Risk and Crisis Management
Commitment
To efficiently manage all material risks, including ESG risks, and instill a risk culture throughout the Bank to support its resiliency to crises and to achieve sustainable growth
Materiality
Risk and crisis management is a key factor that helps businesses to prevent and mitigate various negative impacts resulting from economic, social and environmental changes. Therefore, the Bank deems it important to ensure prudent and comprehensive risk management in order to tackle various risk factors appropriately, while looking for opportunities from these changes to enhance our business competitiveness. We have formulated the risk management policy, framework, structure and guidelines for each major risk, prepared business contingency and business continuity plans, systematically analyzed and assessed major risk factors, and continually improved our risk management process. We have also nurtured a strong risk culture across the organization to ensure efficient and effective risk management mechanisms are in place and able to respond to emergencies appropriately and promptly.
Management Approach
Risk Management
Our foundational risk management principle is to conduct a business that delivers satisfactory and sustainable returns and maintains risks within specified levels. We place importance on managing significant risks and continually monitoring situations while assessing business opportunities arising from changes in the business environment. We have established a risk management framework that consists of a risk management policy, risk appetite statement and risk management processes supported by regular reporting of different types of risks to senior executives, the management team, the Risk Oversight Committee and other related committees. Our risk management covers all major risks, including strategic risk, credit risk, market risk, liquidity risk, operational risk, information technology risk, reputational risk and compliance risk. We also take into account those risks resulting from environmental and climate change factors, both physical risks and transition risks, that are material in the context of the Bank’s conduct of business. Moreover, we consider emerging risks that may affect the Bank’s business in the distant future so we can stand prepared to manage such risks in a timely fashion.
To ensure we maintain adequate and appropriate risk management that is consistent with changes in the business environment, we continuously update risk management guidelines; for example, the inclusion of environmental and climate change factors into the Bank’s risk management policy, the development of a process for monitoring and reporting early warning indicators of capital and liquidity levels; the incorporation of new significant risks such as climate change risk into the risk and capital adequacy assessment in the Internal Capital Adequacy Assessment Process (ICAAP). In 2024 the Bank participated in the Bank of Thailand’s Climate Stress Test pilot project to assess the financial impact under the physical climate risk scenario (flood) set by the Bank of Thailand. We regularly review the appropriateness of our risk management framework and assess the adequacy of our capital funds.
We review the appropriateness of our risk management policy and risk management system annually or as a significant change emerges, and monitor risks to be within acceptable levels, taking into account the business context, economic situation and trends, and organizational culture. In 2024, the capital adequacy ratio of the Bank’s financial business group level was 20.35 percent, which is higher than the criteria set by the the Bank of Thailand and considered sufficient for the Bank’s operations.
Risk Governance Structure
To ensure our risk management mechanisms are efficient and effective and align with the risk management policy approved by the Board of Directors, we have put in place the following risk governance structure that connects directors, management members, the Risk Management Division, and the Credit Management Division to business units, with each of the concerned parties tasked with the following duties and responsibilities:
Board of Directors has a duty and a responsibility to oversee all risks in the organization, play a key role in formulating the risk management policy and strategy, and monitor the Bank’s risks to be within an acceptable level.
Board of Executive Directors is in charge of duties assigned by the Board of Directors such as credit approval, debt restructuring and investment, and other undertakings of the Bank.
Risk Oversight Committee has a duty to support the Board of Directors in overseeing risk management in accordance with the Bank’s risk management policy and strategy, and to report the risk management performance to the Board of Directors.
Committees at management level responsible for managing specific types of major risks have a duty to support the Risk Oversight Committee in managing major risks the Bank is facing, namely:
Crisis Management
To ensure that the Bank’s business is able to continue to operate without interruption during emergency situations such as natural disasters, fires, terrorist attacks and pandemics, we have established a Business Continuity Policy approved by the Board of Directors as a guideline to mitigate risks and prevent and minimize potential impacts on normal business operations. In addition, a business continuity management framework has been developed to cover business undertakings during both normal and crisis situations while also ensuring that adequate information and reporting will be timely and regularly communicated to concerned parties. We have established the Crisis Management Team to take charge during crises, require all units to routinely prepare and review their business continuity plans, and conduct regular drills of the plans every year to ensure readiness for potential emergency situations. Note that we conduct risk assessments and review business continuity plans annually, covering all risks that are significant to the Bank’s operations including risk to public health such as pandemics.
