Annual Report 2025

Sunny Optical Technology (Group) Company Limited • ANNUAL REPORT 2025 102 Corporate Governance Report 企業管治報告 • Risk management review meetings were held regularly by each business segment and department; and • The Group initiated the assessment work of risk management for 2026. Risk Management Policy Framework Effective risk management and internal control systems are critical in achieving the Group’s strategic objectives. The Group has established a risk management policy framework, which was audited and approved by the Board and the Audit Committee, and executed by the Risk Management Group. It authorizes the Group to take a consistent and effective approach applied across the Group to fully manage the risks associated with strategies, financial, operations, market and compliance with the Listing Rules. The following principles and key processes are adopted under the Group’s ERM framework: • 各事業分部和部門定期召開風險管理檢討 會議；及 • 本集團啟動二零二六年風險管理評估工作。 風險管理政策框架 有效的風險管理及內部監控系統對實現本集團 的戰略目標至關重要。本集團已制定風險管理 政策框架，由董事會及審核委員會審核通過， 並由風險管理工作小組執行，授權本集團採用 貫徹一致及有效的方針，充分管理與戰略、財 務、運營、市場及符合上市規則相關的風險。 本集團企業風險管理框架遵循以下原則和主要 流程： Management: take actions (including risk management) to achieve organizational goals 管理層：採取行動（含風險管理）實現組織目標 Internal audit: independent confirmation service 內部審計：獨立的確認服務 Operation department 運營部門 Risk management working group 風險管理工作小組 Audit and supervision department 審計監察部 First-line functions: provide products and services to customers and manage risks 第一線的職能：為客戶提供產品和服務， 管理風險。 S e c o n d - l i n e f u n c t i o n s : p r o v i d e professional knowledge, support and supervision for risk-related matters, and raise reasonable questions. 第二線的職能：為風險相關事務提供專業 知識、支持和監督，並提出合理質疑。 Third-line functions: provide independent and objective confirmation and advice on all matters related to the actual goals. 第三線的職能：對所有與現實目標的相關 事務提供獨立和客觀的確認和建議。 Organizational governance body: It is responsible to stakeholders and assumes supervisory responsibilities. Its specific functions include integrity, leadership and transparency 組織治理機構：對利益相關方負責，承擔監督責任，具體職能有誠信、領導力和透明度 Board of Directors/Audit Committee 董事會╱審核委員會