Fundamentals of Corporate Sustainability

Risk & Crisis Management

Risk and Crisis Management

Risk

Inefficient risk management can have a direct impact on the Company's finances and reputation, as well as its ability to obtain future business licenses. Additionally, it can have adverse effects on the environment and endanger the health and safety of the Company’s stakeholders and their property, and its consequences can lead to negative impact on the Company's reputation and may result in resistance to future business expansion.

Opportunity

Effective risk management is a key mechanism that helps companies grow sustainably, quickly sense and respond to any risks arising from the current uncertainty and adapt to a rapidly changing business environment. Moreover, effective risk management allows companies to identify new business opportunities through the development of risk mitigation strategies. 

Risk Management Structure

The Company's risk management is under the supervision of the Board of Directors, with the Risk Management Committee being responsible for establishing an effective risk management policy and approach, as well as overseeing the Enterprise Risk Management Working Committee to ensure their operations are appropriate for the current business context and situations. The Risk Management Committee is composed of seven members, including the Company's directors and senior executives, with an independent director serving as its chairman. (For more details about Risk Management Structure please see 56-1 One Report, “Corporate Governance Structure” and “Risk Management” Section.) 

To drive effective risk management throughout the organization and respond to the Company's risk and crisis management policy, the Risk Management Committee appointed an Enterprise Risk Management Working Committee. The committee consists of 24 members, including management representatives from various departments and managing directors of subsidiary companies. The chairperson of the committee is the Senior Vice President of Accounting, Tax, and Finance, Investor Relations, and Information Technology. The roles and responsibilities of the committee are as follows: 

  1. Assessing key corporate risks aligned with the Company’s business direction and risks in business value chain such as strategic risk, risks from investment and business development in Thailand and other countries, operational risk covering health, safety, social and environmental aspects, financial risks, compliance risks, and other risks that may impact the Company. Providing suggestions on risk prevention and mitigation to an acceptable level.

  2. Monitoring, evaluating and continuously improving risk mitigation plans to reduce risks and suit to business conditions. Regularly reporting the risk assessment and risk management performance to the Risk Management Committee.

  3. Setting up a business continuity plan at the corporate level to address key risks.

  4. Providing training and workshops, sharing information about risks and risk management with employees at all levels, and promoting a corporate risk culture. 

As risk management is the responsibility of employees at all levels, they must be aware of the existence of risks in the business value chain and their work processes and provide appropriate and sufficient risk management measures. Therefore, all departments in the Company and its subsidiaries have appointed risk coordinators in operational levels to work together with the Enterprise Risk Management Working Committee and the Corporate Strategy and Risk Management Division in identifying and assessing risks, preparing and evaluating risk mitigation plans, and promoting risk awareness, and employee participation in their respective departments. 

Management Approach

The Company has established a corporate risk management process that aligns with international standards to effectively manage all risks. Risk management must be consistently implemented across the organization and integrated into decision making, strategic planning, and business operations. Additionally, it must support the achievement of business objectives and goals. 

The Company followed the guidelines of the Committee of Sponsoring Organizations of the Treadway Commission (COSO) for conducting Enterprise Risk Management and conducted an annual corporate risk assessment. This assessment took into account current and emerging risks, economic conditions, competition, innovation, technology development, government policies and regulations, and social and environmental changes that may affect its operations. After identifying and assessing risks, the Company prepared appropriate risk mitigation plans, determines key risk indicators (KRIs), and defined a risk appetite to monitor the performance and effectiveness of its risk management measures, including potential business opportunities that may arise from these risks. The Company assigned the enterprise risk owners to develop risk management plans and determine key risk indicators. 

The Enterprise Risk Management Working Committee monitors the results of the risk responses and the situations that cause the risks, and reports the findings at the Strategic Management Meeting which consists of the Chairman, all Chief level executives, and Managing Directors of subsidiary companies, and further report to the Board of Directors.  

The Company aims to enhance employee involvement in risk management because it is an integral part of all levels of operations.  The Company therefore increases awareness and the corporate culture of risk management among employees at all levels by providing knowledge through activities such as training, etc. 

Performance

In 2022, the Company conducted a reassessment of enterprise risks to ensure consistency with corporate strategic plans and targets, global and technological trends, and changing environmental and social contexts. The Company emphasized ESG-related risks and emerging risks which are its strategic priorities. The Enterprise Risk Management Working Team categorized the risks into five categories: Strategic Risk, Operational Risk, Compliance Risk, Financial Risk, and Emerging Risk. The team also reassessed and reviewed the risk management plans and key risk indicators (KRIs) to monitor these risks. The Company aims to expand risk management to the business unit level across the Company. 

Emerging Risk

According to the Company's risk assessment, one important emerging risk that could affect the Company's business operations in the next 3-5 years is the risk from the new lifestyle after the COVID-19 pandemic (Next Normal). Although it has not yet directly affected the Company, the Company is aware of the potential influence of future changes resulting from this risk. Therefore, it has been upgraded to an enterprise risk that requires close monitoring to provide insights for analysis, improve corporate strategic plans, and continuously adjust action plans. 

