esg-governance-risk-management-control

Risk management system

The Company strictly complies with relevant domestic and overseas laws and regulations, and has issued relevant system documents such as the Internal Control Management Policy, Compliance Management Policy, and Code of Business Conduct. We continued our endeavors to improve the “three lines of defense” of compliance risk management, and saw to it that the responsibilities of all departments at all levels are clearly defined to ensure the Company’s stable and compliant operations.

First line of defense
- Business departments As the primary bodies responsible for risk management in their respective domains, business departments are tasked with controlling risks in business operations.
Second line of defense
- Risk Control Management Department and other related departments Those departments are responsible for building and optimizing the Group’s risk control and management system. They put forward methods and tools to facilitate and oversee effective risk management work in various businesses.
Third line of defense
- Audit and Supervision Center The Center is responsible for independent assessments of the effectiveness of business risk management, as well as investigation into fraud and implementation of accountability measures.

Compliance management

LONGi has built the compliance management system and carried forward the certification projects in line with the ISO 37301: 2021 Compliance Management Systems - Requirements and Guidance. The Company managed to identify and assess business risks involving around 14 compliance issues including but not limited to labor employment, anti-monopoly, and anti-bribery. And the company is developing targeted measures to address the risks identified, embedding compliance risk management into daily operations and management. As of the end of the Reporting Period, the Company’s ISO 37301 Compliance Management System certification remained valid. Over the past two years, the Company has passed multiple compliance audits conducted by third-party external audit institutions

Chief Compliance Officer
- Assumed by the Vice President, responsible for leading the Group’s compliance risk management efforts
Risk Control and Management Department
- As the coordinator of the Company’s compliance management, the Department assists the Chief Compliance Officer in organizing, coordinating, and overseeing compliance risk management efforts.
Compliance Risk Control Owner (RCO)
- The RCOs are tasked with overall management and capacity building of compliance risk management, responsible for the overall results of compliance risk management and control.
Risk Control Joint Meeting
- As the integrated platform for compliance discussions and decision-making within the Company, the Risk Control Joint Meeting is responsible for formulating, implementing, and supervising corporate compliance policies and measures, ensuring consistent and effective compliance risk management across departments.
Business Compliance Officer
- Responsible for assisting the heads of business units in managing compliance risks specific to their respective units.

Business Ethics Audits

Internal and external audits are conducted on a scheduled basis to drive business units and internal control departments to improve their management.

100 %

Percentage of operational sites that underwent business ethics risk assessment

45 items

Number of business ethics audit projects

Risk Management and Control

Risk management system

LONGi’s Compliance Management Structure