Furthermore, we put in place financial stability management in case of a liquidity crisis by carrying out an internal capital adequacy assessment process and preparing a liquidity contingency plan to prepare in advance for potential future issues related to capital and liquidity adequacy. Moreover, every year a liquidity crisis drill is conducted to test the contingency plan and ensure that personnel in related units understand each step in the plan and are able to execute the plan effectively when there is an emergency.
Our foundational risk management principle is to conduct a business that delivers satisfactory and sustainable returns and maintains risks within specified levels. We place importance on managing significant risks and continually monitoring situations while assessing business opportunities arising from changes in the business environment. We have established a risk management framework that consists of a risk management policy, risk appetite statement and risk management processes supported by regular reporting of different types of risks to senior executives, the management team, the Risk Oversight Committee and other related committees. Our risk management covers all major risks, including strategic risk, credit risk, market risk, liquidity risk, operational risk, information technology risk, reputational risk and compliance risk. We also take into account those risks resulting from environmental and climate change factors, both physical risks and transition risks, that are material in the context of the Bank’s conduct of business. Moreover, we consider emerging risks that may affect the Bank’s business in the distant future so we can stand prepared to manage such risks in a timely fashion.
To ensure we maintain adequate and appropriate risk management that is consistent with changes in the business environment, we continuously update risk management guidelines; for example, the inclusion of environmental and climate change factors into the Bank’s risk management policy, the development of a process for monitoring and reporting early warning indicators of capital and liquidity levels; the incorporation of new significant risks such as climate change risk into the risk and capital adequacy assessment in the Internal Capital Adequacy Assessment Process (ICAAP). In 2024 the Bank participated in the Bank of Thailand’s Climate Stress Test pilot project to assess the financial impact under the physical climate risk scenario (flood) set by the Bank of Thailand. We regularly review the appropriateness of our risk management framework and assess the adequacy of our capital funds.
We review the appropriateness of our risk management policy and risk management system annually or as a significant change emerges, and monitor risks to be within acceptable levels, taking into account the business context, economic situation and trends, and organizational culture. In 2024, the capital adequacy ratio of the Bank’s financial business group level was 20.35 percent, which is higher than the criteria set by the the Bank of Thailand and considered sufficient for the Bank’s operations.
Risk Governance Structure
To ensure our risk management mechanisms are efficient and effective and align with the risk management policy approved by the Board of Directors, we have put in place the following risk governance structure that connects directors, management members, the Risk Management Division, and the Credit Management Division to business units, with each of the concerned parties tasked with the following duties and responsibilities:
Board of Directors has a duty and a responsibility to oversee all risks in the organization, play a key role in formulating the risk management policy and strategy, and monitor the Bank’s risks to be within an acceptable level.
Board of Executive Directors is in charge of duties assigned by the Board of Directors such as credit approval, debt restructuring and investment, and other undertakings of the Bank.
Risk Oversight Committee has a duty to support the Board of Directors in overseeing risk management in accordance with the Bank’s risk management policy and strategy, and to report the risk management performance to the Board of Directors.
Committees at management level responsible for managing specific types of major risks have a duty to support the Risk Oversight Committee in managing major risks the Bank is facing, namely:
- Asset-Liability Management Committee (ALCO) monitors and oversees management of market risk and liquidity risk.
- Operational Risk Management Committee (ORMC) monitors and oversees operational risk and information technology risk, including operational risk resulting from climate change, as well as supervises the business continuity of the Bank.
Risk Management Division has a duty to support the Risk Oversight Committee and work with relevant parties to evaluate, monitor and control risks to be within acceptable levels, as well as report risk positions to relevant parties and senior management on a regular basis.
Credit Management Division has a duty to manage credit risk and oversee and monitor credit approval according to the Bank’s credit policy. The division consists of different units which are the Credit Policy Unit, the Credit Acceptance Unit, the Portfolio Management Unit, the Risk Asset Review Unit, the Special Credit Management Unit, the Loan Recovery and Legal Unit, and the Bank’s Property Unit.
Business Units are responsible for managing risks of their own units to be within the approved levels and in accordance with the risk management policy of the Bank.
The Bank has adopted the “three lines of defense” principle in determining the structure, roles, duties and responsibilities in risk governance to ensure segregation of duties and independence in risk management, while promoting audits and a checks and balances mechanism to oversee comprehensive and effective risk governance.