Risk from Responding to Behavioral and Demand Changes in the Next Normal 

Next Normal refers to the changes in daily lifestyle for people of all genders and ages. The behaviors and attitudes in life are no longer the same after adapting to the COVID-19 pandemic. Therefore, the perspectives and demands of the Company's stakeholders have changed due to the new lifestyle and business management. The Company expects that the Next Normal will be a catalyst for changing global trends in various aspects, including product demand, commercial policy, changes in the supply chain, labor work, innovation, production technology, and human resource management, among others. This may affect operators in the industrial estates who must adapt and prepare to cope with the situation. Investors may need to adjust their business policies, which may cause delays or additional demand to make investment decisions in AMATA. The Next Normal may have a direct impact on the Company's revenue if the Company fails to adapt to the changes in demand and services and does not rapidly respond to customer needs while managing the company's human resources appropriately. 

In response to emerging risks, the Company has been continuously monitoring changes at the country and worldwide levels, as well as assessing the impact on its factory customers inside industrial estates through in-depth interviews. This allows the Company to assess the risks that changes in customer demand could impact AMATA's business operations. The Company has developed appropriate risk management measures and continually assesses the risk factors in the current context. Moreover, the Company has changed its business model for foreign partners to enable continuous operations, while also monitoring the changing needs, expectations, and concerns of both internal and external stakeholders. By analyzing the collected data, the Company can determine appropriate measures to address these changes. 

Promotion of Risk Management Culture

The Company places importance on the participation of executives and employees in its risk management efforts, particularly in managing risks related to their respective duties and responsibilities. The Company requires that the risk management system be integrated into daily operations and eventually become part of its corporate culture. In addition to the department and subsidiary executives, risk coordinators also play a critical role in driving the risk management efforts. They attend meetings with the Enterprise Risk Management Working Committee and transmit the message to other employees at the operational level. 

The Company conducted four approaches to promote a corporate risk management culture across all staff levels, which are: 1) EDUCATE: Promotion of knowledge and understanding, 2) PARTICIPATE: Promotion of participation, 3) MANAGE: Systematic risk management, and 4) ENCOURAGE: Integration of risk management into daily work. 

1. EDUCATE: Promotion of knowledge and understanding on Enterprise Risk Management

The Company recognizes that the knowledge and understanding of all staff is a key factor in achieving efficient corporate risk management and meeting risk management objectives. To this end, the Company organized workshops and special lectures on topics relevant to each risk category. Additionally, the Company plans to hold regular special lectures and trainings each year. 2022 performance are as the following: 

  • Training on Transformation Process to Circular Economy in Business Practice to create awareness of risks related to changes in customer needs related to the circular economy. 

  • Training on “Climate Calculation for Weather Forecasting Tool Development in order to cope with floods and droughts. 

  • Annual training on “Cyber Security Awareness for executives and employees by Cyber Security experts. 

  • Training on Corporate Governance & Anti-Corruption for employees and management. 

  • Training on “Employee and Community Engagement” to create understanding and awareness of communication and feedback from the community, which is considered a risk for the organization.  
2. PARTICIPATE: Promotion of participation.

  • The Company held 24 virtual workshops for the Enterprise Risk Management Working Committee, which is comprised of senior executives, department executives, and operational staff, throughout the year. The objectives of these
    workshops were to follow up on corporate risk management, identify risk indicators and risk appetite, assess the level of residual risk after risk control measures were implemented, and develop an additional Risk Mitigation Plan. Goal setting, risk indicators, and ongoing progress monitoring were also included in the workshop.

3. MANAGE: Systematic Risk Management
  • The Company has adopted “The Committee of Sponsoring Organization” or COSO for Enterprise Risk Management approaches and set to have systematic internal control in accordance with the three Lines of Defense concept which consists of 1st Line of Defense (risk owner who is responsible for risk management), 2nd Line of Defense (Corporate Strategy and Risk Management Department who sets guidelines and standards of risk management and follow up the operation), and 3rd Line of Defense (Internal Audit Division who independently audits the efficiency of the enterprise risk management system). The risk management performance will be reported monthly to senior executives and to Risk Management Committee.

  • In 2021, the Company reported the performance of enterprise risk management to senior executives and Risk Management Committee 12 times and 5 times, respectively.
4. ENCURAGE: Integration risk management into daily work
  • The Company has set the achievement of enterprise risk management as a key performance indicator (KPI) for the Company and senior executives, which will be evaluated every 6 months. This is also linked to the KPIs of units that are risk owners. 

Start building the Future
with Amata

Talk With Our Consultants
AMATA

Contact us for more details.

Thailand
+66 38 939 007
Vietnam

+84 251 3991 007 (South)
+84 203 3567 007 (North)

Myanmar
+95 1 230 5627
Laos

+85 620 5758 0007

© AMATA CORPORATION PCL. All rights reserved.  Web by Toneyes  Web by Toneyes

Contact us