Integrity and Compliance-Corporate Governance-Taipower Sustainability Section - Taiwan Power Company

loading 3

Read more

Ethical Code

 
All personnel

All personnel

 

All Taipower employees shall abide by laws and regulations such as the Code of Ethics for Personnel under the Ministry of Economic Affairs and the Directions on Lobby Registration and Checks for the Executive Yuan and its Subordinate Agencies. Any employee who requires clarification on any ethical issue or has legal compliance-related questions may consult specialists from Taipower's Department of Civil Service Ethics, with full protection of their rights and interests.

Procurement personnel

Procurement personnel

 

Taipower's procurement shall abide by the Company's Ethical Guidelines for Procurement Personnel, and the Points of Attention for Interaction between Procurement Personnel and other Businesses. The Company offers frequent training for its procurement personnel to help them perform their duties fairly, honestly and in compliance with pertinent laws without giving, asking, or expecting favors. Taipower has also established an Anti-Corruption and Legal Affairs Office to offer consultation services. The Company emphasizes fair and open procurement processes in order to improve procurement efficiency, performance, and quality.

Management

Management

 

Taipower seeks to ensure that reviews for individuals with administrative liabilities or suspected in fraud or bribery cases are dealt with in a timely, effective and fair manner. As such, the Company reviews the administrative liabilities of both individuals involved in fraud/bribery and their managing supervisors to ensure the implementation of Taipower's integrity management.

Anti-Corruption Measures

 

As a state-owned enterprise, Taipower executes specific policies and measures from the Executive Yuan’s National Integrity Building Action Plan. Taipower has implemented the Ministry of Economic Affair’s Guidelines for the Implementation of the National Integrity Building Action Plan in its planning and promotion of various ethics-related tasks. Taipower has also integrated these measures through a consensus on anti-corruption within the private sector, as the Company employs the highest integrity standards for itself.

Every year, Taipower sets up a plan for supervising the integrity of its business administration. Part of this plan seeks to implement Management by Wandering Around (MBWA). Through on-site visits, case file investigations, and comprehensive seminars, Taipower is able to ensure the understanding and implementation of civil service ethics within each unit. The aforementioned tasks are conducted in order to improve work deficiencies, enhance work performance, and demonstrate the function of civil service ethics within the organization. In 2023, a total of 59 units and 17 cases were inspected through on-site and phone interviews. The civil service ethics units have effectively implemented tasks related to civil service ethics.

Promotion of Anti-Corruption Campaigns

Promotion of Anti-Corruption Campaigns

 

Taipower actively conducts anti-corruption advocacy for employees and suppliers, enhances understanding of the ethics and laws among relevant personnel, and consolidates an anti-corruption consensus between Taipower and its suppliers to prevent corruption. The training sessions held in 2023 included the publication of a monthly integrity e-newsletter, employee integrity project promotion, online training courses, and integrity seminars.

Internal Risk Control

 

In accordance with the Financial Supervisory Commission's Regulations Governing the Establishment of Internal Control Systems by Public Companies and the Enforcement Rules for Internal Inspection of National Corporations under the Ministry of Economic Affairs, Taipower's Internal Inspection Office of the Board of Directors devised and executed an Annual Inspection Plan in 2023. The inspected items in 2023 included: internal control management and self-regulatory mechanisms, risk management, effect and efficiency of major operational target projects, information, communication and reporting, compliance with relevant laws and regulations, items required by the Board of Directors/ Audit Committee/Inspection Office of the Board, and corrections or instructions from superior authorities.

 

Three Lines of Defense for Internal Auditing and Control


Three Lines of Defense for Internal Auditing and Control

Compliance

 

Taipower is a state-owned public utility and its operations are governed by the Company Act, Securities and Exchange Act, and other general laws and regulations, in addition to the Administrative Law for State-Owned Enterprise and the Electricity Act. Therefore, the establishment of Taipower's organization, accounting, auditing, budgeting, business planning, utility rates, and its development and management of electricity resources must be approved by the Ministry of Economic Affairs. Specifically, the Ministry's State-owned Enterprise Commission is responsible for supervising and managing the various operations at Taipower. The Bureau of Energy is the regulatory authority for the electricity industry, and is responsible for communicating and transmitting relevant instructions to other ministries, such as the National Development Council, or the National Audit Office. The implementation of corporate policies must comprehensively account for the provisions of various laws and regulations and their impacts on policy development.