Crisis Management
To ensure that the Bank’s business is able to continue to operate without interruption during emergency situations such as natural disasters, fires, terrorist attacks and pandemics, we have established a Business Continuity Policy approved by the Board of Directors as a guideline to mitigate risks and prevent and minimize potential impacts on normal business operations. In addition, a business continuity management framework has been developed to cover business undertakings during both normal and crisis situations while also ensuring that adequate information and reporting will be timely and regularly communicated to concerned parties. We have established the Crisis Management Team to take charge during crises, require all units to routinely prepare and review their business continuity plans, and conduct regular drills of the plans every year to ensure readiness for potential emergency situations. Note that we conduct risk assessments and review business continuity plans annually, covering all risks that are significant to the Bank’s operations including risk to public health such as pandemics.
Furthermore, we put in place financial stability management in case of a liquidity crisis by carrying out an internal capital adequacy assessment process and preparing a liquidity contingency plan to prepare in advance for potential future issues related to capital and liquidity adequacy. Moreover, every year a liquidity crisis drill is conducted to test the contingency plan and ensure that personnel in related units understand each step in the plan and are able to execute the plan effectively when there is an emergency.
Risk Culture
We have built a risk culture throughout the organization to strengthen the Bank’s immunity against risks associated with conducting business in a rapidly changing environment by ensuring all executives and employees are aware of their risk management roles and responsibilities pertaining to their own and the Bank’s overall operations. We also monitor and control risks in line with the Three Lines of Defense principle. We build a risk culture through the following actions:
Participation in Building Risk Culture: We encourage everyone in the organization to take part in risk management while the Board of Directors and senior executives play an important role in fostering an effective organizational risk culture through formulating the risk management policy and strategy as well as overseeing that these are duly implemented. All employees are required to take ownership of and share in the responsibilities in managing the Bank’s risks under the Three Lines of Defense principle. We also require all business units to evaluate relevant risk issues in accordance with risk assessment principles, internal controls, and other related policies of the Bank while providing various channels to receive comments and suggestions related to risk issues from employees at all levels to promote the participation of everyone in the organization.
Risk-aware Product and Service Development: We require those business units responsible for the development of products, services, work systems and work processes to consider potential risks and impacts to the Bank and related stakeholders. Business units are required to undertake a risk and impact assessment according to the Bank’s criteria in areas such as finance, information security, personal data privacy protection, anti-money laundering and combatting the financing of terrorism and the proliferation of weapons of mass destruction, market conduct, and laws and regulations. Appropriate measures to mitigate such risks are put in place accordingly.
Performance Evaluation Linked to Risk Management Performance: The Bank has included risk indicators as part of the performance evaluation of those executives in risk management-related units, and one of the factors used to consider their financial remuneration such as bonuses and special compensation.
Raising Risk Awareness and Building Risk Management Capability: We have offered risk management training programs through an online platform for directors, executives and employees, and have made important risk management courses mandatory, such as Personal Data Protection, Prevention of Cyber Threats, Market Conduct, Anti-Money Laundering and Combatting the Financing of Terrorism and Proliferation of Weapons of Mass Destruction. We require directors to attend training courses related to the management of the Bank’s major risks on a yearly basis, such as Cybersecurity, Personal Data Protection, and Transition to a Digital Economy.
In 2024, we focused on providing knowledge related to the impacts of climate change, the challenges of the transition to a low-carbon economy, and climate risk management. This was done through continuous learning activities which were attended by the Bank’s directors, executives and employees of various units.
Task Force on Climate-related Financial Disclosures
Globally, we are facing extreme climate-change such as storms, floods, heat waves and droughts that are more frequent and severe. Therefore, more sectors are concerned and give priority to the reduction of greenhouse gas emissions and the transition to a low-carbon society to alleviate potential impacts and build resilience to climate change for both business sector and household sector. This change can be viewed as both risk and opportunity for businesses while businesses that can adapt well will be immune to risks and are able to cash in on opportunities compared with their competitors. The Bank recognizes the importance of risks and opportunities arising from climate change for its customers and the Bank. Therefore, we consistently monitor the situation as well as focusing on strengthening the capacity to assess climate risks and opportunities, both physical and transitional so that the Bank can appropriately manage risks and implement various measures to tackle the impacts of climate change on its business as well as providing financial support to activities or projects that help all sectors reduce or mitigate the impacts of climate change. The Bank prepared this report based on the recommendations of the Task Force on Climate-Related Financial Disclosures (TCFD), to disclosing information on our organization's climate management that complies with international standards.
This Website uses cookies to provide you with the best experience and to improve the Bank’s website services in order to better serve your requirements. You can find the details about cookies use on
Cookies Policy
