TDCC's highest decision-making authority is the shareholders' meeting, and the highest execution authority is the board of directors. The organization chart of the Company is as follows.
Board of Directors
The board of directors of TDCC is formed by seven directors, all of whom are juristic persons, on behalf of Taiwan Stock Exchange, Yuanta Securities Finance Co., Ltd. and Fubon Securities Co., Ltd. respectively. There are three supervisors, including one standing supervisor, representing Taiwan Securities Association and Taiwan Futures Exchange, respectively.
According to Article 25 of the Articles of Association of the Company approved by the Financial Supervisory Commission, the remuneration of the directors and supervisors of the Settlement Clearing House shall be determined by the shareholders' meeting. According to the shareholders' meeting resolution, the directors and supervisors will pay a monthly fee of NT$9,000 per person per month. At the end of each year, a new NT$15,000 concession will be issued, and the directors and supervisors will attend each meeting. Every time a person pays a fee of NT$10,000.
TDCC established the "risk control committee" and "R&D and rate review committee" under the board of directors to strengthen the board’s management and supervision functions. Their main functions and responsibilities are listed as follows:
In order to ensure the operations of TDCC & FundRich comply with regulations, we strengthen internal compliance regulations and code of conduct through education and training. TDCC also ensures the compliance of business through procedures as follows:
In 2018, the overall financial performance of TDCC (including its reinvested operations) recorded continuous growth with earnings after tax reaching NT$2.567 billion, representing a significant growth of 25% compared with 2017. The continuous profit growth has demonstrated that we have not only provided stable and sound platforms and systems, but we have also kept up with times by innovating our business development, and achieved excellent business results through team work.
TDCC has established a comprehensive risk management organization structure. In addition to the effective operation of risk management system and mechanism through the board's governance and supervision as well as the establishment of the risk control committee under the board for the supervision of risk management matters, the Company also introduced TPIPAS to control the risks in respect of personal information.
ISO 27001 Information and Communication Security Management System Verification
We evaluated the maturity of the information security governance. Through training, self-evaluation, review on the results of self-evaluation, enhancement in proposals and review on reported items, we hope to refine the maturity review mechanism regarding the information security governance and establish the information security protection capability index. There are a total of 83 examination items concerning the review procedures of the information security governance maturity. TDCC's overall information security activities are completed through such review procedures. We undergo information security management system verification conducted by external audit agency, British Standards Institute (BSI) twice every year and maintain continuous validity of ISO27001 information security certification. Our audit results in 2018 complied with the requirements of BSI standards.
Taiwan Personal Information Protection and Administration System (TPIPAS)
To ensure that the personal information maintained by TDCC is duly protected, the Company has introduced the TPIPAS since 2012. We successfully passed the verification conducted by a professional institution and obtained the dp.mark from the Ministry of Economic Affairs in 2013. The Company engages a professional institution to conduct verification for TDCC every year to continuously maintain the effectiveness of the dp.mark. In 2018, there was no complaint regarding infringement of customer privacy or loss of customer information.
ISO 9001 Quality Management System
TDCC passed the ISO 9002:1994 international quality assurance system verification earliest in February 1999. In order to maintain the operation of the ISO 9001:2000 international quality assurance system, TDCC passed ISO 9001:2000 verification in August 2002; passed ISO 9001:2008 verification in September 2010 and obtained certificates from four countries, including UKAS in England, ANAB in the United States, SAS in the Switzerland and JAS-ANZ in New Zealand and Australia. We passed the latest verification in May 2017 due to the latest announcement of ISO 9001:2015 in May 2017 so as to maintain the effectiveness of the quality system verification. In 2018, we continued to pass ISO information security management system verification, as well as risk identification during ISO 9001 quality management system verification.
Internal Control and Auditing System
TDCC formulated the internal control system in accordance with the "Regulations Governing the Establishment of Internal Control Systems by Service Enterprises in Securities and Futures Markets" promulgated by the competent authority. TDCC established the internal auditing office under the board of directors. The Company conducted an audit on the business operated by each department and office, assisted the board of directors and managers in investigating and assessing the internal control system and providing suggestions in due course so as to ensure the continuous and effective implementation of the internal control system.
FundRich submits documents related to annual audit plan and its implementation to TDCC, whereas TDCC carries out inspection on FundRich at least once every year in accordance with the relevant laws and regulations. FundRich regularly performs internal inspection. Moreover, FundRich regularly submits written reports to various supervisors for review, reports to the board of directors, and completes the self-assessment of various departments and offices.
In August 2018, FundRich prepared the "Anti-Money Laundering and Counter-Terrorism Financing Risk Assessment Report," and submitted the report to the competent authority for reference. In the future, FundRich will examine risk factors and review risk control measures every year in the future before carrying out risk assessment, and regularly updates risk assessment reports to enhance the effectiveness of anti-money laundering and counter-terrorism financing operations.