Risk Management Approach
The company recognizes the importance of risk management and promotes the management of risks throughout the value chain of all its businesses across all dimensions to acceptable levels. This enables the company to operate according to the established strategic plan. In addition to operational risks, the company also emphasizes environmental, social, and governance (ESG-related) risks that could potentially harm the achievement of the company’s long-term objectives and goals.
The company has established a 'Risk Management Policy' and a risk management manual that are reviewed and updated annually to align with current circumstances. In terms of enterprise risk management, the company utilizes the risk management framework from the Committee of Sponsoring Organizations of the Treadway Commission (COSO), incorporating both the COSO ERM 2017 (Enterprise Risk Management Integrating with Strategy and Performance) and COSO ESG 2018 (Enterprise Risk Management – Applying Enterprise Risk Management to Environmental, Social, and Governance-related Risks) as guidance for its corporate risk management practices, tailored to fit the company’s operations to ensure risk management at all levels and connection throughout the organization.
The company has assigned a Risk Management Committee, consisting of 2 independent directors, 2 executive directors, and 1 senior executive, totaling 5 members, with the independent director serving as the chairperson. This committee is responsible for establishing policies and practices for risk management, overseeing and monitoring existing risk management, and considering anticipated risks from economic conditions, business competition, technological development, cultural changes, legal regulations, as well as transition risks that may impact future business operations.
To ensure that all executives and employees participate in the organization’s risk management, the company has formed a risk management working group comprising 29 representatives from all departments. The group is chaired by Mr. Nattaporn Inprakhon, Assistant Deputy Chief Executive Officer of Procurement and Warehouse Management, and its role is to collaboratively identify and assess significant risks across the organization, track the implementation of risk management and control measures, and summarize performance reports for the Risk Management Committee on a monthly basis.
Additionally, the company conducts regular audits of internal control systems and the effectiveness of the risk management system, identifying risks within internal processes through an external third-party internal auditor. Ms. Pirada Tonhangsa, Assistant Deputy Chief Executive Officer of Organizational Development, is responsible for coordination, and internal control system audits are conducted quarterly.
Risk Management Process
The company manages organizational risks by establishing a process aligned with the international standards of COSO ERM 2017 and COSO ESG 2018. The focus is on comprehensive risk management that covers the four main types of risks: strategic, operational, financial, and compliance with regulations and anti-corruption, while also expanding the scope of risk management to include environmental, social, and governance (ESG-related risks) as well as emerging risks that could impact the achievement of the company’s objectives and goals in the short, medium, and long term. The risk management process includes the following steps:
The company conducts a review of significant organizational risks at least once a year to consider emerging risks or changes to existing risks that may arise due to shifts in the economic environment, regulations, or technology. This review provides management with sufficient information to formulate strategies and make informed decisions. The assessment of risk management effectiveness and monitoring of risk management across all departments ensures that risk management is conducted efficiently and effectively, supporting the company in achieving its defined objectives and goals.

