Internal Controls and Risk Management
The company places significant importance on effective internal controls and prudent risk management, demonstrating a strong commitment to fostering sustainable and transparent business growth.
It operates in alignment with international standards and adheres to good corporate governance principles to build trust among all stakeholders and ensure the organization’s long-term stability.
Inrternal Controls
The Audit Committee independently evaluates and reviews the effectiveness of the Company’s internal control systems to ensure that they are in compliance with good corporate governance principles and the Committee of Sponsoring Organizations of the Treadway Commission (COSO) internal control framework, which is a generally accepted control framework. COSO consists of five integrated components: Control Environment, Risk Assessment, Control Activities, Information and Communication, and Monitoring Activities.
The Audit Committee reviewed internal audit reports including audit findings and recommendations. Based on the Audit Committee’s assessment, the Board concluded that the Company’s internal control systems are adequate and effective, and are functioning consistently with corporate governance principles and the COSO internal control framework as summarized in the following sections.
The existing organizational structure is appropriate and effective for the Company’s businesses operations. It is the Company’s policy that directors, officers, and employees are expected to observe the highest code of ethics and avoid any actual or apparent conflict between their own personal interests and the interests of the Company. They are also expected to deal fairly with each other or with the Company’s suppliers, customers, competitors, and other third parties.
The Company applies rigorous risk assessment and management practices in all aspects of its business. The Company has processes in place to analyze and assess the significance of risks and determine mitigation measures to reduce those risks to the extent feasible. Risk management plans are embedded as an integral part of business processes, developed with consideration for both internal and external risk factors, and designed to include follow-up processes to ensure effective implementation and continuous improvement.
The Company adopted a Delegation of Authority Guide which summarizes the responsibilities and authorities that form the overall framework for ensuring business arrangements and transactions are reviewed and approved at an appropriate level. By delegating authority, management ensures decisions will be made by individuals with the required skills and knowledge. A basic premise is that the delegated authority bears with it the obligation to exercise good business judgement and due diligence as well as effective segregation of duties. In addition, the Company’s computer systems include effective application and general controls.
Meeting agendas and supporting information are provided to Board members in a timely fashion to ensure that material information is available to those responsible for making relevant decisions. Minutes of the Board meetings, including relevant comments by Board members, are properly documented for subsequent review. All financial and supporting documents are retained in accordance with the Company’s Information Management System (IMS). The Company provides ongoing internal control training for employees.
Internal audit staff independently assesses compliance with policies and procedures and evaluate the effectiveness of all control systems relating to the business. Material control weaknesses, irregularities, and business practice issues are promptly addressed and reported to management and subsequently reviewed by the Audit Committee. Corrective actions, in accordance with internal audit findings and recommendations, are monitored by the management of each business until the issues are appropriately resolved. The Audit Committee periodically reviews and assesses the effectiveness of the management follow up process.
Risk Management
Bangchak Sriracha Public Company Limited (“Company”) appoints executives and employees in various departments to oversee risks. They must play a role and participate in development. Organizational risk management and an understanding of the duties and responsibilities related to risk management.
