1.

1.1 Company Introduction

1.2 Reporting Entity

1.3 Statement of Compliance

1.4 Date and Procedures for Approval of the Sustainability Information Section

1.5 Application of Exemptions

2.

2.1 Role of the Governing Body in Overseeing Sustainability-Related Risks and Opportunities

3.

3.1 Sustainability-Related Risks and Opportunities

  3.1.2 Sustainability-related Risks and Opportunities Reasonably Expected to Affect the Company’s Outlook, and Their Potential   Impacts on the Business Model and Value Chain

10

3.2 Impacts of Sustainability-Related Risks and Opportunities on Strategy and Decision-making

16

  3.2.1 Sustainability Plan and Climate Transition Plan

  3.2.2 Financial Impact of Sustainability-Related Risks and Opportunities

3.3 Resilience Assessment

  3.3.1 Climate-Related Scenario Analysis and Assessment

  3.3.2 Resilience Assessment for Non-Climate Sustainability-related Risks

4.

4.1 Processes and Policies for Identifying, Assessing, Prioritizing, and Monitoring Sustainability-Related Risks

  4.1.1 Input Data Sources and Parameters for Sustainability-Related Risks and Opportunities

  4.1.2 Assessment Methods for the Nature, Likelihood, and Impact of Sustainability-Related Risks and Opportunities

33

  4.1.3 Prioritization of Sustainability-Related Risks and Opportunities and the Methodology

  4.1.4 Mechanisms for Monitoring Sustainability-Related Risks and Opportunities

5.

5.1 Disclosure of Established Sustainability-Related Metrics and Targets

  5.1.1 Greenhouse Gas–related Targets and Metrics

  5.1.2 Cross-Industry Climate-Related Indicators

  5.1.3 Internal Carbon Pricing

  5.1.4 Remuneration

Introduction

Company Introduction

Reporting Entity

Statement of Compliance

Date and Procedures for Approval of the Sustainability Information Section

Board of Directors of Chunghwa Telecom:

Board-Level

Sustainable Development and Strategy Committee:

Risk Management Committee:

Audit Committee:

Compensation Committee:

Nomination Committee:

Management-Level

Sustainable Development Promotion Committee:

Risk Management Steering Committee:

Directors

Name

Sustainable

Development (ESG)

Audit / Risk

Management

Strategies

Sustainability-Related Risks and Opportunities

Procedures

Step 1

Consolidation of Group Sustainability-related Topics

Through ongoing operational activities and continuous engagement and communication with stakeholders, the Group identifies sustainability-related topics by integrating its sustainability development framework with global sustainability disclosure standards, thereby recognizing sustainability-related risks and opportunities.

The primary bases and sources of analysis include:

Step 2

Identifying the Potential Impacts of Sustainability-related Risks and Opportunities on Current and Expected Financial Performance

Step 3

Establishing Sustainability-related Metrics and Targets

Time Horizons: Definitions and Linkage to Strategic Planning Timelines

Short-

term

Long-
term  

Current and Expected Impacts on

the Business Model and Value

Chain

Affected Positions within the

Value Chain

Expected Time Horizon of

Major Impacts

 Short- 

term 
 (2026) 

Medium -

term 
(2027–2031) 

Long-

term 
(after

2032)

Current Situation

By leveraging the Internet of Things (IoT) to enhance disaster early warning, energy management, and remote maintenance capabilities, the Group assists enterprises in addressing challenges posed by climate change. Promoting smart service applications for disaster prevention can expand business scope and increase operational revenue.

Expected Situation

Current and Expected Impacts on

the Business Model and Value

Chain

Affected Positions within the

Value Chain

Expected Time Horizon of

Major Impacts

 Short- 

term 
 (2026) 

Medium -

term 
(2027–2031) 

Long-

term 
(after

2032)

Current Situation

The Group’s guideline focuses on reducing electricity cost and ensuring business stability:

Expected Situation

Current and Expected Impacts on

the Business Model and Value

Chain

Affected Positions within the

Value Chain

Expected Time Horizon of

Major Impacts

 Short- 

term 
 (2026) 

Medium -

term 
(2027–2031) 

Long-

term 
(after

2032)

Climate-Related

Risks — Transition  Risks   

Increased compliance costs in response to the government’s 2050 net-zero emissions policy

The telecommunications industry’s service operations rely heavily on electricity consumption and therefore generate substantial GHG emissions. In response to global net-zero decarbonization trends and relevant regulatory policies of regulatory authorities, telecommunications operators may be required to incur additional operating costs, expenses, or capital expenditures related to intellectual capital and manufactured capital investments.

Current Situation

In response to the government’s 2050 net-zero emissions policy, the Group has proactively planned its decarbonization pathway and established a target to achieve net-zero emissions by 2045. Implementation actions—such as the replacement of energy-intensive equipment, deployment of energy management systems, procurement of renewable energy, and the purchase of carbon credits—are expected to increase compliance costs.

Expected Situation

In order to achieve 100% renewable energy usage by 2040 (RE100) and 100% electrification of engineering and corporate fleet vehicles by 2030 (EV100), higher long-term procurement costs are anticipated.

Current and Expected Impacts on

the Business Model and Value

Chain

Affected Positions within the

Value Chain

Expected Time Horizon of

Major Impacts

 Short- 

term 
 (2026) 

Medium -

term 
(2027–2031) 

Long-

term 
(after

2032)

Power and network disruptions and abnormal outages of critical information systems or cloud data center infrastructure caused by major natural disasters, external environmental changes, or multi-hazard events

Chunghwa Telecom owns extensive equipment and infrastructure classified as manufactured capital (including but not limited to base stations and data centers) and continuously utilizes such capital to provide essential telecommunications services to society. When exposed to significant external events (including but not limited to strong winds, heavy rainfall, and earthquakes), such manufactured capital may be impaired. These events may also adversely affect Chunghwa Telecom’s social capital, including customer relationships and brand reputation.

Current Situation

•  Malfunctions of critical network equipment may disrupt voice and broadband internet services.

•  Instability or operational failures in IDC and cloud data center facilities.

•  Inability to resolve outages in critical information systems.

These issues may result in shortfalls in operating revenue and require additional capital expenditures for restoration and reconstruction.

Expected Situation

Taiwan is located in a region highly susceptible to natural disasters, and various telecommunications network infrastructures are prone to damage. When large-scale disasters strike affected areas, communications services may be severely disrupted, leading to interruptions in customer communications and emergency reporting, and potentially creating “communication islands.” Such incidents would significantly impair disaster response efforts, endanger life and property, and result in substantial revenue losses for the Company.

Current and Expected Impacts on

the Business Model and Value

Chain

Affected Positions within the

Value Chain

Expected Time Horizon of

Major Impacts

 Short- 

term 
 (2026) 

Medium -

term 
(2027–2031) 

Long-

term 
(after

2032)

The occurrence of major cybersecurity incidents, leakage or improper use of personal data resulting in administrative penalties imposed by regulatory authorities or operational losses

During the provision of telecommunications services, operators inevitably process and access customer information, thereby accumulating substantial social and relationship capital. In the event of a cybersecurity incident or a cyberattack, the company may suffer reputational damage and regulatory penalties, which could negatively impact both its intellectual capital and its social and relationship capital.

Current Situation

Due to hacker attacks, major cybersecurity incidents, personal data leakage or improper use may occur, potentially resulting in regulatory sanctions or operational losses, including:

•  Shortfalls in operating revenue

•  Administrative penalties imposed by government authorities

•  Legal claims and compensation arising from litigation

•  Customer remediation and compensation costs

Expected Situation

With cyberattacks and personal data breaches occurring frequently worldwide, a successful hacker attack could lead to service disruptions, theft of customers’ personal data or confidential information, and financial transaction issues. Such incidents would severely impact the Group’s reputation and result in significant financial losses.

Impacts of Sustainability-Related Risks and Opportunities on Strategy and Decision-making

Sustainability Plan and Climate Transition Plan

1. Actively Introducing Advanced Technologies to Enhance Data Center Energy Efficiency:

2. Through these initiatives, the IDC achieved a PUE of approximately 1.587 in 2025, meeting the annual target and improving from 1.61 in 2024.

The Group joined the RE100 initiative in 2023, committing to achieve 100% renewable energy usage across all operations by 2040. In 2025, renewable energy procurement and self-generated power reached 88.679 million kWh (Note 1), including the following:

The Group officially joined the EV100 initiative in 2024, committing to achieve 100% electrification of engineering and official vehicles by 2030:

In 2025, the Group made an investment of hundreds of millions NTD to construct and procure energy-efficient equipment, including energy-saving measures for power systems, air conditioning, switching equipment, transmission equipment, access networks, and mobile devices. Compared to 2024, the replacement of outdated, energy-consuming equipment resulted in an overall electricity reduction of 44.3 million kWh (Note 1) and cost savings of approximately NT$ 186 million (based on an average rate of NT$4.19 per kWh).

