China Life has a robust corporate governance framework. Major decision-making and deliberations are carried out at the shareholders’ meetings, including annual dividend distribution, board elections, and revisions to the Articles of Incorporation. The Board of Directors is responsible for review of key decision-making, including operational planning, annual financial reports, and the appointment of top managers.
China Life established four functional committees overseen by the Board of Directors: The Risk Management Committee, the Audit Committee, the Remuneration Committee, and the Committee of Business Integrity and Ethics. These committees raise the effectiveness of the board. At the same time, China Life follows recommendations in the FSC’s Corporate Governance 3.0 – Sustainable Development Roadmap and adheres to the “Taiwan Stock Exchange Corporation Operation Directions for Compliance with the Establishment of Board of Directors by TWSE Listed Companies and the Board’s Exercise of Powers.” In 2019, the Company appointed a chief corporate governance officer that is responsible for providing relevant information to directors and ensuring legal compliance. By helping directors carry out their duties, the officer raises the effectiveness of the board. At the same time the Company maintained insurance coverage for directors, supervisors, and key officers.
Composition of the Board of Directors
At a shareholders’ meeting on May 27th, 2020, the Company elected members of the 21st Board of Directors. Of the nine members of the board (including four independent directors), we had as many as four female directors. Each member has different expertise and experiences, including in the areas of operations, management, finance, accounting, law, statistics, actuary, or insurance. Besides fulfilling the objective of having a diverse, gender equal Board, the directors have abundant practical experiences and professional capabilities, which improves the decision-making quality of the board, strengthens internal inspection mechanisms, and enhances the Company’s corporate values and performance.
Diverse Backgrounds of the Directors
|Name||Title||Gender||Industrial Experience||Professional Background|
|Banking||Stocks and Bonds||Insurance||Other Finance||Law||Accounting||Risk Management||Investment||Actuary||Finance and Banking||Operations and Management||Information Technology|
|Yu Ling Kuo||Chairwoman||Female||●||●||●||●||●||●||●||●||●|
|Tony T.M. Hsu||Director||Male||●||●||●||●||●||●|
|Johnson F.H. Huang||Independent Director||Male||●||●||●||●||●|
|Cheng-Hsien Tsai||Independent Director||Male||●||●||●||●|
|Da-Bai Shen||Independent Director||Male||●||●||●||●||●|
|Ming-Jung Lai||Independent Director||Male||●||●||●||●||●|
Operations of the Board of Directors
The Board of Directors, the highest decision-making body of China Life, prudently guides business strategy and steers the Company direction. To achieve these objectives while advancing corporate governance, the management team regularly attends board meetings to report the Company’s operations. Good communication channels and interaction with the board members ensures that business proceeds smoothly and produces the greatest interests for shareholders.
Board of Directors Performance Reviews
The Board closely monitors the Company’s sustainability performance and fair treatment of customers. In 2019, the Board added two new criteria to its self-assessments: “paying close attention to ESG topics” and “actively seeking to treat customers fairly,” demonstrating a commitment to sustainable operations and development, as well as resolution to uphold the rights and interests of policyholders. These measures further integrate sustainable operations and fair treatment of customers into the fabric of the Company’s corporate culture.
In February 2020, the Company commissioned the Taiwan Corporate Governance Association to evaluate the effectiveness (including performance) of the Board. This third-party organization examined the operational status of the Board and functional committees then provided an objective report.
In order to implement Article 5 of the “Regulations Governing Required Qualifications for Responsible Persons of Insurance Enterprises,” which calls for regular evaluation of the performance of a responsible person holding a concurrent position, in the Board self-assessment we added a review item: “The director does not concurrently hold positions at multiple companies (including director or supervisor positions); if the director does concurrently hold positions, the director shall be subject to the principle that the responsibilities of the principal position and the concurrent position are both effectively discharged without any conflicts of interest or any violation of the respective internal controls of the institutions.”
2020 Performance Review Results of the Board, Functional Committees, and Individual Board Members come as follows:
Results of the Board performance reviews were delivered to the Board in January 2021. To continue advancing the Board’s effectiveness, they will be used as a reference for selecting or nominating future directors, as well as setting the individual remuneration of the Board and functional committee members.
