TDCC's highest decision-making authority is the shareholders' meeting, and the highest execution authority is the board of directors. The organization chart of the Company is as follows:
TDCC established the "risk control committee" and "R&D and rate review committee" under the board of directors to strengthen the board’s management and supervision functions. The Company also formulated the "fund market R&D counseling committee" to foster the development of the fund market and promote the needs of the fund business of TDCC.
To ensure the compliance of business operation of TDCC, we strengthen the concept of rule of law within the organization and establish effective regulatory compliance system structure through advocacy and training. The Company also ensures the compliance of business through procedures as follows:
TDCC has identified six major development goals for its business development in 2017, including: "building up a digital book-entry transfer environment," "focusing on crossborder custody," "promoting e-voting services," "optimizing functions of fund platform," " AML/ CFT Screening Platform" and "committing to social welfare and financial education." With the application of Fintech, we proposed innovative new plans including building the first large online fund platform of FundRich Securities in Taiwan, assisting participants in expanding the market and elevating the efficiency of the country's capital market. In 2017, the overall financial performance of TDCC recorded continuous growth with earnings after tax reaching NT$2.052 billion, representing a significant growth of 45.38% as compared with that of 2016 and profit for the third consecutive year.
TDCC has established a comprehensive risk management organization structure. In addition to the effective operation of risk management system and mechanism through the board's governance and supervision as well as the establishment of the risk control committee under the board for the supervision of risk management matters, the Company also introduced TPIPAS to control the risks in respect of personal information.
ISO 27001 Information and Communication Security Management System Verification
We obtained BS 7799 information security management system certification early in 2004, becoming the 26th institution that passed BS 7799 certification in Taiwan. As ISO introduced ISO 27001:2005 information security management standard based on BS 7799 in 2005, TDCC passed the ISO 27001:2005 information security management standard verification in 2006 immediately, and passed the latest ISO 27001:2013 in 2014 to continue to maintain the effectiveness of the information security verification.
Taiwan Personal Information Protection and Administration System (TPIPAS)
We has introduced the TPIPAS since 2012. We successfully passed the verification conducted by a professional institution and obtained the dp.mark from the Ministry of Economic Affairs. The Company engages a professional institution to conduct verification for TDCC every year to continue to maintain the effectiveness of the dp.mark.
ISO 9001 Quality Management System
TDCC passed the ISO 9002:1994 international quality assurance system verification earliest in February 1999. In order to maintain the operation of the ISO 9001:2000 international quality assurance system, TDCC passed ISO 9001:2000 verification in August 2002; passed ISO 9001:2008 verification in September 2010 and obtained certificates from four countries, including UKAS in England, ANAB in the United States, SAS in the Switzerland and JAS-ANZ in New Zealand and Australia. We passed the latest verification in May 2017 due to the latest announcement of ISO 9001:2015 in May 2017 so as to maintain the effectiveness of the quality system verification.
Internal Control and Auditing System
TDCC formulated the internal control system in accordance with the "Regulations Governing the Establishment of Internal Control Systems by Service Enterprises in Securities and Futures Markets" promulgated by the competent authority. The system was approved by the board of directors, and established the internal auditing office under the board of directors. The Company conducted an audit on the business operated by each department and office, assisted the board of directors and managers in investigating and assessing the internal control system and providing suggestions in due course so as to ensure the continuous and effective implementation of the internal control system.