Risk Culture
GC regulary promotes a risk management culture throughout the organization and has extended its efforts into an integrated GRC (Governance, Risk Management & Internal Control and Compliance) practices. This is achieved by enhancing risk management knowledge among employees at all levels and leveraging digital technologies to improve operational efficiency. Key initiatives include the development of a GRC knowledge database (GRC Portal), an online whistleblowing channel, and conducting risk assessments through the Enterprise Risk Management Portal on the SharePoint Power BI platform, aimed at ensuring effective risk evaluation.
GC monitors and evaluates the effectiveness of the implemented measures, with reporting covering the following information:
Monitoring Process
Utilizing the GRC Portal and Enterprise Risk Management Portal to enable continuous tracking and evaluation of risk management measures.
Targets, Metrics, and KPIs
Establishing clear goals, performance indicators, and KPIs to ensure alignment with the organization’s sustainable development objectives.
Progress and Effectiveness Assessment
Quarterly reporting and comprehensive dashboards to evaluate the effectiveness of implemented measures and progress against defined targets and metrics.
Lessons Learned and Policy Integration
Applying risk management lessons to policies and workflows, while fostering a GRC culture through ongoing initiatives that promote best practices.
GC has established a risk culture guideline and enforced it throughout the organization. There are six components as follows: 1) Risk Governance, 2) Leadership, 3) Risk Structure, 4) Risk Technique, 5) Risk Communication and 6) Risk Management Knowledge. These elements are designed to ensure GC’s growth is both stable and sustainable in the long term.
Risk Governance
GC governs risk management by establishing policies, risk appetite and risk management framework while tangibly extending risk management efforts through the GC Way of Conduct.
Leadership
The Board of Directors and Executives place great important on the subject of risk management by continuously and closely monitor the process of risk management.
Risk Structure
GC’s risk management structure covers all levels. Roles, duties and guidelines are also assigned to each level. The Risk Management Committee (RMC) is appointed by the Board of Directors to govern risk management through risk management policies, risk appetite and risk management framework.
The Management Committee (MC), the Enterprise Risk Management Committee (ERMC), and senior executives from various departments are authorized to manage corporate risk management performance in accordance with policies, objectives, and frameworks approved by the RMC.
GC has appointed managers to be a “GRC Partner” in order to advice as well as present, improve and report risk management in accordance with GRC, in order to strengthen the risk management capability in all levels.
Risk Techniques
GC has applied the international standards: ISO 31000 and COSO Enterprise risk management. Appropriate risk management tools have been employed in line with international standards in analyzing, assessing and defining risk management frameworks, such as assessing and prioritizing risks using the risk map, monitoring risk management using a mitigation plan, Key Risk Indicators (KRI), etc. Furthermore, the company has implemented the Sensitivity Analysis, Scenario Planning, Stress Testing and Control Self-Assessment (CSA) tools in various departments throughout the organization.
Risk Communication
Regularly monitor and report risk management performance to the management and the Board of Directors as well as communicate about risk management and the internal control system, GC Group Code of Conduct, and corporate governance culture through diverse channels, such as intranet, newsletter, Hook Talk short video clips. Executives are required to regularly utilize Hook Talk to convey contents to employees in internal meetings, etc.
Furthermore, risk management and related issues are communicated through the Annual Report and the Integrated Sustainability Report to strengthen corporate risk management culture.
Risk Management Knowledge
Director
Risk Management Education
GC organized an annual training session for the Board of Directors on the topic of "Petrochemical Market Landscape," conducted by the consulting firm BAIN & COMPANY, to provide the Board with insights into the trends and changes in the petrochemical and chemical industries, including the assessment and establishment of measures to address risks that may impact business operations. This serves to support governance and risk consideration in determining strategic direction, operational planning, and pursuing business expansion opportunities to enhance the Company's competitiveness and sustainability.
A training session on the topic of "3 Smart: Smart Plant, Smart Sale & Marketing, Smart Work Process" was conducted by Huawei Technologies Co., Ltd., which presented an overview of the application of a Unified AI Platform encompassing production efficiency enhancement, sales and marketing advancement, operational cost reduction, operational safety reinforcement, as well as support for research and development and Data-driven Decision Making to drive the organization toward sustainable growth. This knowledge broadened the Board of Directors' perspectives and deepened their understanding of the opportunities and risks associated with the application of digital technology and AI in business processes, which are critical factors in mitigating operational risks and enhancing the organization's ability to adapt strategically and effectively.
