
Online Banking
Personal
- Bualuang iBanking
- Bualuang iBanking
- Bualuang iBanking
- Mobile Banking
- Mobile Banking
- Mobile Banking
- Bualuang iFunds
Commitment
Materiality
Risk Management Division has a duty to support the Risk Oversight Committee and work with relevant parties to evaluate, monitor and control risks to be within acceptable levels as well as reporting risk positions to relevant parties and senior management on a regular basis.
Credit Management Division has a duty to manage credit risk, and oversee and monitor credit approval according to the Bank’s credit policy. The division consists of various units, namely the Credit Policy Unit, the Credit Acceptance Unit, the Portfolio Management Unit, the Risk Asset Review Unit, the Special Credit Management Unit, the Loan Recovery and Legal Unit, and the Bank Property Unit.
Business Units carry out business activities that assume risks and are responsible for managing risks of their own units to be within the approved levels and in accordance with the risk management policy as approved by the Board of Directors.
To ensure that risk governance is efficient and effective with proper checks and balances, we have adopted the “three lines of defense” principle with the three lines independent from each other to determine a structure, duties, roles and responsibilities in risk management.
We are committed to cultivating a risk management culture across the organization to strengthen the immunity of the Bank and its ability to conduct business in the face of risks and a fast-changing environment. To achieve this, we encourage all executives and employees to be aware of their roles in the management of pertinent risks and to be involved in risk management and control according to the three lines of defense principle. Additionally, quality of risk management is included in the performance evaluation of executives.
Guidelines for Building Risk Culture
Participation in Building Risk Culture - We encourage everyone in the organization to take part in risk management while the Board of Directors and senior executives act together as a role model to foster an effective risk culture in the organization through formulating the risk management policy and strategy, as well as tracking and monitoring compliance with the policy and strategy. All employees are tasked with managing risks within their scope of responsibility under the three lines of defense principle. We also require all business units to evaluate relevant risk issues in accordance with risk assessment principles, internal controls, and other related policies of the Bank while providing various channels to receive comments and suggestions related to risk issues from employees at all levels to promote the participation of everyone in the organization.
Risk-aware Product and Service Development – Business Units responsible for the development of products, services, work systems and work processes are required to consider potential risks and impacts to the Bank and related stakeholders. They are also required to undertake a risk and impact assessment according to the Bank’s criteria in areas such as finance, information security, personal data privacy protection, anti-money laundering, combatting the financing of terrorism and the proliferation of weapons of mass destruction, market conduct, and laws and regulations. After making the risk and impact assessment, appropriate measures to mitigate such risks must be established.
Raising Risk Awareness and Building Risk Management Capability - We developed a risk management training curriculum for executives and employees to study through an online platform as well as making important risk management courses mandatory, such as Personal Data Protection, Prevention of Cyber Threats, Market Conduct, Anti-Money Laundering, Combatting the Financing of Terrorism and Proliferation of Weapons of Mass Destruction. We require directors to attend training courses related to the management of the Bank’s major risks on a yearly basis, such as Management of IT Risk and Cybersecurity and Personal Data Protection trainings. In addition, we also raise awareness and promote understanding about the management of ESG and climate change risks.
Financial Incentive Related to the Risk Management - To evaluate performance related to risk management, the Bank has KPIs for senior executives in units associated with risk management, e.g. Credit risk and Operational risk. These KPIs are one of the factors determining executives’ financial incentives i.e. bonus and cash incentive.
Example of the KPIs are as follows:
Emerging Risks |
Importance |
Impact |
Mitigation |
Emerging cyber threats |
Development of digital banking services that help facilitate and introduce new forms of services to customers is one of the Bank’s main goals. However, adoption of new technology may bring forward more frequent cybersecurity threats that are changing continuously which in turn may cause damage to assets of the Bank and our customers, affecting customer trust. |
For the next 3-5 years, cyber threats are likely to be more serious and take more diverse forms. If we are unable to manage cyber threats properly, this may impact the Bank’s credibility in conducting our business as well as customer trust.
New forms of cyber threats require the Bank to keep up with and adapt ourselves accordingly to ensure that the Bank can effectively manage risks from cyber threats through improving risk assessment framework and building awareness of employees, customers and other stakeholders on a continuous basis. |
We put forth the following measures:
|
Carbon Border Adjustment Mechanism (CBAM) of the European Union |
The European Union (EU) has a plan to adopt Carbon Border Adjustment Mechanism (CBAM) to reduce carbon emissions in countries with carbon leakage or carbon pricing measures less strict than the EU from 1 January 2026 onward. As a result, importers must acquire CBAM certificate to offset the differences between the domestic carbon emission prices in export countries and the carbon prices in the EU market. |
At the early stage, CBAM will be applied only on certain categories of products including cement, iron and steel, aluminum, fertilizers and electricity before extending to other products in the future. Businesses in Thailand are required to be ready to compete in export markets in the long run through greenhouse gas emission measurement that meets international standards and investment in carbon emission reduction. Businesses that are unable to adapt or not timely enough to respond will lose their competitiveness, affecting their revenue and profit. These impacts potentially increase the Bank’s credit risks if we do not have a proper preparation to handle the issue in advance. |
We issued following measures:
|