The compliance system is an important part of internal control and regulations that must be enforced by financial institutions. The system serves an anti-money laundering and counter terrorism financing purpose while deterring other illegal activities. It also prevents key compliance items that endanger the Company’s operations and cause disruption in the financial market. TCFHC implements relevant organizational frameworks, regulations, and rules to equip itself with abilities to address regulatory or environmental changes at any time and supervise its legal compliance status. TCFHC also provides internal training in order to avoid legal risks arising from violation of law and to fulfill a financial institution’s role by protecting customers’ rights.

Compliance Operations

TCFHC has established the “Rules for Implementation of Regulatory Compliance System” according to the “Implementation Rules of Internal Audit and Internal Control System of Financial Holding Companies and Banking Industries” . The “ Legal Compliance Committee ” is also put in place to devise relevant organizational structures, rules and regulations in order to monitor regulatory compliance.

Regarding compliance audits by the FSC and regulators of affiliated business units, all penalties should be reported immediately to the relevant departments to ensure appropriate response and prevent repeat or further losses. TCFHC set up“consistent and real time intercommunications” mechanism, which requires each subsidiary report to the TCFHC’s Legal Compliance Department the full account of inspections on legal compliance and AML/CFT during the entire course from inception of the inspection to completion of the draft if it happens to have financial competent authority to inspect.

Punishment Imposed on TCFHC and Subsidiaries by Financial Competent Authority and Affiliated Business Units in 2022 and Corresponding Improvements

In 2022, TCFHC was not imposed significant penalties or disciplinary measures by competent authorities due to the violation of environmental or social law, or regulations. Yet the remaining punishments as received and related improvements are listed as follows:

Anti-Money Laundering and Combat of Terrorism Financing 

Policies and Systems

In order to properly implement anti-money laundering and combat of terrorism financing, the Company has formulated “TCFHC and Subsidiaries General Anti-Money Laundering and Counter Terrorism Financing Plan.” The content includes indicators of group-level risk appetite, Group’s framework for coherent risk assessment, and Group’s procedures for information sharing. The plan clearly specifies identification, evaluation, and management principles of money laundering and terrorism financing risks to comply with. Each subsidiary has also established relevant policies and procedures for the framework of money laundering and terrorism financing risks assessment. They also regularly conduct comprehensive assessment of such risks and report to the Board of Directors. Risk assessment reports are also submitted to FSC for reference. “The Legal Compliance and AML and CTF Task Force” w a s established at the same time, where the Chief Compliance Officer serves as the convener to take charge of supervising and coordinating the implementation of legal compliance and AML and CTF tasks of respective subsidiaries and submitting the operational status of the task force on a quarterly basis to the Company's Board of Directors.

Each subsidiary also works to optimize each of their information system on anti-money laundering and combat of terrorism financing, with which databases are linked and carefully analyzed and monitored to ensure effectiveness of risk control and management on money laundering and terrorism financing. The content of anti-money laundering and counter terrorism financing regulations for each subsidiary includes but is not limited to the following:

Designated Supervisor and Unit

Each subsidiary company should allocate sufficient AML designated personnel and resources according to its size and risks and appoint one senior management designated by the Board of Directors as the designated supervisor.

Employee Selection and Hiring

Each subsidiary should ensure the establishment of selection of high-quality employees and hiring procedures.

Employee Training Plan

The AML designated personnel and designated supervisors, supervisors at domestic and overseas business units and AML supervisors and personnel should participate in the on-the-job training on AML according to the regulations. The directors, supervisors, presidents, legal compliance personnel, internal audit personnel and sales person should also arrange training and education according to the nature of the business.

Sharing of Information

The Company and the subsidiaries with foreign branches (or subsidiaries) shall formulate information-sharing policies and procedures within the Group in compliance with information confidentiality regulations. Information on the Group's legal compliance, auditing, and anti-money laundering and counter terrorism financing is shared, and security measures are adopted on the use and confidentiality of the exchanged information.

Internal Audit

The internal audit unit of the subsidiary shall conduct risk assessments on anti-money laundering and terrorism financing and formulate a plan to prevent money laundering and counter terrorism financing. The unit shall check whether the audit complies with regulatory requirements, implemented, and the effectiveness of the implementation. Audit opinions shall be provided.

