Risk Management

FEDS has set up an appropriate risk management system to ensure the Company can actively engage in various business developments under the risk management system and reduce the impact on consumers and the society. Through regular analysis and assessments of the risks of business activities and work execution, FEDS actively takes measures to prevent the occurrence of risks, develop measures to minimize the impact of risk, and prevent their recurrence. The scope of the risk management is not limited to the internal management system, but also the impact of external changes on the business. Systemic risks are categorized to research the commonality. Non-systematic risks that may occur under specific conditions require comprehensive risk management and response measures.

FEDS has a sound risk management mechanism to identify operational risks over a long term, and has functional committees and responsible departments to manage and respond to risks, and to formulate management regulations to control risks. Under the trend of digital technology, the audit office uses 3 sets of audit digital information systems to assess the potential risks of self-assessment operations of each unit’s self-assessment team, and formulates and implements a risk-based annual audit plan. In 2023, 90 plans were carried out, an increase of 8% in quantity, and audit results and objective recommendations were provided to help the Company prevent risks and operate steadily.

Systemic and Non-systemic Risk Management and Response

The responsible unit or cross-departmental functional organization conducts comprehensive risk management and response for each risk type based on the causes of “systemic risk” and “non-systemic risk”. To ensure that our businesses are carried out under a sound risk management system and to reduce the impact on the socioeconomic environment, FEDS regularly analyzes and evaluates its business activities and operational risks, takes precaution measures to prevent risks from occurring, minimize the impact of risks, and prevent recurrence.


Risk Management Mechanism
  1. Risk Identification:Risk types are identified based on the changes of the environment.
  2. Risk Assessment:Assess the possible impact of various types of risks on the Company’s operations.
  3. Strategy:The responsible unit develops counter-measures, and conduct required education and training to minimize risks.
  4. Improvement:Review regularly every year, dynamically adjust actions, and establish a complete risk early warning and management mechanism.

Professional auditing and risk management enhancement

Audit Office

Professional Auditing and Risk Management Enhancement

Risk Type

Commodity and Food Safety Risk

  • Timely inspect the labels and expiry dates of the products displayed in stores, check the liability insurance of catering vendors, as well as the quality and safety of food in restaurants and supermarkets in accordance with the latest regulations and current issues.

Shopping Mall Operational Risk

  • Ensure operation of stores, check fire shelter equipment, AED equipment, fire safety operations in kitchens of catering vendors, and inspect work operations such as renovation of the mall, to provide a safe and comfortable shopping environment.
  • Draw up and monitor branch self-operated cosmetics, supermarket self-operated inventory, giveaway inventory, fixed assets, material management, etc. to reduce the risk of loss of operating assets.
  • Sampling inspection of the invoicing, counter sales entry, one counter with multiple application for reimbursement project, deduction of contract fees, in order to comply with business integrity and ensure revenue recognition.

Human Resource Management Risk

  • Verify the correctness of attendance, number of employees, leave applications and outgoing management to comply with laws and regulations as well as the principle of fairness.
  • Randomly check the actual attendance of the outsourced cleaning personnel, the implementation of on-site cleaning, the setting and installation of cleaning equipment, etc., so as to meet the requirements in the contract and ensure the cleaning quality of the outsourced personnel.

Procurement Acceptance Payment Management Risk

  • Supervise and review the procurement price negotiation of new stores and branches, review the reasonableness of the unit price of the in-process and post-construction revised work items of the stores and counter adjustment project, etc., and ensure the acceptance documents must meet the payment requirements.
  • Randomly check the authenticity of the quoted manufacturer’s business information, supplier maintenance management, and capital expenditure acceptance inspection to ensure the construction quality of the supplier and FEDS’s asset safety.
  • In 2023, FEDS and its subsidiaries had 8,553 cases related to supervision of procurement price negotiation, and review of acceptance inspection and payment.

Information Security Management Risk

  • Supervise the procurement, acceptance inspection and payment of information software and hardware as well as FEDS App, and assist in reviewing information device disposal operations.
  • Check network firewall and security monitoring management, and strengthen network security and information security protection.
  • Check the security management of the head office’s database and the Web API security protection of the FEDS APP in order to prevent members’ personal data from being stolen, altered, damaged, lost or leaked.