Regarding the electricity consumption data for 2025, where certain activity data could not be obtained due to data availability constraints, the Group applied reasonably obtainable and supportable information available as of the reporting date (including, where necessary, estimates based on prior-period data) to perform estimations. However, the emissions data derived from such estimations involve a high degree of uncertainty and may be subject to material revisions upon the availability of updated information in the subsequent year.

Key Assumptions: Referring to the IEA NZE scenario, it is assumed that the global energy sector will achieve net-zero CO2 emissions by 2050 and will have deployed a broad portfolio of clean energy technologies.

Elements: Assumptions include factors such as the cost of green electricity, maturity of carbon capture technologies, renewable energy market conditions, existing infrastructure, and government policies, which align with the Group’s transition strategies of “Technology-driven Decarbonization” and “Use of Renewable Energy.”

Conditions: Under the SBTi (telecommunications sector) emission reduction plan, assuming the business model and value chain remain unchanged, the Group commits to achieving net-zero emissions by 2045, in line with the IPCC’s global 1.5°C warming limit pathway.

Sustainability-Related Opportunities – Digital Resilience

To meet the digital resilience requirements of government and corporate clients, the Group provides solutions encompassing network, system, and cybersecurity resilience

The Group is committed to assisting government and enterprise customers in building a sustainable operational environment and meeting their digital resilience needs. To serve as a solid backbone for digital transformation, the Group actively invests in the research, development, and deployment of digital resilience solutions, including:

The Group aspires to become a co-creator within the digital ecosystem by providing customers with comprehensive digital resilience solutions encompassing networks, systems, and cybersecurity. To this end, the Group has established the following product development objectives:

The Group will continue investing in the development of digital resilience products and services, including identity management, enterprise cybersecurity, Zero Trust security, IDC data center construction, hybrid cloud and on-premises backup, cross-border cloud encrypted data-splitting backup mechanism, satellite spectrum deployment, and integrated satellite services.

All related product development has been completed, and further efforts will focus on continuously enhancing product functionality and expanding adoption among enterprise clients. The Group aims for compound annual growth rate (CAGR) of 6~10% in revenue from “multi-dimensional network, system, and cybersecurity resilience services” from 2025 to 2030.

Sustainability-Related Risk – Digital Resilience

Power and network disruptions and abnormal outages of critical information systems or cloud data center infrastructure caused by major natural disasters, external environmental changes, or multi-hazard events

To strengthen disaster response mechanisms, the Company has established the Natural Disaster Protection Operational Procedures, the Natural Disaster Emergency Response and Repair Operational Guidelines, the Information Systems Disaster Emergency Response and Repair Operational Guidelines, and the Information and Communications System Business Continuity Management Guidelines. These procedures apply to major disasters, including natural disasters, fires, explosions, and terrorist attacks, which may cause severe damage to communication network equipment and information and communications systems, and are designed to ensure emergency communication response in affected areas.

To prevent the escalation of disaster-related damage, measures have been strengthened, including the deployment of multi-routing repeater transmission in remote areas, wireless routing backups, increased backup power capacity, and backups in both international and domestic submarine cable systems. These measures enhance overall disaster prevention and resilience capabilities. Annual drills for network and equipment scheduling and emergency repairs are conducted to improve proficiency in disaster response, thereby minimizing potential losses. Aging and end-of-support (EOS) equipment will continue to be replaced, new high-performance equipment introduced, microwave systems in mountainous and offshore areas expanded, international and domestic submarine cable systems enhanced, and multi-orbit satellite solutions deployed to further strengthen the resilience of critical infrastructure and overall backup capacity.

In the event of a disaster causing mobile communication disruptions, microwave-, satellite-, and mobile base station–based transmission alternatives are in place. These solutions can be rapidly deployed according to the conditions of the affected area to restore emergency communication with external networks in the shortest possible time. Mobile network quality and resilience solutions will continue to be enhanced, redundancy mechanisms established for critical equipment, backup power supply for key base stations strengthened, and the replacement of high-failure-rate and energy-intensive equipment prioritized to maintain mobile network quality and high service stability.

Chunghwa Telecom’s HiNet network adopts multi-route architecture with a highly reliable network redundancy mechanism, enabling real-time monitoring and traffic load balancing across all routes. For international routing, traffic is distributed across multiple submarine cable systems to prevent congestion or outages caused by single-route failures. Additionally, collaboration with overseas carriers is undertaken to increase direct international interconnection bandwidth, thereby improving the quality and stability of international internet connectivity. The expansion of international internet bandwidth and diversification of submarine cable routes will remain key resource allocation priorities to enhance HiNet’s domestic backbone capacity and international connectivity.

To respond to natural disasters such as typhoons, heavy rainfall, earthquakes, landslides, and tsunamis, as well as major incidents including fires, explosions, terrorist attacks, or other significant catastrophes that may cause severe damage to information systems, equipment, or data centers, backup environments have been established and Business Continuity Management (BCM) levels are assessed based on business impact analysis to define recovery time objectives (RTOs) and recovery point objectives (RPOs). Business continuity plans have been developed, and regular backup drills are conducted to expedite the restoration of damaged equipment, shorten service interruption durations, and ensure the achievement of operational objectives. Inspections of aging equipment will continue, end-of-support (EOS) and end-of-life (EOL) equipment will be replaced, and cross-system and cross-organization joint BCM drills will be promoted to enhance system reliability and disaster resilience.

Sustainability-Related Risks - Cybersecurity and Customer Privacy

The occurrence of major cybersecurity incidents, leakage or improper use of personal data resulting in administrative penalties imposed by regulatory authorities

The Group places a high priority on cybersecurity and personal data protection. We have established the Cybersecurity Policy and the Privacy Policy in accordance with international standards and regulatory requirements. We have also developed a comprehensive cybersecurity governance framework and internal control system to ensure the overall cybersecurity defense and response capabilities of the Group and our subsidiaries, safeguarding operational and customer information security.

1.  Establish an information security management system in line with international standards and implement the ISO 27701 Privacy Information Management System, in alignment with the national cybersecurity strategy. Conduct cybersecurity risk assessments, develop corresponding protective strategies, and implement various effective mitigation measures.

2.  Through technical measures aligned with ISO 27001 standards—such as access controls, transmission encryption, personal data pseudonymization, and de-identification in accordance with CNS 29100-2 standards—the Group ensures the security of customers’ personal data and privacy without infringing upon their rights.

3.  Clear requirements and penalties for information security and personal data protection are established for suppliers, and regular monitoring is conducted to ensure that suppliers handle and protect customer data strictly according to authorized procedures.

1.  The ISO 27701:2019 certification will be transitioned to ISO 27701:2025 within three years.

2.  Conduct cybersecurity training and drills to enhance employees’ security awareness and improve response efficiency during incidents. AI technologies are implemented for cybersecurity event detection to enhance early warning capabilities.

3.  Expand collaboration with external public and private sector entities is expanded to strengthen information sharing and joint cybersecurity defense, thereby improving the effectiveness of security measures and their societal impact.

Sustainability-Related Risks

and Opportunities

Sustainability-Related Opportunities – Digital Resilience

To meet the digital resilience requirements of government and corporate clients, the Group provides solutions encompassing network, system, and cybersecurity resilience.

Climate-Related Opportunities – Climate Resilience Products and Services

Providing customers with products or services that enhance climate resilience

Sustainability-Related Risks

and Opportunities

Climate-Related Opportunities - Energy

Energy efficiency improvements to reduce electricity consumption and associated carbon pricing costs

By integrating power and environmental monitoring with system development technologies, the Group actively promotes and implements optimization and improvement of office spaces, data centers, and base station infrastructure to reduce electricity consumption.

Compared to 2024, total electricity consumption this year decreased by 44.3 million kWh, resulting in a reduction of approximately NT$186 million in electricity expense. (Note 4)

• Expected Financial Impact

The Group places energy efficiency and low-carbon solutions at the core of its strategy, leveraging its ICT capabilities and talent advantages to systematically invest capital expenditures and resources in advancing its“Technology-Driven Energy Saving and Carbon Reduction” strategy. In 2026, operating costs and expenses, including electricity costs, are expected to decrease by approximately NT$201 million (Note 4). In practice, the financial impact of operating revenue arising from related business opportunities has been incorporated into the measurement and disclosure under“Climate-Related Opportunities — Climate Resilience Products and Services,” while the financial impact of capital expenditures required to implement the strategy has been incorporated into the measurement and disclosure under “Climate-Related Risks — Transition Risks.”