In 2020, China Life’s first-year premium was NT$87.3 billion and total premium income was NT$257.6 billion. We again achieved record profits, with net profit of NT$15.548 billion, for an annual growth of 14%. EPS was NT$3.29, and market value reached NT$105.0 billion. At the end of 2020, total assets were NT$2.22 trillion. During the past six years, total premium income grew by close to 60%, net profits grew by 70%, and total assets grew by over 80%. Despite the turmoil in the global economy, China Life demonstrated strong performance in operations, profit, and asset quality.
China Life is fully committed to building corporate values and sustainable operations on a foundation of ethical management.
Ethical corporate management
To create this type of culture, and thus solidify the Company’s development, we established the “Ethical Corporate Management Best Practice Principles” as primary guidelines. Our “Ethical Corporate Management Conduct Guidelines” and the “Guidelines for Whistleblowing on Illegal, Immoral or Unethical Conduct” provide further support. Stronger ethical management policy execution and clear acceptance of anonymous whistleblower claims contribute towards a resilient whistleblower system that makes the Company’s operations more robust. In 2020, we did not receive any whistleblower reports of unethical operations or notification of incidents that violated our ethical operations, anti-corruption, or conduct standards.
Committee of Ethical Management
The Committee of Ethical Management was established as a functional committee under the Board of Directors to directly oversee the Company’s ethical management. Besides formulating ethical management policy and preventive programs and monitoring implementation, the committee checks and evaluates the effectiveness of preventive measures from the previous year. It assesses compliance of business departments that carry out these processes, regularly holds meetings, and annually reports updates on execution to the Board. In 2020, it convened one time.
Ethical Management Education and Training
China Life uses open pledges, information delivery, education, training, and production of a short legal knowledge promotional video to reinforce our ethical management principles. We build a top-to-bottom ethical management culture that reaches all levels of the Company. The Company’s directors and senior management signed the “statement of ethical management” to exhibit their devotion to ethical management. Meantime, the Company also publishes information related to ethical management on the Company’s official and internal websites for directors’ reference, in order to convey the importance of ethical management. Finally, the Company offers ethical management related education and training as well as online sessions, to set up sound corporate culture that centers around ethical management. In 2020, the Company held three relevant education and training sessions, with the number of trainees reaching 15,027 people, the training hours totaling 17,423 hours, and achieving a complete training rate of 100%.
To strengthen ethical management and legal compliance principles among our agents, in 2020 we began to publicize regulatory messages. Using company-agent communication platforms and push notifications, each week we promoted two regulations that agents must comp. These notifications let agents know the rules and regulations when they are soliciting business or providing services. Our top-down approach ensures that agents adhere to ethical management principles when conducting business as a matter of routine.
The Company’s legal compliance unit provides comprehensive and prompt legal compliance opinions via earlier participation in designing new products and services, allowing planning units to respond in a timely manner. The establishment of legal adjustment and management system has allowed the Company to keep track of legal compliance with changed regulations. Meantime, the Company has conducted testing for legal compliance in order to monitor and improve legal compliance. The relevant education and training sessions as well as publicized information are designed based on the aforementioned results.
Legal Compliance Risk Management Mechanism
China Life builds compliance risk evaluation mechanisms in accordance with the law; the Company conducts annual legal compliance risk evaluations to improve our monitoring and respond to stricter financial oversight trends. Using proactive identification, evaluation, and detection, we monitor business areas or units that are at particularly high risk of non-compliance, formulate plans to reduce risk exposure and residual risks, then report results to the Board of Directors.
Legal Compliance Education and Training
The Company conducts education, training and advocacy programs that target different groups (directors, senior managers, department compliance managers, sales agents, and new employees). Topics include confidentiality obligations, fair treatment of customers, financial consumer protection, personal information protection, the Foreign Account Tax Compliance Act (FATCA), the Common Reporting Standard, due diligence implemented by financial institutions, insurance penalty case studies, and anti-money laundering and counter-terrorist financing.
Implementation of the “Regulations Governing the Implementation of the Common Standard on Reporting and Due Diligence for Financial Institutions” (CRS)
In order to comply with Common Reporting Standards, China Life has required due diligence for all new cases since January 1, 2019. By December 31, 2019, we completed due diligence on all existing high net-worth accounts, and by June 30,, 2020, we completed our first related reporting. By December 31, 2020, we completed due diligence on existing physical accounts and accounts of relatively lower value, in preparation for reporting by June 30, 2021.