Legal Compliance Risk

  • Execute the annual audit plan and the internal audit reporting operations in accordance with the regulations of the competent authorities.
  • Plan to revise the internal control system and internal audit implementation rules in response to digital management.
  • Regularly compile the changes in laws and letters every month, and conduct inspections in accordance with the latest regulations in due course.

Financial Management Risk

  • Remind and advise the financial management unit to comply with the requirements of the competent authorities in due course.
  • Timely reminded subsidiaries of financial management-related procedures in accordance with regulations of the competent authorities.
  • Perform audits of finance and accounting operations in accordance with laws and regulations, including capital loans, endorsement guarantees, acquisition and disposal of assets, related party transactions, financial statement preparation process, stock affairs, budget management, prevention of insider trading, derivative financial instruments, and operation management of functional committees.
  • Cooperate with the finance and accounting unit in the execution and supervision of marketable securities, spot check of head office seal management, branch financial working capital, gift (commodity) certificates management, treasury access control and foreign currency exchange operations.

Subsidiary Supervision Risk

  • Supervise and manage the financial and business information of subsidiaries in accordance with laws and regulations, and compile the quarterly analysis report on supervision of subsidiaries on a quarterly basis.
  • Oversee the annual audit plan of the subsidiaries, City’Super and The Mall, and check their operation, inventory, logistics management, contract payment, catering and food safety, system account control, computer room environment management, coupon management, accounting management and other operations.
  • Cooperate with the audit and supervision of the FEDS and revise the internal control system of its subsidiaries according to the plan.

Financial Risk Management Team Monitors the Changes in Capital and Money Markets

Financial Risk Management

The systemic risks faced by financial management include political, economic or social factors, such as: cross-strait relations, economic fluctuations, inflation, government policy orientation, etc., result in financial market fluctuations. In early 2023, the price and volume performance of the financial market and the change of the Company’s cash flow were affected due to the interest rate raised by the central bank for the fifth time, the normalization of the Covid-19 epidemic, the strengthening of capital adequacy ratio control by financial institutions and the withdrawal of post-epidemic subsidy measures. FEDS closely monitored the trends in the financial market. The risk management team held regular weekly meetings to review changes in the value of assets and liabilities and adjusted the operating cash flow adequacy ratio in a timely manner, so as to reduce the systemic risk impact on the Company’s finance.

Legal risk Management Team Implements Zero Violations

FEDS has been paying attention to the revisions and changes of various laws and regulations over the long term to reduce the impact of systemic legal risks, and has formulated the direction of promoting compliance with laws and regulations through the three aspects of “establishing system, implementing management, and educating employees” to avoid the occurrence of systemic legal risks. Regarding the operations, processes, products, services and other details of the department store operations, FEDS has formulated relevant measures to strictly comply with government laws and regulations, and its responsible units shall implement the management actions. Education and training have also been organized to enhance employees’ understanding of legal compliance, reduce the risks and liabilities of the Company for violation of laws and regulations, and avoid unnecessary financial losses and loss of goodwill.

Legal Risk Management

The Information Security Committee Identifies the Sources of Trade Secret Risks

Information Security Risk

In accordance with the “Regulations Governing Establishment of Internal Control Systems by Public Companies”, FEDS has a Chief Information Security Officer, an information security team, an Information Security Director, and two dedicated personnel responsible for information security. In 2023, the inventory of information assets, personal data and risk assessment operations have been completed, and relevant protection measures have been taken for projects with medium and high risk, such as: upgrading the relevant hardware and software, revising the management system, etc., so as to reduce the risk of information security and personal data in ESG corporate governance. What’s more, due to the occurrence of information security incidents in the peers in recent years, FEDS continues to review its internal core system to adjust the system structure and upgrade the information security protection in order to resist external intrusions, reduce the risk of operation interruption and data leakage.

The Personal Data Management Committee Maintains Personal Data Management

FEDS’s Personal Data Management Committee reviews the use and storage of personal data by various units within the Company to ensure that all personal data is properly protected and managed to comply with the “Personal Data Protection Act”. FEDS has formulated a personal data protection management policy in 2020. What’s more, it has completed personal data inventory and risk identification operations in 2023. According to the Personal Data Protection Act and the regulations of the competent authorities, the security maintenance plan of personal data files has been formulated for the personal data related business of each unit, and the personal data of consumers, manufacturers and employees accessible to each unit are managed with a unified standard.

Personal Information Risk