• Medium to Long-term Impacts

The Group’s medium to long-term energy efficiency and low-carbon initiatives include the in-house development of an intelligent Energy Operations Center (EOC) system to automatically collect and analyze electricity consumption data and to calibrate energy-saving performance in real time; the accelerated decommissioning of outdated, energy-intensive equipment; the continuous reduction of the average PUE of IDC data centers; and the promotion of IP migration for the public switched telephone network, etc. These actions are expected to structurally lower the unit cost of electricity, increase potential revenue, and reduce operating expenses. During the period from 2027 to 2040, the anticipated reduction in potential operating costs and expenses, including electricity expenses, is estimated at approximately NT$3.029 billion. In addition, the Group expects to avoid potential carbon fee charges of approximately NT$427 million during 2027 to 2030 (Note 5). However, the financial impact of operating revenue arising from related business opportunities has been incorporated into the measurement and disclosure under “Climate-Related Opportunities — Climate Resilience Products and Services,” while the financial impact of capital expenditures required to implement the strategy has been incorporated into the measurement and disclosure under “Climate-Related Risks — Transition Risks.”

Sustainability-Related Risks

and Opportunities

Climate-Related Risks - Transition Risks

Increased compliance costs in response to the government’s 2050 net-zero emissions policy

The Group’s climate transition plan is implemented in alignment with the decarbonization pathways advocated by the SBTi. The primary strategies focus on two key pillars: technology-driven carbon reduction and renewable energy procurement. Taking into account the implementation progress of green electricity procurement and equipment upgrades, the potential impacts in the short term and the medium to long term are as follows:

• Short-term Impact

In accordance with the Group’s SBTi targets, the Group will progressively increase the proportion of renewable energy used and implement GHG inventory and management systems. Increase in operating costs and expenses: approximately NT$395 million, primarily attributable to the increased proportion of renewable energy usage (Note 6).

Capital expenditures: approximately NT$2.239 billion, primarily for the replacement of outdated equipment.

• Medium- to Long-term Impacts

To achieve the SBTi-aligned decarbonization pathway, the Group will be required to further expand its procurement of renewable energy. As a result, operating expenses are expected to increase over the medium to long term. However, as the relevant green electricity procurement contracts are still under negotiation, the associated costs remain highly uncertain and therefore cannot be reliably disclosed at this stage.

Sustainability-Related Risks

and Opportunities

Sustainability-Related Risk – Digital Resilience

Power and network disruptions and abnormal outages of critical information systems or cloud data center infrastructure caused by major natural disasters, external environmental changes, or multi-hazard events

Sustainability-Related Risks - Cybersecurity and Customer Privacy

The occurrence of major cybersecurity incidents, leakage or improper use of personal data resulting in administrative penalties imposed by regulatory authorities or operational losses

If the degree of measurement uncertainty involved in estimating the expected financial impacts of sustainability-related risks or opportunities is so high that certain quantitative information would not be useful, the Group provides qualitative disclosures only to assist primary users of general-purpose financial reports in understanding the relevant impacts.

The assessment scope covers the impact of sustainability-related risks and opportunities on the Group’s financial position, financial performance, and cash flows for 2025. Based on the evaluation, the Group does not expect any of the sustainability-related risks or opportunities listed in the table above to pose a significant risk of material adjustments to the carrying amounts of assets and liabilities in the next annual financial statements.

The assessment scope includes the expected impacts of sustainability-related risks and opportunities on the Group’s short-, medium-, and long-term financial position, financial performance, cash flows, access to financing, and cost of capital.

Calculated based on an average of NT$4.19 per kWh for gray electricity; Due to limitations in data availability, certain activity data relating to the Group’s total electricity consumption could not be obtained; therefore, estimates were made using reasonably available and supportable information as of the reporting date, including, where necessary, data from prior periods.

For carbon fee estimation, key assumptions include annual implementation progress in line with the reduction pathway set out in the Group’s voluntary emissions reduction plan. Relevant parameters include the estimated annual GHG emissions of the Group and assumed future carbon fee rates to be announced by the regulatory authority, which are expected to increase in phases with reference to international carbon pricing practices and global assessment reports. Changes in these assumptions and estimation bases may result in material adjustments to the estimated carbon fee amounts.

Calculated based on the expected annual volume of green electricity procurement and the price differential between green and conventional (grid) electricity. The projected annual green electricity procurement volume is aligned with the Group’s established GHG reduction pathway. Changes in the aforementioned assumptions and estimation bases may result in material adjustments to the estimated amounts.

The financial impact of measures already implemented is calculated as a proportion of the Group’s consolidated profit before tax for 2025, in order to assess the relative impact of various climate-related risks and opportunities.

Resilience Assessment

Climate-Related Scenario Analysis and Assessment

Time

Horizon

Scope of

Analysis

1. Climate-related policies in the jurisdictions where the Company operates are formulated in accordance with the Government’s current policy framework.

It is anticipated that the “2050 Net-Zero Emissions Pathway” will continue to be implemented. In addition, the Company will comply with the requirement set forth in Appendix I, “Designated Reduction Rates by Industry,” of the Designated GHG Emissions Reduction Goals for Entities Subject to Carbon Fees, which stipulates that GHG emissions for “other industries” in the year 2030 shall be reduced by 42% compared with the base year 2021.

IEA STEPs

Under the Stated Policies Scenario (STEPS), Taiwan has set 2005 as the base year. The government’s emission reduction targets are a 10% reduction by 2025, a 24% (±1%) reduction by 2030, and the achievement of net-zero emissions by 2050, with other policies assumed to remain unchanged.

IEA Net Zero Emissions Scenario

In assessing transition risks under the IEA Net Zero Emissions (NZE) Scenario, it is assumed that the government amends relevant legislation to set 2020 as the base year. Under this assumption, the emission reduction targets would be strengthened to a 21% reduction by 2025, a 42% reduction by 2030, and the achievement of net-zero emissions by 2050.

1. Impact Assessment:

Under the STEPS carbon price scenario, assuming business-as-usual (BAU) trends, the carbon fees payable are estimated to account for approximately 0.33–0.49% of annual revenue in 2030 and 2050. Under an active decarbonization scenario, the carbon fees are expected to account for approximately 0.21–0.31% of annual revenue in 2030, and 0.02–0.03% in 2050.

Under the NZE carbon price scenario, carbon fees under the BAU scenario are estimated to account for approximately 1.57% of annual revenue in 2030 and 2.17% in 2050. Under the active decarbonization scenario, carbon fees are expected to account for approximately 1.37% of annual revenue in 2030 and 0.14% in 2050.

2. Resilience Capability:

The Group addresses transition risks arising from carbon pricing through “technology-driven emission reductions” and “renewable energy adoption” The detailed response strategies are outlined in “3.2.1 Sustainability Plan and Climate Transition Plan.”

Time

Horizon

Scope of

Analysis

2. Impact of Macroeconomic Trends

According to the Chung-Hua Institution for Economic Research, based on its full-year forecast for 2025 and the development of emerging technologies, the annual economic growth rate is projected to reach 5.45%.

3. Impact of Country- or Region-Level Variables

According to official reports from the Taiwan Climate Change Projection Information and Adaptation Knowledge Platform and national meteorological observation authorities, climate model projections indicate that Taiwan’s winter season is expected to gradually shorten, total annual precipitation is projected to increase, and the intensity of extreme rainfall events is likely to exhibit an increasing trend.

4. Assumptions on Energy Use and Mix

The Group expects to increase the proportion of electricity consumption from renewable energy sources to 100% by 2040.

1.RCP2.6

The IPCC uses Representative Concentration Pathways (RCPs) to model climate scenarios under varying levels of warming. RCP 2.6 represents a mitigation scenario, in which radiative forcing is projected to decrease by the year 2100.

2.RCP 8.5

1. Impact Assessment:

Using the NASA Sea Level Projection Tool, the future sea level rise in Taiwan was estimated under a global warming scenario of 2°C (closest to the projected temperature increase under RCP 8.5). For this assessment, the “National Climate Change Science Report 2024: According to studies, disasters caused by sea level rise are expected to occur after 2080 and, therefore, do not have a significant impact on the Group at present.

2. Resilience Capability:

Based on the integrated scenario analysis, under a long-term 2°C warming scenario towards the low-carbon economy, some of the Group’s data centers are located in high-risk coastal zones. However, the majority of data centers were designed prior to construction with considerations for wind resistance and sea level rise to ensure the safety of the facilities and the continuity of operations, assuming no further deterioration in climate change and global warming.

Time

Horizon

Scope of

Analysis

5. Assumptions on Technological Development

With reference to Taiwan’s “2050 Net-Zero Emissions Pathway,” Taiwan is expected to develop low-carbon energy technologies in the short to medium term, while advancing high-efficiency green energy generation technologies over the long term.

