Fundamentals of Corporate Sustainability

Risk & Crisis Management

Risk and Crisis Management

Risk

Ineffective risk management can significantly undermine the Company’s financial position, reputation, and stakeholder trust, as well as its long-term business viability. In addition, it may result in environmental damage and affect the health and safety of stakeholders, ultimately eroding confidence in the Company and creating resistance or barriers to future business expansion.

Opportunity

Effective risk management is a critical enabler for the Company’s stable and sustainable growth. It strengthens the Company’s ability to sense and respond promptly to risks and opportunities amidst the uncertainties and rapid changes in today’s business, social, and environmental landscape. Moreover, effective risk management enhances the Company’s capability to identify and leverage emerging business opportunities that may arise from risk management processes.

Risk Management Structure

The Company's risk management is under the supervision of the Board of Directors, with the Risk Management Committee being responsible for establishing an effective risk management policy and approach, as well as overseeing the Enterprise Risk Management Working Committee to ensure its operations are appropriate for the current business context and situations. The committee consists of 2 Independent Directors, 2 Executive Directors and 4 Senior Executives, totaling 8 members, with an Independent Director serving as Chairman and the Vice Chairman of the Risk Management Committee. (For more details about the Risk Management Committee please see 56-1 One Report, “Corporate Governance Structure” and “Risk Management” Section.)

To effectively manage risks across the organization in accordance with the Company’s core policies on risk and crisis management, the Risk Management Committee has appointed an Enterprise Risk Management Working Committee. This committee consists of executives and representatives from various departments, as well as managing directors of subsidiary companies, totaling 24 members. The Chief Financial Officer serves as the chairperson. The roles and responsibilities of the committee are as follows:

  1. Assessing key enterprise risks aligned with the Company's business direction and risks in the business value chain, including strategic risks, risks from investment and business development in Thailand and other countries, operational risks covering health, safety, social, and environmental aspects, financial risks, compliance risks, and other risks that may impact the Company. Providing suggestions on risk prevention and mitigation to an acceptable level.
  2. Monitoring, evaluating, and continuously improving risk mitigation plans to reduce risks and adapt to changing business conditions. The risk assessment and risk management performance are reported quarterly to the Risk Management Committee. In addition, risk-related updates and the status of control measures are reviewed monthly at the Management Meeting.
  3. Setting up a Business Continuity Plan at the corporate level to address key risks.
  4. Providing training and workshops, sharing information about risks and risk management with employees at all levels, and promoting a risk management culture.

 

As risk management is the responsibility of employees at all levels, they must be aware of the existence of risks in the business value chain and their work processes and provide appropriate and sufficient risk management measures. Therefore, all departments in the Company and its subsidiaries have appointed risk coordinators at operational levels to work collaboratively with the Enterprise Risk Management Working Committee in identifying risks, developing risk mitigation plans, and monitoring outcomes, with support from the Corporate Strategy and Risk Management Division. These coordinators are also responsible for promoting risk awareness and encouraging employee participation within their respective departments.

Management Approach

The Company has established an enterprise risk management process that aligns with international standards to effectively manage all risks. Risk management must be consistently implemented across the organization and integrated into decision-making, strategic planning, and business operations. Additionally, it must support the achievement of business objectives and goals.

The Company has established a "Risk Management Policy" by adopting the Committee of Sponsoring Organizations of the Treadway Commission (COSO) frameworks, both COSO ERM 2017 (Enterprise Risk Management - Integrating with Strategy and Performance) and COSO ESG 2018 (Enterprise Risk Management - Applying Enterprise Risk Management to Environmental, Social, and Governance-related Risks). These frameworks serve as the foundation for enterprise risk management, tailored to fit the Company’s operations to facilitate risk management at all levels and ensure alignment throughout the organization. In addition to risks directly related to business operations, the Company also places significant emphasis on environmental, social, and governance risks which may pose challenges to the Company's ability to achieve its long-term objectives and goals. Mr. Satha Vanalabhpatana, Acting Chief Strategy Officer; and Assistant to Chief Executive Officer, is assigned overall responsibility for enterprise-wide risk management.

The Company conducts an annual review and assessment of enterprise risks, taking into account existing risk issues and their continued relevance. This assessment considered current and emerging risks, economic conditions, business competition, innovation and technology development, government policies and regulations, as well as social and environmental changes that may affect its operations. After identifying and assessing these risks, the Company prepared appropriate risk mitigation plans, determined key risk indicators (KRIs), and defined a risk appetite to monitor the performance and effectiveness of its risk management measures, including potential business opportunities that may arise from these risks. The Company assigned the enterprise risk owners to develop risk management plans and determine key risk indicators.