Advanced Transition to IFRS 17
To preemptively respond to the changes the IFRS 17 will bring, in August 2019 China Life established a dedicated department overseen by the Company president and that integrates actuarial, finance, accounting, and information technology teams. The new department follows the latest changes to international standards and industrial trends then formulates strategies for products, investments, and management of assets and liabilities, in order to reduce related impacts and smoothly adapt to changes.
IFRS 17 is considered a trigger for digital transformation. From talent training to changing longstanding performance management standards and internal processes, its adoption demonstrates China Life’s commitment to transformation. It represents not only systematic adjustments, but also human and management changes. During implementation, we train employees to understand actuary, accounting, information technology, investment, risk management, and operational skills, turning them into critical assets who will lead the Company's future transformations.
Following international deferment of the effective date of IFRS 17, China Life kept original adoption plans on schedule and continued to carry out transition tasks on schedule. Main work features included the following four items:
China Life places a great emphasis on fostering positive interactions with investors. We built a specialized investor relations department to promote two-way communication channels between the Company and investors. Besides regular analyst meetings, domestic and international investor forums, and investor communication, we maintain an investor relations section on the corporate website to provide access to Chinese- and English-language financial data and information on shareholders’ meetings, analyst meetings, and the latest news.
Facing an ongoing low-interest rate environment and new system's impacts, the main objectives of our product strategies include optimizing product mix and raising the new business value. China Life continues to promote channel transformation while emphasizing talent cultivation, in order to raise both business efficiency and service quality. By strengthening our channel competitiveness, we are prepared to respond to the product-related strategic adjustments of IFRS 17.
Fines and Improvement Measures
China Life’s internal compliance departments gather daily information on the competent authorities’ actions towards violations in the insurance industry then notify relevant departments. We review our internal operations and policies, assess the latest regulator approaches, use these findings to make revisions and prevent a similar violation occurring at the Company. Ongoing analysis of regulators’ interpretations of the “Insurance Act” and other related legal standards ensures that our solicitation, products, after-sales service, protection of employee interests, and other operational procedures are in full compliance with the latest government regulations.
In 2020, the competent authorities issued one disciplinary action to China Life. The Company responded by reviewing our procedures and proposing improvements to controls and management, and we disclosed the incident on our corporate website.
Anti-Money Laundering/Counter-Terrorist Financing
China Life's anti-money laundering and counter-terrorist financing risk management framework is based on five key aspects: corporate governance, system design, control and procedures, risk management, and independent audits. We foster information systems, process management and control, and employees' professional capabilities to integrate anti-money laundering and counter-terrorist financing awareness into the Company's organizational culture. 100% of our anti-money laundering and counter-terrorist financing staff passed certified anti-money laundering specialist (CAMS) certification. A total of 430 certified employees are the foundation of our anti-money laundering and counter-terrorist financing corporate culture.
Following revisions to the “Money Laundering Control Act,” the “Counter Terrorism Financing Act,” or related rules, regulations, and autonomous statutes, the Company convenes meetings to announce key points.
At the same time, we carry out pre-and post-revision legal variance analysis to ensure a timely response.To implement these procedures and improve preventive measures, China Life holds regular reviews to discuss whether internal regulations and procedures are appropriate. We check monitoring patterns and reporting standards to improve the quality of suspicious transaction reports and strengthen crime prevention. These advances reduce defensive reporting. This year, we continued to revise the “Directions and Rules Governing Anti-Money Laundering and Counter-Terrorist Financing” and the “Evaluations of Money Laundering and Terrorist Financing Risk Control Procedures.”
Education and Training
Considering that anti-money laundering and counter-terrorist financing are topics of high concern around the world, the Company continues to strengthen relevant capabilities of directors, senior managers, supervisors and regular employees from dedicated units, and directors and managers of operational units, while raising awareness among general office staff and agents. All staff members must recognize the importance of these issues.
For professional education and training, China Life takes a number of steps to help employees gain more knowledge to carry out their assigned responsibilities. For example, anti-money laundering and counter-terrorist financing specialist staff from key departments attend training events at external organizations. Internally, we carry out regular advocacy and discussions on related regulatory and operational changes as well as practical concerns and cases. In total, we held or participated in 48 training events.