1. Impact Assessment:

According to the National Climate Change Science Report 2024, under the RCP 8.5 scenario, the mid-21st century (2041–2060) is projected to experience a temperature increase of 1.6°C, while by the end of the century (2081–2100), temperatures could rise by up to 3.4°C. The risks associated with rising temperatures are not significant for the Group, and are mainly reflected in increased electricity costs resulting from cooling needs at office areas or operating locations.

2. Resilience Capability:

In recent years, Taiwan’s warming trend has been approximately 0.32°C per decade, accompanied by a corresponding increase in electricity consumption. The Group has implemented an energy management system and established monitoring for major power-consuming equipment, setting electricity usage targets and ensuring effective control and management.

1. Impact Assessment:

2. Resilience Capability:

The Group conducts an annual natural disaster preparedness inspection for all data centers. Flood protection measures include leak detection and waterproofing. The operations and maintenance unit issues notifications requiring all data center managers to perform safety checks, such as ensuring drainage openings are free of debris, verifying flood protection measures, and confirming the installation of waterproof gates.

Policy Changes:

Technological Advancements:

Changes in Market Demand:

Environmental Changes:

Economic Factors:

Availability and Flexibility of Financial Resources

Capacity for Asset Reallocation and Upgrades

Impacts on Investments in Sustainability- and Climate-Related Mitigation, Adaptation, and Resilience Opportunities

Sustainability-Related Risk – Digital Resilience

Power and network disruptions and abnormal outages of critical information systems or cloud data center infrastructure caused by major natural disasters, external environmental changes, or multi-hazard events

Sustainability-Related Risks - Cybersecurity and Customer Privacy

The occurrence of major cybersecurity incidents, leakage or improper use of personal data resulting in administrative penalties imposed by regulatory authorities or operational losses

1.  Collecting and Identifying Climate Topics: Following the TCFD framework, the Group reviews the service models and characteristics of the telecommunications industry to compile a comprehensive list of climate-related risks and opportunities.

2.  Identifying Material Climate Risks and Opportunities: Internal and external inputs are gathered through questionnaires and interviews to assess the magnitude and urgency of impacts. Materiality thresholds are established, and material climate risks and opportunities are selected accordingly.

3.  Establishing a Material Climate Risk and Opportunity Matrix: Climate risks and opportunities are prioritized based on the double materiality principle, and annual priorities are determined. After internal review, a materiality matrix is produced, illustrating the ranking of each topic.

4.  Target Setting and Strategy Management: Based on the climate risk matrix, annual targets and strategies are formulated. Policy implementation is reviewed quarterly, plans are adjusted, and monitoring mechanisms are established to ensure target achievement and strengthened risk response.

Risk Probability = likelihood of the risk occurring.

Risk Impact = severity of the risk’s consequence.

The “Investments in business” risk event is assessed at the subsidiary level, whereas other risk events are primarily assessed for the parent company, Chunghwa Telecom.

First Line of Defense: Undertaken by risk owners and individual operating units, focusing on day-to-day risk management and response. Risk controls are integrated into routine operational processes.

Second Line of Defense: Led by the Risk Management Steering Committee and relevant functional units. This line is responsible for overseeing, guiding, and adjusting risk management policies and mechanisms, as well as establishing standardized processes and procedures.

Third Line of Defense: Led by the Audit Department, which conducts periodic internal audits to evaluate the effectiveness and implementation of the overall risk management framework and provides recommendations for improvement based on identified issues.

The metrics established to continuously measure and monitor sustainability-related risks and opportunities, as well as the strategic targets formulated to mitigate or adapt to such risks or to capitalize on such opportunities, including analyses of performance trends or changes.

Specific cross-industry metric categories, including: GHG Emissions, Climate-Related Transition Risks — the amount and percentage of assets or business activities exposed to climate-related transition risks, Climate-Related Physical Risks — the amount and percentage of assets or business activities exposed to climate-related physical risks, Climate-Related Opportunities — the amount and percentage of assets or business activities aligned with climate-related opportunities, Capital Allocation — capital expenditures, financing, or investments allocated to climate-related risks and opportunities, Internal Carbon Pricing, Remuneration, etc.

Sustainability-Related Opportunities – Digital Resilience

To meet the digital resilience requirements of government and corporate clients, the Group provides solutions encompassing network, system , and cybersecurity resilience.

Climate-Related Opportunities – Climate Resilience Products and Services

Providing customers with products or services that enhance climate resilience.

Climate-Related Opportunities - Energy

Energy efficiency improvements to reduce electricity consumption and associated carbon pricing costs

Climate-Related Risks — Transition Risks

Increased compliance costs in response to the government’s 2050 net-zero emissions policy

Scope 1 & Scope 2 GHG Emissions

Scope 3 GHG Emissions

Scopes 1 & 2: 20.51% reduction compared to the base year

Scope 3: 11.07% reduction compared to the base year

(Note 3)

Scopes 1 & 2: 2020: 857.1 thousand t-CO₂e

Scope 3: 2021: 1.9132 million t-CO₂e

Scopes 1 & 2: Consolidated entities

Scope 3: Parent company (Chunghwa Telecom)

2030

Scope 1 and Scope 2 GHG emissions: 50% reduction compared to the base year

Scope 3 GHG emissions: 25% reduction compared to the base year

Sustainability-Related Risk – Digital Resilience

Power and network disruptions and abnormal outages of critical information systems or cloud data center infrastructure caused by major natural disasters, external environmental changes, or multi-hazard events

2025,

99.99%

Critical information systems: service availability ≥ 99.95%

IDC/ cloud services: service availability ≥ 99.95%

2025,

99.95%

Critical information systems: service availability ≥ 99.95% (Note 4)

IDC/ cloud services: service availability ≥ 99.95% (Note 4)

2025,

72 hours

Critical network facility backup power duration: ≥ 72 hours

(Note 5)

Sustainability-Related Risks - Cybersecurity and Customer Privacy

The occurrence of major cybersecurity incidents, leakage or improper use of personal data resulting in administrative penalties imposed by regulatory authorities or operational losses

1. Number of Data Breaches

2. Number of Affected Customers

1.0 case

2.0 persons

2025,

1.0 case

2.0 person

1.0 case

2.0 person

2025,

100%

2025 is the base year for this metric/target. The indicator is measured using the Compound Annual Growth Rate (CAGR), which requires data from at least two periods to calculate. Starting from 2026, the calculation will use 2025 as the base year.

Electricity consumption for certain subsidiaries includes estimated values, based on the actual consumption for the same period in the previous year.

GHG emissions data for Year 2025 is based on internal calculations. A reasonable assurance opinion on the GHG inventory is expected to be obtained by April 30, 2026. The complete assurance information will be disclosed in the Sustainability Report.

The availability target for this service refers to circumstances in which a “significant disaster” occurs and that are “not limited to any specific scope or asset”. If circumstances are “limited to a specific scope or asset”, or if an “exclusive SLA agreement has been signed with the customer,” the availability target may exceed 99.95%.

Aligned with international TIA-942 IDC Tier 3 standard for high-reliability power resilience.

Annual Carbon Emission Reduction Ratio

Decarbonization Pathway: Advancement to Achieve Net-Zero Emissions by 2045

(Note 1)

Net-Zero Target –

2030:

Reduce IDC Data Center PUE to below 1.5 by 2030, using 2020 as the base year

Quantitative – Intensity

Target

Quantitative – Intensity

Target

Quantitative – Intensity

Target

The Group’s GHG reduction targets are derived using the absolute contraction approach.

GHG emissions data for 2025 is based on internal calculations. A reasonable assurance opinion on the GHG inventory is expected to be obtained by April 30, 2026. The complete assurance information will be disclosed in the Sustainability Report.

The total renewable energy consumption data are based on the Company’s internal reporting. For certain activity data could not be obtained due to data availability constraints, the Group applied reasonably obtainable and supportable information available as of the reporting date (including, where necessary, estimates based on prior-period data) to perform estimations. However, the emissions data derived from such estimations involve a high degree of uncertainty and may be subject to material revisions upon the availability of updated information in the subsequent year.

All other performance indicators are calculated based on internally developed definitions and have not undergone third-party verification.

Scope 1 (Direct)

(t-CO₂e)

25,561.6967

Scope 2 (Indirect Energy)

(t-CO₂e)

Market-

based

655,726.1313

Entire Group

Location -

based

697,727.2713

Scope 3 (Other Indirect)

(t-CO₂e)

1,787,620.1103

Entire Group

Total Emissions (Scope 1 + 2)

(t-CO₂e)

Market -

based

681,287.8280

Entire Group

Location-

based

723,288.9680

Total emissions

(Scopes 1+2+3)

(t-CO₂e)

Market-

based

2,468,907.9383

Entire Group

Location-

based

2,510,909.0783

Upstream transportation and distribution

Downstream transportation and distribution

Business travel

Employee commute

Purchased goods and services

Procurement of capital goods

Fuel and energy-related activities

Waste generated by operations

Upstream leased assets

Use of sold products

End-of-life treatment of sold products

Downstream leased assets

The industries to which the Group belongs do not emit ozone-depleting substances or other significant pollutants.

