units and internal control departments to improve their management.

Audit projects of various types

180

Risk points identified and rectified

Risk Management and Control

Risk management system

LONGi’s Compliance Management Structure