Emerging risk management
After the financial crisis made the financial and insurance industry more aware of the vital role of risk managements, China Life enforced stricter risk management rules as a way of continuing to focus on our operational objectives. The Company’s risk management framework is based on policies made at the highest level of risk management then extended to all related administrative measures, practical enforcement rules, and procedures. Through a management system that adopts internal norms and comprehensive documentation, we implement risk management mechanisms.
In response to the COVID-19 pandemic, China Life formed a pandemic response team at the end of January 2020. Through careful planning, oversight, and coordination, we introduced a series of response measures that ensure uninterrupted operations. Besides disinfecting the workplace, managing employees’ health, reporting health incidents, and introducing off-site offices and work from home measures, we created a contingency plan to facilitate ongoing operations. We also simulate the potential scenario when facing lockdowns in Taipei, New Taipei or Taichung, in order to continue the services. In the event of a work from home order, the plans serve as a reference for handling investment transactions, policyholder services, policy procedures, business solicitation, internal administration, internal controls, legal compliance, or risk management. Ensuring the capacity for uninterrupted policyholder services and operations reduces the impact of any potential disruptions.
Policies and management measures
Risk Management Organization
The Risk Management Committee was established as a functional committee under the Board of Directors. It manages risks for the Board, self-risk, the chief risk officer, risk management departments, auditing departments, and all operational departments. By advocating a top-down approach to risk management culture and concepts, China Life enables information to flow from the bottom to the top of the Company, creating a comprehensive net for capturing risk wherever it appears. This leads to effective risk management throughout the Company.
China Life also established a dedicated Risk Management Department to act as the core of our risk management efforts, extend risk management requirements and results to each operational unit of the Company, and ensure fulfillment of risk management objectives. The department manages the scope and enforcement of risk measurement models and risk monitoring systems. It provides risk information to support management in making responses and decisions related to risk avoidance, risk transfer or hedging, risk control, assumption of risk, and capital requirements. Close interaction between the department and all departments that undertake risk (operational units) supports risk identification and control planning. The department aims to be the first line of risk management, in order to fulfill preventive and warning objectives.
Risk Management Policies
China Life establishes regular reviews and revises risk management policies to ensure the highest risk management guidance standard throughout the Company. These policies clearly represent our risk management goals and strategies, as well as our organization, duties, evaluation of capital adequacy, risk appetite and risk limits. Meanwhile, our major risk types and their management processes follow international trends in enterprise risk management, namely Enterprise Risk Management (ERM) while building a foundation for practical implementation and scope.
Risk Identification and Responses
|Market Risk||We manage risks related to interest rates, exchange rates, and securities prices according to China Life’s “Market Risk Management Regulations.” Mechanisms include position and quota control, sensitivity analysis, stress tests, and value at risk.|
|Credit Risk||We manage credit risks for bond issuers and counterparties according to China Life’s “Credit Risk Management Regulations.” Mechanisms include a list of qualified issuers and counterparties; internal management of credit rating and transaction limits; credit rating analysis and tracking; concentration of geographic location and industry; stress tests; expected credit loss; and credit value at risk. Since 2016, in consideration of the special risk of subordinate debt, we have added a minimum credit rating requirement, risk limitations by credit ratings, and a maximum position of subordinated debt to credit-based risk amount.|
|Liquidity Risk||We manage financial and market liquidity risks according to China Life’s “Liquidity Risk Management Regulations.” Relative mechanisms include using cash flow models to analyze capital flow risks and stress tests.|
|Operational Risk||Based on the “Insurance Industry Risk Management Best Practice Principles” and the Basel Accord’s operational risk categories, we determined seven major operational risk and loss categories that we use to identify risk and serve as a foundation for operational risk management information. Using a combination of three primary operational risk management tools: risk control self-assessment (RCSA), key risk indicators (KRI), and loss data collection (LCD), as well as qualitative and quantitative risk identification and weighing mechanisms, we built a comprehensive operational risk management database that enables us to monitor and manage the Company’s overall operational risk status.