GHG emissions data for 2025 is based on internal calculations. A reasonable assurance opinion on the GHG inventory is expected to be obtained by April 30, 2026. The complete assurance information will be disclosed in the Sustainability Report.

For 2025 GHG emission data, where certain activity data could not be obtained due to data availability constraints, the Group applied reasonably obtainable and supportable information available as of the reporting date (including, where necessary, estimates based on prior-period data) to perform estimations. However, the emissions data derived from such estimations involve a high degree of uncertainty and may be subject to material revisions upon the availability of updated information in the subsequent year.

Electricity emission factors for 2024

as announced by the Bureau of Energy

Vietnam

Renewable Energy

(10,000 kWh)

The total renewable energy consumption data are based on the Company’s internal reporting. For certain activity data could not be obtained due to data availability constraints, the Group applied reasonably obtainable and supportable information available as of the reporting date (including, where necessary, estimates based on prior-period data) to perform estimations. However, the emissions data derived from such estimations involve a high degree of uncertainty and may be subject to material revisions upon the availability of updated information in the subsequent year.

1.  Purchased goods and services

Priority is given to estimating emissions using product life cycle GHG emission factors. For materials or products with available weight data (such as consumables, packaging materials, electronic components, and raw materials), emissions are calculated by multiplying the weight by the corresponding life cycle GHG emission factor (sources include the Environmental Protection Administration’s Carbon Footprint Database or the SimaPro database). If such data are unavailable, quantification is performed using Environmentally Extended Input-Output (EEIO) analysis. The detailed calculation methods for each item are as follows:

1.  Water (Carbon Footprint): Multiply the water consumption by the emission factor published on the Product Carbon Footprint Information Platform.

2.  Supplier Inventory Items (Carbon Footprint): Based on the quantity of products procured, multiply by the emission factors announced by suppliers to calculate carbon emissions. This includes refrigerants, leased goods, SIM cards, and products sold in retail stores.

3.  Others (EEIO): Classify the procurement items according to the industry classification standards of the Directorate-General of Budget, Accounting and Statistics, and calculate carbon emissions based on procurement costs using EEIO analysis.

2.  Procurement of
capital goods

3.  Fuel and energy-related activities

4.  Upstream transportation and distribution

Priority is given to using available material or product weight and delivery data to calculate emissions by applying the corresponding ton-kilometer emission factor approach (sources include the Environmental Protection Administration’s Carbon Footprint Database or the SimaPro database). If such data are unavailable, emissions are quantified using the Environmentally Extended Input-Output (EEIO) method. The detailed calculation methods are as follows:

1.  Supplier Inventory Items (Ton-Kilometer): For retail products, the parent company and subsidiaries estimate upstream transportation ton-kilometers based on inbound quantities, weights, supplier shipping records, and sales data. Emissions are calculated using ton-kilometer emission factors published on the Product Carbon Footprint Information Platform. For non-retail products (e.g., HGW, Wi-Fi AP, signal boosters, SIM cards, MOD), the same calculation principle applies. Subsidiaries calculate waste generation using per capita waste generation rates announced by authorities and employee headcount or total working hours, then apply incineration emission factors. Transportation emissions are calculated using the activity-based ton-kilometer method by multiplying waste transport weight and distance to the nearest incineration plant by the transport emission factor.

2.  Accounting Items (EEIO): Based on expense records for upstream and downstream transportation and distribution, emissions are calculated using the EEIO approach by applying expenditure amounts, excluding non-product transportation expenses.

5.  Waste generated by operations

Priority is given to using available material or product weight and disposal method to calculate emissions by applying the corresponding ton-kilometer or emission factor approach (sources include the Environmental Protection Administration’s Carbon Footprint Database or the SimaPro database). If such data are unavailable, emissions are quantified using the Environmentally Extended Input-Output (EEIO) method. The detailed calculation methods are as follows:

1.  Waste Generation (Treatment Emission Factor): Based on the amount of general and industrial waste generated within the organizational boundary at each operating site, and the recorded waste treatment methods (including incineration, composting, and recycling), emissions are calculated by multiplying the waste quantity by the incineration emission factor published on the Product Carbon Footprint Information Platform; food waste is multiplied by the composting emission factor from the same source.

2.  Waste Transportation (Ton-Kilometer): For municipal waste transported from operating sites to the final disposal location, emissions are calculated by multiplying the transport distance and weight by the ton-kilometer emission factor published on the Product Carbon Footprint Information Platform. For industrial waste transported from headquarters to treatment facilities, the same method applies.

3.  Accounting Items (EEIO): Based on expense records for upstream and downstream transportation and distribution, emissions are calculated using the EEIO approach by applying expenditure amounts.

6.  Business travel

Priority is given to quantifying emissions using the activity-based method (passenger-kilometer approach). Actual business travel distances for each mode of transportation (e.g., air, rail, car, metro, high-speed rail) are aggregated and multiplied by the corresponding GHG emission factors for each transport mode. The detailed calculation methods are as follows:

1.  Transportation (EEIO): Based on business travel classifications, including air transport, sea transport, rail transport, private car (taxi), coach/bus, and airport-related expenses, emissions are calculated using the Environmentally Extended Input-Output (EEIO) method by applying expenditure amounts.

2.  Business Accommodation (EEIO): For domestic stays, emissions are quantified using the per-night emission factor published on the Product Carbon Footprint Information Platform; for international stays, SimaPro emission factors are applied.

7.  Employee commute

Both the parent company and subsidiaries conduct an employee commuting survey and require all employees to complete the questionnaire. After collecting data on commuting modes and distances, emissions are calculated by multiplying the corresponding public transportation emission factors. The calculation method is as follows:

1.  Commuting Transportation (Passenger-Kilometer): For each county/city, commuting modes and distances are aggregated and then multiplied by the corresponding public transportation emission factors. The result is adjusted by the response rate (number of respondents ÷ total employees in that county/city) to estimate the commuting emissions for all employees nationwide.

8.  Upstream leased
assets

Priority is given to quantifying emissions from upstream lease-related accounting expenses using the Environmentally Extended Input-Output (EEIO) method, and to include electricity consumption for leased premises without full operational control. The detailed calculation methods are as follows:

1.  Accounting Items (EEIO): Based on expense records for upstream leases, emissions are calculated using the EEIO approach by applying procurement costs, excluding service fees, usage fees, and attachment fees.

2.  Electricity Without Full Operational Control (Electricity Emission Factor): For leased premises with fixed electricity charges and base stations without full operational control, emissions are calculated using the electricity emission factor.

9.  Downstream transportation and distribution

Priority is given to quantifying emissions using the transport activity-based method (ton-kilometer approach). Emissions are calculated by multiplying the weight of goods transported during product sales or service delivery by the transport distance to customers and applying the corresponding GHG emission factor for the transport mode (e.g., road, sea, air). If only accounting expense data are available, emissions are quantified using the Environmentally Extended Input-Output (EEIO) method (limited to subsidiary products). The detailed calculation methods are as follows:

1.  Supplier Inventory Items (Ton-Kilometer): For products sold in retail stores where suppliers bear the transportation cost, ton-kilometers are estimated using the supplier’s address and product weight. Emissions are calculated using the ton-kilometer emission factors published on the Product Carbon Footprint Information Platform or those provided by the SimaPro database.

2.  EEIO Method: For downstream distribution or transportation-related accounting expenses, emissions are calculated by applying EEIO emission factors based on industry classification to reflect indirect emissions generated during product transportation. This method applies only to subsidiary products.

10. Processing of Sold Products

11. Use of sold products

Priority is given to using available product carbon footprint information to quantify emissions based on the number of products sold. If such data are unavailable, emissions are quantified based on the product’s energy consumption throughout its life cycle. The detailed calculation methods are as follows:

1.  Product Carbon Footprint: Carbon emissions are calculated by multiplying the number of products sold by the use-phase emission factor announced by suppliers or associated products in the SimaPro database.

2.  Product Electricity Consumption (Electricity Emission Factor): If annual electricity consumption data for individual electronic products announced by the Energy Administration or equipment lifetime standards from the Directorate-General of Budget, Accounting and Statistics are available, these are used to calculate product electricity consumption. If such data are unavailable, emissions are calculated by multiplying the number of products sold by estimated electricity consumption over the product’s lifetime and then applying the latest 2024 electricity emission factor. Products without electricity consumption are excluded from carbon emission calculations.

