Risk Governance
Risk Governance
GC's risk management structure is divided into three levels, including the Corporate Level, the Function Level and the Operational Level. The Risks Management Committee (RMC), has been appointed by the Board of Directors to oversee risk management guidelines through policy formulation, risk management, risk appetite and risk management framework. It also monitors progress as well as provides opinions and recommendations on risk management. In 2023, the RMC performed its duties within the scope of duties and responsibilities specified in the Charter and conducted Risk Exposure Review through a total of 5 meetings and as assigned by the Board of Directors. The RMC reports its operations to the Baord of Directors on a quarterly basis and summarizes its performance in Form 56-1 One Report for shareholders.
Additionally, the company has also established an Enterprise Risk Management Committee (ERMC), which consists of executives from several departments that are under control of Executive Vice President (EVP) – Corporate Strategy. The ERMC is in charge of monitoring operations related to enterprise risk management according to the risk management policy and framework assigned by the RMC. It focuses on early warning signs and enables the identification and prioritization of risks by assessing risk impacts and likelihood. The ERMC also defines appropriate risk management methods, monitors and assesses risk management effectiveness, and ensures that business operations are in accordance with relevant laws and standards.
The Audit Committee acknowledges information on enterprise risk management from the Risk Management Report submitted to the Board of Directors’ Meeting and reviews risk management based on the Internal Audit Report to ensure that the company has identified key potential risks on its operations and manages such risks with efficiency. GC has appointed persons-in-charge and established appropriate, adequate and comprehensive risk management measures to cover both the short and long term.
GC has also appointed a Value Chain Management Committee (VCM), which comprises of Executives from relevant functions, to be responsible for weekly monitoring of the market situation, and to provide risk management approaches for feedstock, product price fluctuations and exchange rate fluctuations in accordance to the risk management framework of the company.
At the function level, risk management is a normal itinerary. Accordingly, each department has taken action to monitor and verify risks and progress of risk reduction measures. The company has assigned all departments to assess the sufficiency of the internal control system using the Control Self-Assessment (CSA) and Operational Risk Management (ORM) tools to control risks at the operational or process level.
Risk Governance Framework
Risk Management Structure
GC has implemented the Three Lines Model, an international best practice, as a governance framework. It defines the operational risk job owners’ function as the first line of defense to ensure compliance with policies and guidelines. The Internal Control, Corporate Risk Management, Corporate Governance, Corporate Compliance, and other support divisions constitute the second line of defense, responsible for managing and supporting other functions to meet established standards. Lastly, Internal Audit, the third line of defense, is tasked with independent assurance of other functions to ensure proper and suitable implementation of internal controls and to strengthen corporate governance and risk management.