In response to the pandemic’s global impact and to strengthening business continuity management mechanisms, all departments in the Company include operational interruptions among their risk control and self-assessment (RCSA) monitoring items to continue to monitor related risks. We established a disease prevention task force, held off-site work and work from home drills, and formulated backup plans that raise our response capabilities to keep operations uninterrupted while mitigating the impact of any interruptions that do occur. In addition, to strengthen key risk indicator monitoring mechanisms, in 2020 we examined the past five years of data measurement results then used statistical analysis to formulate key risk indicator thresholds that we use as reference points.
|ESG Risk and Other Emerging Risks||In 2021, China Life plans to incorporate ESG risk and other emerging risks (such as climate change risk, urbanization risk, and health problem risk) into risk management procedures. At the same time, the Company will continue to add to and revise business continuity management (BCM) regulations and methods. Since the competent authorities include climate change in stress testing, and considering that the greatest climate risk Taiwan faces are typhoons, China Life included typhoon-related losses in the Company’s assessment standards. As the climate changes, China Life monitors whether the Company’s assumption of risk is sufficient.
The Company regularly tracks and evaluates various experience rates of policyholders. In response to Taiwan’s ageing society, low birth rate, exercise popularity, and product customization for specific groups, China Life develops innovative products that match demand. For example, it developed microinsurance, small-amount life insurance, policies with health spillover effects, small-amount life insurance customized for people with disabilities, and other policies with ESG value.
Information Security and Personal Asset Protection
China Life established the Information Security Department to serve as the Company’s dedicated information security unit. The department expands the scope of our information security management system and creates a framework to manage related control procedures and self-assessments throughout the Company. At the same time, it monitors and measures the effectiveness of information security internal controls. The Company passed the ISO 27001 information security management system certification in 2016, built and strengthened an information security control system management framework in 2019, completed testing procedures for information security assessments on our Category 1 and 3 computer systems in 2020, and continued to pass the ISO 27001 information security annual third-party assessment and certification.
The Company has also created the Information Security Policy for use in all service lines. In addition, the Information Security Committee has been established to review the policy annually, and it convenes semiannually to review information security management implementation, the status of motions previously raised by the committee, internal and external information security topics, and modifications to the information security management system. In 2020, the Company reviewed work implementation status and planned tasks to carry out in 2021. At the same time, it commissioned external experts to evaluate control procedures relating to the “Regulations Governing Implementation of Internal Control and Auditing System of Insurance Enterprises.”
Information Security Management System
China Life’s information security management system operates according to ISO 27001 standards and uses the Plan-Do-Check-Act cycle (PDCA) as both a foundation and a tool for maintenance and improvement.
Information Security Insurance
The Company purchased information security insurance to lower the legal and financial burden of damages that could be claimed from customers for cyber incidents. Transferring the potential losses from these risks lowers the possible impact to our reputation from such an incident.
Evaluations of Computer System’s Cyber Security
To ensure the Company's information security defense, we use a variety of testing procedures to uncover cyber security’s threats and weaknesses. We then use technology and management control measures to improve our defense capabilities.
China Life follows the “Computer System Information Security Evaluation Planning.” In 2020, we carried out various Category 1 and 3 computer system information security assessment testing items. We issue “Computer System Information Security Assessment Reports” to regularly find and track improvements and to review the status of preventive mechanisms.
Assessments such as these strengthen the Company’s network frameworks and overall information security. They reduce the risk of wrongful disclosure, alteration or seizure of internal information.
Statement on Information Security Implementation Status
In order to comply with the “Regulations Governing Implementation of Internal Control and Auditing System of Insurance Enterprises,” and to emphasize the value that senior management places on information security, the Company carries out execution evaluations. The evaluation reports are intended to help senior managers understand current compliance status and release corresponding statements.
Information Security Drills and Training
In response to ever-changing external attacks and to reduce the risk of interruption of information availability due to sudden calamities or irregularities, China Life established information security defense mechanisms. External experts carry out penetration testing to demonstrate the effectiveness and response capabilities of our defenses. Annual drills show our response strategies and management plans, thus ensuring continuity of information operational systems.