12. End-of-life treatment of sold products

The disposal method for each product is determined based on its composition and properties, considering potential end-of-life treatments such as incineration, landfill, or recycling. Emissions are then calculated by multiplying the corresponding end-of-life GHG emission factor for each treatment method. Emission factors are primarily sourced from the treatment stage data in the SimaPro life cycle assessment database. The detailed calculation methods are as follows:

1.  Product Carbon Footprint: For sold products and SIM cards, carbon emissions are calculated by multiplying the sales volume by the end-of-life emission factor announced by suppliers or associated products in the SimaPro database.

2.  Waste Treatment Volume (Weight-Based Emission Factor): Estimate the total weight based on product characteristics and apply the proportion of regulated recyclable materials announced by the Ministry of Environment to determine the total treatment volume. Multiply this by the emission factor published on the Product Carbon Footprint Information Platform for quantification.

3.  Waste Transportation (Ton-Kilometer): Calculate emissions from transporting sold goods from operating sites to the Gangshan incineration plant by multiplying the transport distance and weight by the ton-kilometer emission factor published on the Product Carbon Footprint Information Platform.

13. Downstream leased assets

Downstream leased products and premises are quantified based on electricity consumption. The detailed calculation methods are as follows:

1.  Leased Product Electricity Consumption (Electricity Emission Factor): Carbon emissions are calculated by multiplying the product’s rated power or standby and operating electricity consumption by the 2024 electricity emission factor published by the Energy Administration.

2.  Leased Premises Electricity Consumption (Electricity Emission Factor): Carbon emissions are calculated by multiplying the electricity allocation recorded by external systems for leased premises by the latest 2024 electricity emission factor. This includes electricity used in IDC facilities subleased by subsidiaries.

14. Franchise Business

15. Investment

The primary focus is on assets with investment amounts disclosed in financial reporting documents, quantified using Environmentally Extended Input-Output (EEIO) analysis. If the investee company provides its Scope 1 and Scope 2 GHG emissions, emissions are further calculated based on the Company’s equity share. The detailed calculation methods are as follows:

1.  EEIO Method: In accordance with the GHG Protocol category for debt and equity investments, this includes investments accounted for under the equity method in consolidated financial statements, financial assets measured at fair value through other comprehensive income, and financial assets measured at fair value through profit or loss. All subsidiaries are included in the inventory scope, excluding liquidated or merged entities, and only companies with investment amounts are considered. Emissions are calculated by multiplying the Company’s investment amount by the corresponding industry-specific EEIO emission factor to determine Scope 3 emissions attributable to subsidiaries.

2.  Emission Factor Method: For companies that provide Scope 1 and Scope 2 emissions data, carbon emissions are calculated and then weighted based on the Company’s equity share to determine Scope 3 emissions.

1.  Expenses on Renewable Energy

2.  Expenditure on Equipment Replacement

Unit of

Measurement

●  Telecommunication Services

●  Multiline and Specialty Retailers & Distributors

●  Software & IT Services

●  Semiconductors

●  Environmental Footprint of Operations

●  Energy Management in Retail & Distribution

●  Environmental Footprint of Hardware Infrastructure

●  Energy Management in Manufacturing

TC-TL-130a.1

CG-MR-130a.1

TC-SI-130a.1

TC-SC-130a.1

(1)  Total energy consumed

(2)  Percentage grid electricity

(3)  Percentage renewable

Gigajoules (GJ)

Percentage (%)

(1)  5,483,530.34 Gigajoules (GJ)

(2)  90.35%

(3)  8.68%

●  Telecommunication Services

●  Multiline and Specialty Retailers & Distributors

●  Data Security

●  Data Security

●  Data Security

TC-TL-230a.1

CG-MR-230a.2

TC-SI-230a.1

(1)  Number of data breaches

(2)  Percentage that are personal data breaches

Number,

Percentage (%)

(1)  0 cases

(2)  0%

(3)  0 person

Unit of

Measurement

●  Software & IT Services

(3)  Number of customers affected

●  Telecommunication Services

●  Multiline and Specialty Retailers & Distributors

●  Software & IT Services

●  Data Security

●  Data Security

●  Data Security

TC-TL-230a.2

CG-MR-230a.1

TC-SI-230a.2

•  Description of approach to identifying and addressing data security risks, including use of third-party cybersecurity standards.

•  Provide an explanation of the approaches taken to identify and address data security risks, including the application of third-party cybersecurity standards.

Unit of

Measurement

●  Telecommunication Services

●  Software & IT Services

●  Data Privacy

●  Data Privacy & Freedom of Expression

TC-TL-220a.1

TC-SI-220a.1

The Group has established policies governing behavioral advertising and customer privacy, clearly outlining how customer data is used and customers’ choices regarding data usage. A comprehensive Privacy Policy is publicly disclosed to enable customers to opt in or opt out of relevant services. The privacy management practices of Chunghwa Telecom, its subsidiaries, and outsourced media service providers are summarized as follows:

1.  The Group

Our Policy:

Chunghwa Telecom places strong emphasis on protecting customer privacy and complies with the Personal Data Protection Act and the Regulations Governing the Security Maintenance of Personal Data Files by Non-Government Agencies issued by the National Communications Commission (NCC). A comprehensive Privacy Protection Policy has been established, applicable to all branches, operating locations, subsidiaries, and suppliers.

Our Management Measures:

•  We have established rigorous personal data privacy protection and security controls, implemented data governance systems, defined data standards and classifications, and enforced access control mechanisms and data owner review processes. These measures ensure that data access and sharing are properly governed and safeguarded to maintain data availability, integrity, and confidentiality.

•  Prior to launching relevant business initiatives, we conduct risk assessments to verify compliance in data access and to ensure that adequate data protection measures are in place. To enhance customer privacy protection, we have implemented the ISO 27701 Privacy Information Management System (PIMS) to ensure the effectiveness and compliance of the entire data lifecycle.

Unit of

Measurement

•  For the collection, processing, use, and protection of personal data involved in our operations, we strictly follow all applicable laws and regulations and use personal data only within the scope permitted by law. We do not provide, rent, or disclose personal data to third parties in any disguised form. All practices strictly adhere to the Company’s Chunghwa Telecom Privacy Protection Policy, ensuring robust customer data security and privacy rights.

•  The National Communications Commission (NCC) has not established specific regulations governing children’s online privacy. In Taiwan, the primary regulations pertaining to children’s online privacy protection include:

•  Protection of Children and Youths Welfare and Rights Act

•  Child and Youth Sexual Exploitation Prevention Act

•  Sexual Assault Crime Prevention Act

•  With respect to personally identifiable information, Chunghwa Telecom does not collect or process biometric data.

For more information, please refer to the Chunghwa Telecom official website g Sustainability ESG g Privacy Protection.

2.  Outsourced Company – Carat Media Taiwan Ltd. (“Carat Media”)

Unit of

Measurement

•  The Group engages Carat Media to provide communication planning, interactive marketing, direct marketing, event marketing, consumer research, and related services, including targeted advertising and behavioral advertising. In addition to requiring Carat Media to establish a comprehensive Privacy Policy, the Company mandates full compliance with Chunghwa Telecom’s Privacy Protection Policy and all related management procedures. Carat Media must also provide mechanisms ensuring lawful and explicit customer consent, data anonymization and security measures, as well as user control and opt-out options to safeguard customer privacy.

For the complete Privacy Policy, please refer to the Carat Media official website.

●  Telecommunication Services

●  Software & IT Services

●  Data Privacy

●  Data Privacy & Freedom of Expression

TC-TL-220a.2

TC-SI-220a.2

75.79%

Note: The number of customers who consented to the use of their personal data for secondary purposes constitutes sensitive business information; therefore, it is disclosed in percentage terms.

●  Telecommunication Services

●  Software & IT Services

●  Data Privacy

●  Data Privacy & Freedom of Expression

TC-TL-220a.3

TC-SI-220a.3

0.

In 2025, no monetary losses incurred resulting from violations of laws related to customer privacy.