The Company emphasizes collaborative and comprehensive risk management across its departments, thereby fostering cooperative and proactive management of each enterprise risk. This approach aims to develop multidimensional mitigation plans that consider the impacts on all stakeholders. In addition, the Company engages an outsourced internal auditor to independently review its risk management processes. This ensures the effectiveness, appropriateness, and adequacy of the Company's risk management practices. The auditor also provides recommendations and independent opinions to the management and the Audit Committee on a regular basis. Ms. Dendao Komolmas, Chief Financial Officer and member of the Risk Management Committee, is responsible for overseeing the operations of the Internal Audit Office engaged by the Company.

The Enterprise Risk Management Working Committee monitors the results of risk responses and the situations causing the risks. It reports the findings at the Management Meeting, which is attended by the Chairman, all Chief-level executives, and Managing Directors of subsidiary companies. The findings are then further reported to the Board of Directors.

The Company aims to enhance employee involvement in risk management, as it is an integral part of operations at all levels. To this end, the Company boosts awareness and fosters a culture of risk management among all employees by providing knowledge through activities such as training.

Performance

In 2024, the Company expanded its investment in industrial estates both domestically and internationally. Nonetheless, the global situation remains volatile, marked by significant interconnected crises with ongoing ripple effects. These include extreme weather events and regional conflicts, leading to geopolitical instabilities and economic fluctuations such as rising inflation rates and increased living costs resulting from energy prices driven by the effects of war. This situation has consequently slowed down international trade and investment.

In response, the Company prioritizes closely monitoring various risks, regularly reviewing and evaluating external factors and environmental changes, and developing comprehensive enterprise risk management plans across all subsidiaries. By integrating sustainability risk management principles (ESG Risk), the Company assesses risks considering the alignment with its medium and long-term organizational strategy, as well as the evolving dynamics of future economic, social, and environmental changes influenced by global climate change, along with future shifts and new developments in policies and regulations that may impact business operations. These analyses inform the formulation of risk management plans for both the medium and long term, aligned with organizational strategic planning, to ensure the Company's operations meet set objectives and mitigate potential impacts on the organization and stakeholders.

Emerging Risk

From the Company's risk assessment, it was found that one newly emerging significant risk may impact business operations in the next 3–5 years, namely the risk from industry shift and technology disruption. Although this risk has not yet materialized or had a significant impact at present, if it does occur, it could substantially affect the Company's operations. Therefore, this risk has been elevated to an enterprise-level risk, requiring close monitoring and regular risk assessment.

Risk from Industry Shift and Technology Disruption

The Company conducts in-depth data collection through annual interviews with customers from various industries operating in Amata industrial estates. This data is used for analyzing and refining corporate strategy and business plans. The Company has identified that industry transition and disruptive technology are key factors that significantly impact manufacturing operators. The shift toward new industries and technologies replacing traditional industries, such as the transition from internal combustion engine (ICE) vehicles, forces businesses in existing supply chains to adapt quickly by integrating technological innovations. Those unable to adapt in time may face reduced production capacity or even business closure, which could impact the Company’s revenue from utilities and industrial services. 

Additionally, emerging high-tech industries, such as data centers and semiconductors, require infrastructure and utilities that are vastly different from traditional industries in terms of quality and volume. These changing demands will play a crucial role in shaping the future of industrial estate development. If the Company fails to adapt to accommodating these industries or lacks adequate energy and utility infrastructure, it may lose opportunities to attract new investors and face challenges to maintain competitiveness in the future

Promotion of Risk Management Culture

The Company places importance on the participation of executives and employees in its risk management efforts, particularly in managing risks related to their respective duties and responsibilities. The Company requires that the risk management system be integrated into daily operations and eventually become part of its corporate culture. In addition to the department and subsidiary executives, risk coordinators also play a critical role in driving risk management efforts. They attend meetings with the Enterprise Risk Management Working Committee and transmit the message to other employees at the operational level.

In 2024, the Company conducted four approaches to promote an enterprise risk management culture across all staff levels, which are: 1) EDUCATE: Promotion of knowledge and understanding, 2) PARTICIPATE: Promotion of participation, 3) MANAGE: Systematic risk management, and 4) ENCOURAGE: Integration of risk management into daily work.

1. EDUCATE: Promotion of knowledge and understanding on Enterprise Risk Management

The Company recognizes that the knowledge and understanding of all staff are key factors in achieving efficient corporate risk management and meeting risk management objectives. Therefore, the Company has organized workshops and special lectures on topics relevant to enterprise risks and plans annually. The 2024 performance is as follows:

  • On 16 January 2024, the Company organized a knowledge-sharing session on "ESG Sustainability Reporting", delivered by Mr. Metha Buaraksakul, Product Manager – Sustainability Services, SGS (Thailand) Co., Ltd. The session was initiated in response to emerging risks from evolving environmental regulations, which increasingly require more comprehensive ESG disclosures. These changes may pose potential risks for incomplete or non-aligned disclosures with international standards. The objective of the session was to equip the Board of Directors and senior executives with knowledge necessary to define strategic direction and reporting goals, enabling the Company to align its ESG disclosures with global sustainability frameworks and standards. Participants included Board of Directors—Mr. Vikrom Kromadit, Mr. Chackchai Panichapat, and Ms. Dendao Komolmas—alongside other senior executives totaling 40 participants.
  • A training session titled “Climate Change and Business Sustainability” was conducted on 17 July 2024 by Mr. Boonrod Yaowapruek, Climate Change Consultant from The Creagy Co., Ltd. The session aimed to enhance executives’ understanding of climate-related risks that may affect the Company’s operations, including regulatory changes and evolving customer demands. It also provided insights into developing sustainable products and services to advance business opportunities while addressing customer expectations. A total of 44 senior and mid-level executives participated in this training session.
  • To mitigate cybersecurity risks, the Company organized an online training session on the topic "Cybersecurity in Daily Life" for executives and employees at all levels. The session, conducted by external experts on 4 October 2024, aimed to enhance participants' awareness and understanding of cybersecurity threats in daily life and how to use information technology securely. Topics included AI-powered cyberattacks, phishing, social engineering, strong password creation, and organizational data protection. This initiative was part of the Company’s efforts to build internal capacity and reduce the risk of data breaches and loss of confidential information.
2. PARTICIPATE: Promotion of participation.

The Company organized four virtual workshops throughout the year for the Enterprise Risk Management Working Committee, which comprises senior executives, departmental and divisional managers, and operational-level staff. The purpose of the workshops was to monitor enterprise risk management efforts, establish key risk indicators (KRIs) and acceptable risk levels, assess residual risk following the implementation of risk control measures, and develop additional risk mitigation plans. The sessions also focused on setting targets, refining risk indicators, and ensuring continuous monitoring and follow-up of implementation progress. In addition, the Company organized an employee-level Risk Workshop on 24 January 2024 to foster employee engagement and enhance risk awareness across the organization. The workshop brought together representatives from various departments to promote a shared understanding of risk and to equip participants with practical knowledge for effective risk management within their respective units.

3. MANAGE: Systematic Risk Management

The Company has adopted The Committee of Sponsoring Organizations (COSO) for its Enterprise Risk Management approach and has established a systematic internal control framework in accordance with the "Three Lines of Defense" concept. Under this concept, the first line of defense comprises risk owners who are responsible for identifying and managing risks within their respective functions; the second line of defense is the Corporate Strategy and Risk Management Division, which sets risk management guidelines and standards, and provides oversight and support; and the third line of defense is the Internal Audit Office, which independently assesses the adequacy and effectiveness of the enterprise risk management system. The performance of risk management activities is reported at least twice per quarter to senior management and the Risk Management Committee respectively.

In 2024, the Company reported on the performance and outcomes of its enterprise risk management efforts to senior executives in four meetings, to the Risk Management Committee in four meetings, and to the Board of Directors in four meetings.

4. ENCURAGE: Integration of risk management into daily work
The Company has established Corporate Key Performance Indicators (KPIs) and those for senior management to align with enterprise risks or Key Risk Indicators (KRIs) which are assessed every six months and linked to the departmental KPIs of the risk owners. This alignment aims to continuously monitor and assess the effectiveness of risk control measures and risk management plans in accordance with corporate strategies. The responsible units have set performance indicator targets that align with these risk indicators.

For example, to manage the risk associated with drought, the Company has specified that the total remaining raw water supply at the AMATA City Chonburi Industrial Estate should be available for use at least 14 months and six months at the AMATA City Rayong Industrial Estate. In response to these indicators, AMATA U Company Limited, responsible for water management, has established its own key performance indicators (KPIs) to ensure an adequate raw water supply to meet customer demand in the industrial estates. For instance, the AMATA City Chonburi Industrial Estate has reserved raw water for 24 months of utilization, and the AMATA City Rayong Industrial Estate must maintain its raw water supply at 80% of reservoir capacity throughout the year.

In addition, the Company places strong emphasis on delivering services that meet the needs of customers within the industrial estates. The Company has elevated the risk related to the readiness of sustainable products and services—aligned with evolving customer expectations—as an enterprise-level risk. Accordingly, customer satisfaction, including satisfaction with sustainable products and services, has been established as a Corporate Key Performance Indicator (Corporate KPI). It also serves as a departmental KPI for all product group sales teams. The Company has set a target customer satisfaction score of over 90%.

Start
Building the Future
with AMATA

Talk With Our Consultants

Start
Building the Future
with AMATA

Talk With Our Consultants

Contact us for more details.

Thailand
+66 38 939 007
Vietnam

+84 251 3991 007 (South)
+84 203 3567 007 (North)

Myanmar

+95 1 230 5627

Laos
+856 21 810007

© AMATA CORPORATION PCL. All rights reserved.  Web by Toneyes  Web by Toneyes