Legal Compliance and Awareness Campaigns

 

In an effort to boost employee awareness of the Company’s legal affairs and to ensure compliance, the Legal Affairs Office organizes multiple sessions of the Practical Legal Issues – Case Studies and Solutions Seminar at different units along with other training events each year. The office also provides legal consultation services to help units address and resolve legal issues in their operations and to ensure that all employees abide by the pertinent regulations.。

推動守法宣導
產品責任與個資保護

Product Responsibility and Personal Information Protection

 

Taipower's main product is electricity. Electricity prices and payments must be handled in accordance with government laws, regulations, and policies. As such, Taipower deals with all customer information, electricity payments in arrears, and suspension of electricity services in accordance with the Personal Information Protection Act and the Electricity Act. Taipower conducts an annual inventory of personal data files and systems, reviews necessary fields, and revises relevant business regulations. For the confidentiality of customer-related data, Taipower has formulated a confidentiality mechanism and operations method according to different targets. It abides by the regulations on the handling of personnel data by various units to ensure the protection of customer data related to business execution. For example, to prevent inadvertent leakage of a customer’s personal information and violation of law by the service personnel that fail to follow the operations method, Taipower has stipulated handling procedures to check the identification of applicants or to verify their IDs when the personal data of customers or their entrusted persons are involved during the power consumption inquiry process. These inquiries may be made through face-to-face encounters, via telephone, fax, online query, or by printing out the results of such queries. For important databases, Taipower has established a database activity monitoring system to audit and protect data.

Information Security Protection Plan

 
Information Security Protection Plan
IT assets and critical IT infrastructure must be regularly inventoried, classified, and graded. Risk assessments will be conducted for important IT assets and critical IT infrastructure. The Company must implement appropriate protective measures based on the results of these risk assessments.
  • IT assets and critical IT infrastructure must be regularly inventoried, classified, and graded. Risk assessments will be conducted for important IT assets and critical IT infrastructure. The Company must implement appropriate protective measures based on the results of these risk assessments.
The collection, processing, and utilization of personal data must meet the requirements of the Personal Data Protection Act.
  • The collection, processing, and utilization of personal data must meet the requirements of the Personal Data Protection Act.
Unit supervisors must pay close attention to the identification and management of confidential and sensitive information. They are responsible for the supervision, implementation, and auditing of unit compliance with information security policies, related laws, and operational regulations. They must also ensure implementation in the units' routine operations and employees’ daily tasks.
  • Unit supervisors must pay close attention to the identification and management of confidential and sensitive information. They are responsible for the supervision, implementation, and auditing of unit compliance with information security policies, related laws, and operational regulations. They must also ensure implementation in the units' routine operations and employees’ daily tasks.
The Company will establish comprehensive reporting and emergency response measures for information security incidents and hold regular information security drills to ensure continuous business operations.
  • The Company will establish comprehensive reporting and emergency response measures for information security incidents and hold regular information security drills to ensure continuous business operations.
All employees will be fully aware of the purpose of the information security policy and their duties.
  • All employees will be fully aware of the purpose of the information security policy and their duties.
• The Company will regularly review the effectiveness of the information security management system.
  • The Company will regularly review the effectiveness of the information security management system.
The Information and Communication Security Policy and related operational regulations will be revised in accordance with changes in business operations, developments in information technology, and risk assessment results.
  • The Information and Communication Security Policy and related operational regulations will be revised in accordance with changes in business operations, developments in information technology, and risk assessment results.
Newsletter

Required

Required

Mailbox format error

Submit

Sending

Shipped Out

Failed to Send

Please check your network and submit again, if it continues to happen, please contact the network administrator!