●  Telecommunication Services

●  Software & IT Services

●  Data Privacy

●  Data Privacy & Freedom of Expression

TC-TL-220a.4

TC-SI-220a.4

(1)  Number of law-enforcement requests for customer/user information

(2)  Number of customers/users whose information was requested

(3)  Percentage resulting in disclosure

Number,

Percentage (%)

(1) 247,539

(2) 97,422

(3) 98.33%

Unit of

Measurement

●  Semiconductors

●  Software & IT Services

●  Recruitment and Management of a Global and Skilled Workforce

●  Recruitment & Management of a Global, Diverse, and Skilled Workforce

TC-SC-330a.1

TC-SI-330a.1

●  Semiconductors

●  Software & IT Services

●  Water Management

●  Environmental Footprint of Hardware Infrastructure

TC-SC-140a.1

TC-SI-130a.2

(1)  Total water withdrawn,

(2)  total water consumed; percentage of each in regions with High or Extremely High Baseline

thousand cubic meters (m³)

Percentage (%)

(1) 253,626.30,0%

(2) 156,810.30,0%

●  Telecommunication Services

●  Product End-of-Life Management

(1)  Materials recovered through take-back programmes, percentage of recovered materials that were

(2)  reused,

(3)  recycled, and

(4)  landfilled.

metric tonnes (t)

Percentage (%)

(1) 16.91

(2) 89.37%

(3) 0%

(4) 10.63%

Unit of

Measurement

●  Telecommunication Services

●  Competitive Behavior & Open Internet

0.

In 2025, there were no violations of regulations related to anti-competitive behavior.

●  Telecommunication Services

●  Competitive Behavior & Open Internet

Average actual sustained download speed of

(1)  owned and commercially associated content and

(2)  non-associated content

●  Telecommunication Services

●  Competitive Behavior & Open Internet

1.  The Group adheres to Taiwan’s Digital Communication Act and Telecommunications Management Act, which require Internet Service Providers (ISPs) to disclose traffic management practices to users. ISPs with significant market power are prohibited from engaging in discriminatory treatment in the telecommunications services market.

2.  Article 13 of the Telecommunications Management Act sets out general regulations on interconnection agreements. Articles 30 and 31, along with their authorized regulations (i.e., the Regulations Governing Interconnection involving Significant Market Power), establish specific interconnection rules for entities with significant market power and other telecommunication enterprises.

Unit of

Measurement

Potential Risks and Opportunities

Risks:

•  The international Internet transit price continues to decline, reducing the willingness of local ISPs to establish interconnection agreements.

•  Remote interconnection models have become a new trend at Internet Exchange Points (IXPs). Large international IXPs establish Points-of-Presence (POPs) closer to local ISPs, enabling direct connection to international traffic and bypassing local IXPs, which poses a threat to local ISP interconnection markets.

•  The New Telecommunications Act continues to regulate wholesale pricing for dominant market players. Declining Internet transit prices year by year affect ISP interconnection revenue.

•  Internet Data Centers (IDCs) are attracting more content service providers, reducing the demand for ISP interconnection.

Opportunities:

•  Domestic Internet Exchange Points in Taiwan may have insufficient interconnection trust, encouraging content service providers to explore bilateral interconnections with major operators and data centers.

•  International content service providers strive to reduce network latency and improve user service quality by providing services closer to end-users. If a substantial local aggregation develops, it could increase interconnection demand for local small- and medium-sized ISPs.

•  For details regarding the Taiwan Internet Exchange (TWIX), please refer to its official website.

•  Chunghwa Telecom currently does not offer any zero-rating agreements.

Unit of

Measurement

●  Telecommunication Services

●  Managing Systemic Risks from Technology Disruptions

(1)  System average interruption duration,

(2)  system average interruption frequency and

(3)  customer average interruption duration

Minutes,

Quantity

(1) 8.19

(2) 0.03

(3) 270.39

●  Telecommunication Services

●  Managing Systemic Risks from Technology Disruptions

Discussion of systems to provide uninterrupted service during

service disruptions

1.  In 2025, a total of four significant network outage incidents occurred: three were caused by careless excavation by road construction units, resulting in damage to critical optical cables, and one was due to the Subscriber Location Function (SLF) going online, which caused database corruption and led to mobile voice service disruptions. Key measures and explanations are as follows:

(1)  Close communication with road authorities and construction units is maintained, including providing pipeline mapping data and reinforcing line inspections, to ensure existing pipelines are avoided during external excavation, thereby reducing the risk of cable damage.

(2)  For fixed-line infrastructure with lower resilience (e.g., microwave stations), backup optical cable routes or satellite circuit backups are planned to reduce the risk of service interruption.

(3)  The SLF malfunction caused service interruptions for 400,000 mobile customers, significantly increasing the metrics for Average System Downtime Duration (minutes) and Average System Interruption Frequency (times).

Unit of

Measurement

(4)  A fail-safe mechanism has been implemented to prevent service disruptions during SLF synchronization operations. In the event of an SLF malfunction, mobile registration signaling bypasses the SLF and queries user subscription information directly from the Home Subscriber Server (HSS), ensuring uninterrupted service. To strengthen disaster prevention, improve disaster response capabilities, and minimize losses, the Group has established the “Disaster Protection Operation Guidelines.”

2.  The Group has also implemented “Emergency Disaster Response and Restoration Procedures” to address major disasters, including natural disasters, fires, explosions, and terrorist attacks, which may severely damage telecommunications network equipment. These procedures ensure emergency communication services in affected areas, minimizing service downtime. In the fixed-line communications segment, to prevent the escalation of disaster-related damage, we have reinforced the deployment of multi-route relay transmission in remote areas, wireless backup routing, expanded standby power capacity, and enhanced redundancy for both international and domestic submarine cable systems. These measures strengthen our overall disaster prevention and resilience capabilities. In addition, we conduct annual network and equipment dispatch and emergency repair drills to improve operational proficiency in disaster response and thereby reduce potential losses. Regarding mobile communications:

   In the event that disasters cause disruptions to mobile communications, we have equipped 4WD off-road mobile base stations with high-orbit ST-2 or low-orbit OneWeb satellite antennas for signal transmission. These units can be rapidly deployed and set up based on on-site conditions in affected areas, enabling the swift restoration of mobile connectivity to the outside world.

Unit of

Measurement

3.  For critical transportation corridors with single access points—such as the Suhua Highway, South-Link Highway, and Alishan Highway—we have not only reinforced 4G/5G base station infrastructure and mobile communication multilayer coverage along the routes, but also conduct regular disaster-prevention drills to ensure the stable operation of mobile communication networks. These efforts enhance the disaster resilience and robustness of the mobile network. In the data communications segment, the Group’s HiNet network adopts multi-route architecture with a highly reliable network redundancy mechanism, enabling real-time monitoring and traffic load balancing across all routes. For international routing, traffic is distributed across multiple submarine cable systems to prevent congestion or outages caused by single-route failures. Additionally, we collaborate with overseas carriers to increase direct international interconnection bandwidth, thereby improving the quality and stability of international internet connectivity.

●  Multiline and Specialty Retailers & Distributors

●  Product Sourcing, Packaging & Marketing

Unit of

Measurement

●  Multiline and Specialty Retailers & Distributors

●  Product Sourcing, Packaging & Marketing

The Group is the largest distributor and agent of 3C products in Taiwan, and not a manufacturer of end-products. Nevertheless, we remain committed to minimizing potential health and safety risks to consumers. We assess and manage potential risks through the following measures to ensure that third-party products distributed and sold by our Group are subject to effective controls and adequate disclosure of chemical substances and hazardous materials:

During the procurement process, we require suppliers/agents to fulfill their obligation to disclose product information and to provide declarations/certificates regarding the use of chemicals and hazardous substances in the products they represent or supply.

Where feasible, suppliers must provide chemical control documentation or verification reports issued by original manufacturers or producers—such as REACH and RoHS certifications—so that our procurement teams can effectively implement chemical-related risk and hazard management.

1.  Chemical Management

(1)  Chemical Usage Scenarios:

   Currently, the Group primarily uses four types of chemicals in repair operations: isopropyl alcohol (IPA), cleaning agents, DOWSIL^™ SE 9160 Adhesive, and EH9777BS. These chemicals are used for cleaning and bonding handheld smart devices. Isopropyl alcohol and cleaning agents: Used for cleaning functions such as fingerprint and ink removal on device casings, full-device cleaning and disinfection, removal of adhesive residues during lamination, cleaning solder flux on motherboards, and removing copper chloride corrosion caused by moisture intrusion. DOWSIL^™ SE 9160 Adhesive and EH9777BS: Used for bonding processes, including the lamination of smartphone LCD panels.

Unit of

Measurement

(2)  Chemical Issuance and Control:

•  Isopropyl alcohol and cleaning agents: Engineers request chemicals from warehouse custodians as needed during repair operations. The custodian dispenses the required quantity at the warehouse and distributes it to the requester.

•  DOWSIL^™ SE 9160 Adhesive and EH9777BS: Engineers request usage from the designated custodian. Upon verifying the legitimacy of the request, the custodian retrieves the items from controlled storage areas, records the issuance in the logbook, and distributes them to the requester.

(3)  Operational Management Procedures:

   As the largest 3C product distributor and agent in Taiwan—and not a manufacturer— the Group manages chemical-related consumer risks by requiring suppliers to provide chemical management/certification documents issued by product manufacturers as part of the procurement process.