2025 Performance
In 2025, the company conducted a comprehensive risk assessment across the entire organization, covering all departments (100%). The risk prioritization revealed several significant organizational risks that may impact the company's operations, as follows:
| Type of Risk | Economic Risk | Environmental Risk | Social Risk | Governance Risk |
|---|---|---|---|---|
| Strategic Risk |
|
|
|
|
| Operational Risk |
|
|
|
|
| Financial Risk |
|
|||
| Compliance Risk |
|
|
Business Continuity Management
The production process in the natural rubber industry is highly integrated at every stage—from raw material receiving and quality inspection to manufacturing, warehousing, and final delivery. Consequently, any disruption in a single stage can impact the entire production line, delivery capabilities, operational costs, and the confidence of customers and stakeholders. Potential disruptions may arise from external factors, such as natural disasters, emerging diseases, supply chain uncertainties, or local emergencies, as well as internal factors like machinery breakdown, utility failures, labor shortages, fire, or other workplace accidents.
To manage these risks, the company has implemented Business Continuity Management (BCM) by developing an Emergency Response Plan (ERP) and a Business Continuity Plan (BCP). These frameworks prepare the organization to prevent, mitigate, respond to, and recover operations from events that could cause business interruption. The plans define roles and responsibilities, assess impacts on critical processes, establish internal communication protocols, ensure personnel safety, and allocate the necessary resources to sustain operations during a crisis.
The Company has established specific measures to address emergencies that may affect production, including maintaining firefighting equipment, fire suppression systems, and clearly designated evacuation routes; training dedicated emergency response teams and communicating emergency protocols to all employees and relevant stakeholders; and coordinating with external agencies, such as the Provincial Electricity Authority (PEA), to receive advance notice of power outages, thereby enabling proactive production planning and schedule adjustments.
Regarding machinery and equipment readiness, the company conducts Preventive Maintenance (PM) according to scheduled cycles and continuously monitors the condition of production support systems. Critical spare parts are maintained in inventory to minimize the likelihood of downtime. Furthermore, the company prioritizes workforce management by preparing cross-functional personnel for key processes to ensure a prompt response to unexpected events.
The company regularly reviews and updates its Business Continuity Plan to align with evolving risks, emerging threats, and lessons learned from past incidents, such as fire events. These insights are utilized to enhance organizational readiness in prevention, response, and recovery. Ultimately, these efforts aim to protect employees, assets, and production processes while ensuring seamless delivery and maintaining service continuity for our customers.
Promoting a Risk Management Culture
Risk Management Knowledge and Skills Development
The company focuses on enhancing the capabilities of employees across the organization by providing knowledge and understanding of risk management as part of the employee development plan. This includes conducting training on risk management that encompasses risks related to the environment, society, and governance (ESG). This training aims to ensure that employees at all levels within the company are aware of, recognize, and understand the various risks facing the organization so they can apply this knowledge in their daily operations. In 2025, the company implemented initiatives to promote a risk management culture within the organization as follows:
- On June 29-30, 2025, the company conducted a training course on risk management according to international standards (ISO 31000:2018) for the risk management working group, executives, and employees from all departments. The training was led by an expert instructor from the Accounting Professionals Association, with the objective of enhancing knowledge and understanding of risk management and enabling attendees to apply the principles of risk management in the company's operations and their daily work. A total of 72 employees participated in the training.


- On August 21, 2025, the company organized an Enterprise Risk Management (ERM) Workshop for the Risk Working Group, executives, and employees from all departments, with a total of 58 participants. The session was conducted by expert speakers from Ignifier Co., Ltd. The primary objective was to strengthen knowledge and understanding of ERM principles and processes, covering risk identification, root cause and impact analysis, risk assessment, prioritization, monitoring, and the formulation of appropriate control measures and risk management plans. This workshop empowered participants to systematically apply these concepts to their respective responsibilities in alignment with the company’s business context. Ultimately, the initiative encourages the integration of risk management into the decision-making processes and daily operations of every department.

Integrating Risk Management into Operations
- The company integrated risk management as part of its strategic planning, project development, and operational activities to achieve the defined objectives, goals, and strategies. It was also a critical component in decision-making for investments in various projects, such as major capital-intensive projects. The Risk Management Committee was involved in reviewing and providing feedback on the adequacy of risk assessments and risk management measures, serving as input for the Board of Directors' investment approval decisions. The committee systematically monitored project progress to ensure that the company's investment projects were executed according to the established plans and evaluates completed projects to continuously improve project management.
- The company managed organizational risks by holding meetings of the Risk Management Working Group, which includes senior executives, departmental managers, and operational staff, to monitor organizational risk management. Additionally, specific risk indicators and risk appetite were established, along with a Risk Mitigation Plan, which includes setting targets and performance indicators. Continuous monitoring and evaluation of the risk level after implementation were conducted to closely identify control measures. The outcomes were reported to the Risk Management Committee monthly.
- The company set performance indicators for the organization and the operational results of senior executives to align with organizational risks or risk indicators, linking them with the performance indicators of the responsible risk management units. This ensured effective monitoring and evaluation of control measures and risk management plans in accordance with the organization’s core strategies. The responsible departments set performance indicator targets that were aligned with risk indicators. For example, regarding the risk of transitioning to a low-carbon society, the company set a target to reduce greenhouse gas emissions from the 2021 baseline and aimed for carbon neutrality by 2030. Accordingly, it undertook improvements and modifications in processes and equipment, as well as implemented technologies to enhance production efficiency and energy use, thereby reducing greenhouse gas emissions from its production processes and decreasing reliance on fossil energy by increasing the use of renewable energy from solar and biomass sources, among others.