In addition, the Company’s employees undergo information security education, training, and receive advocacy in accordance with practical standards to advance related knowledge. General employees receive three hours of online information security education and training and must complete tests to demonstrate their knowledge and awareness. Information security staff complete at least 15 hours of education and training each year through a combination of privately arranged sessions, domestic courses and symposiums, and international training. In 2020, 100% of our staff passed information security tests.
Information Security Joint Defense
To respond to the growing need for information security and expanded sources of information intelligence, the Company participates in a joint defense group. Using resources from multiple companies strengthens the depth and breadth of information intelligence analysis, supporting comprehensive warnings and defense recommendations that are faster and more accurate. When a major information security incident occurs, multiple institutions will be affected. Under these circumstances, the joint defense group enhances systematic risk control, enables cross-institutional or cross-field reporting and responses, and supports organizations that help to manage the incident. The aforementioned advantages mitigate damage and losses. The Company also joined the information security intelligence analysis platform operated by the Financial Information Sharing and Analysis Center and established financial information security incident monitoring and response mechanisms together with our parent financial holding company and affiliated subsidiary companies.
Information Security Incident Responses and Management Mechanism
Reporting of information security incidents is handled according to the China Life information incident management methods. Whenever employees or anyone who does business with the Company, including contractors, full-time employees, or temporary employees, discover an information system or vulnerability that violates our information security policies or relevant standards, or when they face external threats, they shall remain alert and report the incident in accordance with standard procedures. When an incident that could impact personal information occurs, it shall be handled based on the internal Personal Information Incident Response, Reporting, and Prevention Management Methods. After incident handling is complete, the department supervisor responsible for the related systems or business shall make necessary improvements and preserve records of the event. The objective shall be to prevent recurrence. In 2020, China Life did not have any major information security incidents.
Personal Information Protection Organizational Framework
China Life cautiously handles the personal information of shareholders at every stage of operations. To strengthen the operational efficiency of our personal information security maintenance mechanisms and to integrate related management resources, we established the Personal Information Protection Management Committee. Convened by the Company’s president, the committee promotes, manages, and oversees our PIMS. It meets semiannually to discuss personal information protection, technical developments, management system oversight and review, and handling of related incidents. Each committee member is briefed on the overall state of personal information protection at the Company.
Personal Information Management System
In 2017, China Life integrated BS 10012:2017 into our PIMS, and each year we acquire third-party certification. We follow best practices and the plan-do-check-act management model, which ingrains personal information protection into routine tasks, making it part of our corporate culture. To further enhance management of personal information protection and information security while acting in line with international standards and trends, we expanded certification scope in 2020 to include all units of the head office and branch offices. We also completed an applicability assessment for the General Data Protection Regulation (GDPR), which is an EU standard. In 2020, we did not have any intentional violations of customers’ personal privacy or losses of customers’ personal information.
In preparation for expanding the certification scope to include all Company units, we held 16 personal information protection education and training sessions on a diverse range of topics that covered both standards and practical matters. We also invited external consultants to provide support in 78 sessions totaling 163 hours. Together, these initiatives represented a large human resources commitment by the Company. In 2020, the head office and all branch offices passed BS 10012 certification.
Personal Information Protection Education and Training
To continue to make employees more aware of their personal information protection responsibilities and to strengthen continuity of related management mechanisms, the Company promotes related concepts both internally and externally while also holding practical education and training. In 2020, we held personal information protection awareness classes, in which the participation and passing rates were both 100%. In addition, after considering the day-to-day personal information protection needs of each department, we held eight in-person courses and eight online courses. Agents and other staff used these opportunities to strengthen and maintain their personal information protection management capabilities.
The Company’s personal information protection education and training efforts also included training 12 employees to become lead auditors for BS10012:2017, bringing the total number of certified employees to 34. To strengthen interaction with external experts, for four consecutive years the Company invited external experts to visit and share related information. In 2020, they focused on corporate information security and personal information protection response measures during a pandemic, in order to help keep information safe as the Covid-19 pandemic raged.
Interactive Meeting for Personal Information Protection System Representatives
To manage PIMS, the Personal Information Protection Management Committee convenes semiannually and all of the Company’s personal information protection system representatives meet annually to discuss expectations and recommendations of stakeholders for PIMS-related issues. In 2020, as staff shared personal information protection system feedback and opinions, new employees became more aware of related issues. Additional efforts to improve education and training materials and content raised overall practices and results.