2.  Enhanced Supplier Communication: Chemical Use Prioritization and Development of Substitutes

   The Group communicates with suppliers regularly—such as through email—each year to emphasize consumers’ growing expectations for sustainable products. Upholding our green

Unit of

Measurement

   procurement principles, we encourage suppliers to produce or provide products that do not contain chemicals harmful to human health. We also expect suppliers to adopt eco-design principles during product design and manufacturing, using green chemicals to replace traditional chemical substances that may pose potential health risks.

3.  Disclosure of Complete Chemical Formulations for Products Sold

   For all products we distribute or act as agent for, we require manufacturers and agents to comply with product labeling regulations applicable in the country of manufacture or import, ensuring that product information is clearly disclosed.

4.  Chemical Composition Verification

(1)  The Group does not own any private-label brands; therefore, we do not maintain chemical composition testing mechanisms for in-house products.

(2)  For third-party branded products, there is currently no mechanism to screen or select products that have obtained third-party chemical composition certifications. However, during procurement, we require suppliers or agents to fulfill their product information disclosure obligations and provide declarations or certificates regarding the use of chemicals and hazardous substances in supplied or represented products.

●  Multiline and Specialty Retailers & Distributors

●  Product Sourcing, Packaging & Marketing

Unit of

Measurement

1.  Compliance with the Ministry of Environment’s “Entities Subject to Online Shopping Packaging Restrictions and Implementation Methods”:

(1)  Implementation Requirements for Packaging Material Restrictions:

•  Packaging materials must not contain polyvinyl chloride (PVC).

•  The recycled content ratio of corrugated cartons (boxes), paperboard products, and molded pulp packaging used for paper-based packaging boxes (bags) must reach 90% or above.

•  Plastic packaging boxes (bags) and cushioning materials must contain at least 25% recycled content.

(2)  Product-to-Packaging Weight Ratio Requirements:

•  For goods weighing 250 grams to less than 1 kilogram, the packaging weight ratio must be less than 40%.

•  For goods weighing 1 kilogram to less than 3 kilograms, the packaging weight ratio must be less than 30%.

•  For goods weighing 3 kilograms or more, the packaging weight ratio must be less than 15%.

•  Packaging Weight Ratio= [Weight of Online Shopping Packaging Materials ÷ (Weight of Online Shopping Packaging Materials + Total Product Weight)] × 100%.

2.  Implementation Measures:

(1)  No PVC-containing packaging materials are used; current materials include OPP (adhesive tape) and HDPE (cushioning materials for inner cartons).

(2)  The recycled content ratio of corrugated cartons (boxes), paperboard products, and molded pulp used in paper-based packaging boxes (bags) has reached 95% or above.

Unit of

Measurement

(3)  Cushioning materials contain 30% recycled content and are certified under the Global Recycled Standard (GRS).

(4)  Conduct statistical analysis of packaging weight ratio data and produce corresponding reports.

Performance and Outcomes:

(1)  Recognized by the Ministry of Environment as a certified Online Shopping Packaging Reduction Label enterprise. (A total of 22 B2C platforms in Taiwan have obtained this certification.)

(2)  All current packaging materials used by the Group exceed the government’s regulatory requirements.

(3)  Reduced waste generated from logistics packaging, thereby mitigating environmental impacts and resource consumption.

●  Software and Information Services

●  Environmental Footprint of Hardware Infrastructure

Unit of

Measurement

●  Software and Information Services

●  Data Privacy & Freedom of Expression

●  Software and Information Services

●  Recruitment and Managing a Global, Diverse, and Skilled Workforce

●  Software and Information Services

●  Recruitment and Managing a Global, Diverse, and Skilled Workforce

Percentage of:

(1)  gender and

(2)  diversity group representation for

(a)  executive management,

(b)  non-executive management,

(c)  technical employees, and

(d)  all other employees

●  Semiconductors

●  GHG emissions

(1)  Total global scope 1 emissions, and

(2)  total emissions from perfluorinated compounds (PFCs)

(1) 1,571.06

(2) 1050.20

●  Semiconductors

●  GHG emissions

Unit of

Measurement

•  Scope 1 and Scope 2 carbon emissions in 2030 are projected to decrease by 8–15% compared with the base year.

●  Semiconductors

●  Waste Management

(1)  Amount of hazardous waste from manufacturing,

(2)  percentage recycled

metric tonnes (t),

Percentage (%)

(1) 457.18

(2) 98.81%

●  Semiconductors

●  Product Lifecycle Management

●  Semiconductors

●  Product Lifecycle Management

Processor energy efficiency at a system-level for:

(1) servers,

(2) desktops, and

(3) laptop

●  Semiconductors

●  Materials Sourcing

Supplier Risk Identification:

The Group conducts annual risk assessments of raw material suppliers to determine their risk levels. In 2025, a total of 26 suppliers underwent risk identification (4 key suppliers and 22 important suppliers), with evaluation criteria including quality, delivery performance, information security, and sustainability factors. Based on the risk assessment mechanism, certain supplier products were identified as requiring enhanced management. In accordance with the supplier risk assessment and rolling management principles, a Second Source mechanism was activated to ensure timely adjustment of supply allocations, thereby maintaining operational and quality stability.

Unit of

Measurement

In 2025, all products supplied to customers by the Group were confirmed to be conflict-free metal products.

During the manufacturing process, 29 raw materials containing gold, tin, tantalum, and cobalt were used. The Group conducted inquiries and surveys with the suppliers of these raw materials. All suppliers completed the CMRT to verify that the gold, tin, tantalum, and cobalt contained in the materials used for production originated from RMAP-audited conflict-free smelters/refiners. In 2025, no suppliers were found to be in violation or disqualified.

Prohibited Substances:

The Group promotes halogen-free raw materials for customer selection. Due to product requirements, some materials containing restricted substances are still used; however, in alignment with increasing environmental awareness and global sustainability trends, the Group actively develops and researches raw materials free of restricted substances. The Group has implemented an SCM Supplier Master Data Platform. When a new supplier is added, the procurement unit manages hazardous substances under RoHS and Halogen-Free (HF) requirements for direct raw materials, requiring suppliers to submit relevant test reports prior to ordering. The Group verifies report contents and validity, and green product test reports are incorporated into the supplier master data system for ongoing management.

Unit of

Measurement

●  Telecommunication Services

●  Activity Metrics

TC-TL-000.A

TC-TL-000.B

TC-TL-000.C

TC-TL-000.D

(1)  Number of wireless subscribers

(2)  Number of wireline subscribers

(3)  Number of broadband subscribers

(4)  Network traffic

(1)  Number (10,000 subscribers)

(2)  Number (10,000 subscribers)

(3)  Number (10,000 subscribers)

(4) Terabyte (TB)

(1)  1123.9

(2)  1,064.5 (Local network: 863.4; MOD: 201.1)

(3)  824.1 (Broadband access: 444.9: Internet: 379.2)

(4) (a) This information is confidential and cannot be disclosed. (b) Regarding network traffic data reported to the National Communications Commission (NCC), such as quarterly mobile internet traffic, fixed-network operator connection bandwidth and peak traffic volume, and annual fixed broadband internet traffic, all are considered trade secrets and cannot be provided. (c) For interconnection traffic statistics, please refer to the Internet Exchange Center statistics published by the National Communications Commission.

●  Multiline and Specialty Retailers & Distributors

●  Activity Metrics

(1)  Number of retail locations, and

(2)  Number of distribution centers

Number

Square meters

(m²)

(1) 817

(2) 4

(1)  Total area of retail spaces, and

(2)  Total area of distribution centers

(1) 96,488.96

(2) 9,897.54

●  Software & IT Services

●  Activity Metrics

(1)  Number of licensed or subscribed users, and

(2)  Percentage cloud-based

(1) Quantity

(2) Percentage (%)

(1)  Data processing capacity, and

(2)  Percentage outsourced

(1) Sales Volume

(2) Percentage (%)

Unit of

Measurement

(1)  Data storage volume, and

(2)  Percentage outsourced

(1)  Terabyte (TB)

(2)  Percentage (%)

●  Semiconductors

●  Activity Metrics

TC-SC-000.A

TC-SC-000.B

Production Volume

Percentage (%)

Table 5-2-1 Telecommunication Services – Average Actual Download Speed

1. Fixed Network and Data Communications – 2025 Measured Line Speeds for ADSL Broadband Installations and HiNet Internet Data Rates (Measured Monthy)

2. Fixed Network and Data Communications – 2025 Measured Line Speeds for FTTx Broadband Installations and HiNet Internet Data Rates (Measured Monthly)

3. Mobile Communications (Please refer to the official website)

Table 5-2-2 Recruitment and Management of a Global, Diverse, and Skilled Workforce