A Director Certification Program training course was organized by the Thai Institute of Directors (IOD) to strengthen the understanding of roles and responsibilities in effective corporate governance. This enables directors to perform their duties in compliance with the law, confidently evaluate financial information, and recognize potential risk issues, along with their role in establishing risk mitigation guidelines at the strategic level. This equips the Board of Directors with a comprehensive perspective on business governance and an understanding of selecting appropriate strategies, leading to transparent and effective organizational management that creates sustainable value for stakeholders.
Frequency
3 times / year
Executive/ Management
Risk Management Education
GC develops personnel at the executive level and enhances beneficial perspectives to be applied to risk management, strengthening knowledge and capabilities to keep pace with the constantly competitive business environment. The company therefore regularly provides training both internally and through external training institutions, such as training on fraud and corruption risk assessment in work processes, to ensure that managers understand their roles and responsibilities, are able to assess fraud and corruption risks, and can establish appropriate control measures.
In the past year, the company organized training for executive-level personnel on the topic "Earthquake - Incident Response for Managements & Critical Positions," with the objective of ensuring that executives and personnel in critical roles understand the earthquake response process from the occurrence of an incident through to the return to normal conditions, and are aware of their roles, responsibilities, and accountability, including being able to act appropriately and provide guidance as role models for others.
Frequency
1 time / year
Non-Executive Director
Risk Management Education
The Company organized an annual training session for the Board of Directors on the topic of "Petrochemical Market Landscape," conducted by the consulting firm BAIN & COMPANY, to provide the Board with insights into the trends and changes in the petrochemical and chemical industries, including the assessment and establishment of measures to address risks that may impact business operations. This serves to support governance and risk consideration in determining strategic direction, operational planning, and pursuing business expansion opportunities to enhance the Company's competitiveness and sustainability.
A training session on the topic of "3 Smart: Smart Plant, Smart Sale & Marketing, Smart Work Process" was conducted by Huawei Technologies Co., Ltd., which presented an overview of the application of a Unified AI Platform encompassing production efficiency enhancement, sales and marketing advancement, operational cost reduction, operational safety reinforcement, as well as support for research and development and Data-driven Decision Making to drive the organization toward sustainable growth. This knowledge broadened the Board of Directors' perspectives and deepened their understanding of the opportunities and risks associated with the application of digital technology and AI in business processes, which are critical factors in mitigating operational risks and enhancing the organization's ability to adapt strategically and effectively.
A Director Certification Program training course was organized by the Thai Institute of Directors (IOD) to strengthen the understanding of roles and responsibilities in effective corporate governance. This enables directors to perform their duties in compliance with the law, confidently evaluate financial information, and recognize potential risk issues, along with their role in establishing risk mitigation guidelines at the strategic level. This equips the Board of Directors with a comprehensive perspective on business governance and an understanding of selecting appropriate strategies, leading to transparent and effective organizational management that creates sustainable value for stakeholders.
Frequency
At least 3 times / year
Employees
Risk Management Education
GC continuously enhances knowledge and understanding of risk management and internal control through various training courses tailored to target groups via lessons on the company's online learning platform, or UP Learning Platform. In addition, the company provides updates on business situations, trends, future changes, and emerging risk issues from both internal and external experts to stakeholders at all levels, in order to develop capabilities in identifying risk factors, assessing risk impacts, and establishing risk management measures.
The company organized training for employees on the topic "2025 BU Risk Assessment Communication," with the objective of communicating the 2025 enterprise risk management plan, introducing business unit-level risk assessment methodologies, and providing guidance on using the ERM Webpage, which serves as a centralized hub for enterprise risk assessment information.
Frequency
2 times / year
GC has comprehensively improved and developed the organizational risk management culture, including providing focused training throughout the organization on risk management principles. GC has considered the incorporation of risk criteria in the development of new products. Risk management principles are applied at every stage of product and service development, both financially and in quality control, with emphasis on the design and risk assessment of products, from raw material procurement, production, transportation, and usage to compliance with market standards and international regulations such as the United Nations Council, the International Council of Chemical Associations (ICCA), the Montreal Protocol on Chemicals, Registration, Evaluation, Authorization and Restriction of Chemicals (REACH), and Restriction of Hazardous Substances (RoHS) to control hazardous products.
Furthermore, GC has considered integrating financial incentives which incorporate risk management metrics by establishing a reward system linked to risk management performance. This system is based on short-term performance indicators and long-term growth and sustainability goals, including organizational safety indices, cost savings, EBITDA growth, and greenhouse gas emission reductions. This approach aligns safety and financial risk management to create a direct connection between risk management outcomes and employee rewards, thereby fostering a strong culture of risk awareness throughout the organization.