Verify Customer Identity and Conduct Due Diligence

• Using reliable documents and documents from independent sources or data and information on the non-documents to identify and verify the identity of customers (the method of non-documents include compare with other information provided by other financial institutions and conduct a phone interview with the customer within 1 week after opening an account to confirm), in case of proxy, verify authorization of representation.
• For customers who are legal entities, groups or trustees, understand their ownership and control structure, identify the beneficial owner, and adopt reasonable measures to verify.
• When establishing business relationships with high-risk customers or customers with specific high-risk factors, review measures should be reinforced. The process should be approved by the unit’s supervisor before handling and reinforced continuous monitoring should be implemented.
• Conduct ongoing due diligence on the customer and reconfirm the customer identity at specific times.
• In terms of due diligence for non-face-to-face customers, in addition to following the review method for face-to-face customers mentioned above, strengthened control measures should be implemented (such as If there is a name match or an evaluation of high risk during account opening through a remote video teller machine (VTM), the customer should be asked to switch to an in-person account opening. If there are abnormalities when applying digital deposit account opening, identity inspections should be strengthened and continuously monitor whether the account is involved in any illegal activities).

Watch List Filtering

• The Anti-Money Laundering (AML) system conducts watch list filtering of customers and related parties (including representatives, beneficial owners, and senior management), compares and confirms whether they match the following lists:

1. The customer is an individual, a legal person or an organization sanctioned under the Terrorism Financing Prevention Act, or a terrorist or terrorist group identified or investigated by a foreign government or an international organization.
2. Current or former important political officials in the domestic or foreign government or international organization and as well as their family members or close associates.
3. Involving money laundering or other negative news.

• Based on the above assessment results, determine whether to establish business relationships, handle reporting operations, or include customer risk assessments. High-risk customers can only open accounts or establish business relationships after the approval of the unit’s supervisors.

Monitor Accounts and Transactions Continuously

• Establish policies and procedures for account and transaction monitoring based on a risk-based approach and utilize information system to assist in the detection of suspicious money laundering or terrorism financing transactions.
• Once watch-listed transactions that may be money laundering or terrorist financing are identified, the reasonableness of identified watch-listed transactions shall be determined on a case-by-case basis, and records of the inspection shall be retained. The reasons for the exclusion shall be analyzed, or reporting operations should be conducted as soon as possible.

Record Retention

• All business relations and transactions with its customers shall be recorded in hard copy or electronical form and kept for at least 5 years.
• Transaction records maintained must be sufficient to reconstruct individual transactions so as to provide, if necessary, evidence of criminal activity and may be available swiftly to the responsible units.

Reports of Transactions

• Reports of cash transactions above a certain amount.
• Reports of suspected money laundering or terrorism financing.
• Reporting on the properties or property interests and locations of designated sanctioned individuals or entities

Independent Audit Mechanism for the Year

Internal Audit

The Group’s audit unit conducts periodically/irregular audits every year, and has included the implementation of anti-money laundering, counter terrorism financing, and counterproliferation into the annual audit plan to monitor the implementation of the management mechanisms for anti-money laundering and counter terrorism financing. No significant deficiencies were found in the audit in 2022.

1. Verify the effectiveness of the plan for implementing anti-money laundering and counter terrorism financing, as well as whether the relevant regulations comply with the laws and regulations.
2. The methods of the audit include tests for independence, high-risk products, customers, and territory evaluated by the auditee, screening for suspected money laundering/terrorism financing, and verifying regulations that have implemented anti-money laundering and counter terrorism financing effectively.
3. For deficiencies identified during regular financial audits or periodic project audits on anti-money laundering and counter terrorism financing by competent authorities or the audit unit of the Group. The dedicated AML unit supervises the auditees to make improvements, and the follow-up reviews are conducted by the audit unit.
4. If intentional concealment of significant violations is detected and not disclosed, the relevant responsible unit shall handle it appropriately.

External Audit

In addition to regular financial audits or irregular project audits by competent authorities, TCB and TCBF commissioned accountants to conduct annual audits of anti-money laundering and counter terrorism financing mechanisms in compliance with the regulations. Other subsidiaries or those required by competent authorities also commissioned accountants to conduct project audits on anti-money laundering and counter terrorism financing.

Independent audit mechanism for the year

Strengthen AML/CFT Capabilities 

In order to further increase awareness of regulatory framework on anti-money laundering and combat of terrorism financing among employees, relevant educational trainings that TCFHC Group had organized in 2022, had received a total of 45,363 participants with a total training length of 106,495 hours. Additional education trainings on anti-money laundering and combat of terrorism financing for directors, independent directors, senior management, and employees are also held every year with the expectation to raise awareness of legal compliance and professional capability. The Group also encourages employees to obtain the Certified Anti-Money Laundering Specialist (CAMS) and domestic certification for AML/CTF professionals. As of the end of 2022, 6,435 people, or 72.47%, in the Group had obtained such credentials.