Risk Management
Our Commitment
JAS Asset Public Company Limited recognizes the importance of risk management as a key driver in ensuring the stability and sustainability of its business in all dimensions.
In today’s rapidly changing business environment shaped by economic, technological, and legal factors, as well as evolving consumer behaviors unmanaged risks may pose significant challenges that could impact the Company’s operations, growth, and reputation.
To effectively prepare for such uncertainties, the Board of Directors and executive management have established a comprehensive and efficient risk management framework, integrating risk management into the Company’s good corporate governance practices and strategic planning processes, both in the short and long term. The Company’s risk management approach encompasses the identification and assessment of risks, prioritization of key risks, and implementation of appropriate control and mitigation measures. These cover both internal factors such as human resource management, internal systems, and processes and external factors, including global economic conditions, industry competition, and changing regulations.
Furthermore, the Company encourages employees at all levels to understand the importance of risk management and actively participate in implementing preventive measures within their respective areas of responsibility. Training programs, consultations, and transparent communications are organized to promote awareness and understanding of risks and their appropriate management approaches. The Company also places emphasis on leveraging technology and innovation to strengthen its capabilities in monitoring and managing risks effectively across all aspects.
With this strong commitment, JAS Asset Public Company Limited upholds risk management as a core part of its organizational culture, reinforcing the confidence and trust of all stakeholders, and ensuring that the Company’s business operations are conducted with efficiency, transparency, and long-term sustainability.
Supporting the SDGs Goals
Stakeholders Directly Impacted
Management Approach and Value Creation
The Company places great importance on risk management, particularly in addressing emerging risks that may be associated with its business operations.
The Company operates under an Enterprise Risk Management (ERM) framework based on the international standards of the Committee of Sponsoring Organizations of the Treadway Commission (COSO). Risk assessments are conducted annually to ensure that the Company’s business continues to grow on a foundation of sustainability.
The Company conducts organization-wide risk assessments, covering both existing risks and emerging risks, in order to proactively prepare for changes in external and internal factors that could potentially impact the achievement of its business objectives. These risks may also lead to new business models that could affect the Company’s traditional products or services. Furthermore, the Company is committed to enhancing employee engagement in the risk management process to strengthen a risk-aware organizational culture, enabling early detection and response to potential impacts from various risk factors. The results of the risk assessment and management processes are then utilized to formulate the Company’s strategic objectives and business development plans, both in the short and long term.
Risk Management Structure
Risk Management Structure and Responsibility
All executives and employees across the Group are considered risk owners, sharing collective responsibility for identifying and assessing risks within their respective areas of responsibility, as well as for implementing appropriate measures to manage those risks. The Company aims to maintain risks at an acceptable level (Risk Appetite), or within a tolerance level (Risk Tolerances) that does not exceed what the Company deems acceptable. To instill this risk-aware mindset among executives and employees, the Company actively promotes a strong Risk Management Culture fostering a shared understanding, awareness, and accountability regarding risk management throughout the organization.
The Company recognizes the importance of enterprise risk management, which enables the Company to achieve its strategies, objectives, and goals, while ensuring good corporate governance and fostering stable and sustainable growth. Accordingly, the Company has established a Risk Management Policy to serve as a guideline and framework for operations across all departments of the Company and its subsidiaries.
Responsibilities in Risk Management
Risk management is the responsibility of all personnel at every level of the Company and its subsidiaries, including consultants, representatives, and individuals authorized to act on behalf of the Company and its subsidiaries. Their roles, duties, and responsibilities are as follows
-
The Board of Directors
Responsible for supporting, promoting, and overseeing the management of risks that may have a significant impact on the company.
-
The Audit Committee
Responsible for overseeing and independently monitoring risk management, reviewing the internal control system, communicating with the Executive Committee, and reporting to the Board of Directors regarding risks.
-
The Executive Committee
Responsible for approving risk management policies, monitoring the development of processes, and evaluating risks. Additionally, they communicate and coordinate with the Audit Committee regarding significant risks.
-
The Chief Executive Officer
Responsible for creating and reviewing risk management policies to align with changing circumstances, ensuring that the company has adequate and appropriate risk management plans in place.
-
The Legal Officer / Regulatory Authority
Responsible for establishing frameworks, plans, and processes for risk management within the department, presenting them to the Executive Committee for approval, and supporting and monitoring the department's risk management within their area of responsibility.
-
The Internal Auditor
Responsible for reviewing the internal control systems and the risk management operations.
-
Supervisors and employees
Responsible for identifying, measuring, controlling, monitoring, and reporting risks, as well as collaborating in the development and implementation of risk management plans.
Risk Management Process
The Company continuously evaluates and monitors risk issues by considering both internal and external factors that may impact its operations in all dimensions. The Company’s risk management process is designed to be systematic and comprehensive, enabling effective identification, analysis, and management of risks, with a focus on maintaining risks within acceptable levels.
The Company recognizes the importance of proper risk management to support business operations in alignment with its strategies, objectives, and goals, while also strengthening long-term stability and sustainability. The process consists of 8 steps, as follows
Strategy and Objective Setting
Identifies Risks
Assesses Severity of Risk
Prioritizes Risks
Implements Risk Responses
Develops Portfolio View
Review and Revision
Monitoring and Evaluation
Strategy and Objective Setting
Define strategies and objectives for the operations of all departments, and ensure that employees set clear business strategies, objectives, or work goals that align with policies, targets, strategies, and acceptable risks.
Identifies Risks
Responsible department heads and employees should understand the risks, identify potential risks arising from both internal and external factors, which could be events that have either positive or negative impacts on achieving objectives.
Assesses Severity of Risk
Department heads and employees should assess the risks based on the likelihood of an event occurring and the severity of the impact that the event may have.
Prioritizes Risks
Department heads and employees should prioritize and manage risks based on urgency. High-risk activities critical to achieving strategies and objectives should be addressed first, followed by high-risk activities of secondary importance.
Implements Risk Responses
Department heads and employees should consider effective and efficient risk management methods, taking into account acceptable risk levels, costs, and benefits. Risk responses may involve using one or more strategies to reduce the likelihood or severity of potential events.
Develops Portfolio View
Department heads and employees should develop risk management by integrating risk factors and relationships across departments, creating a shared risk management database.
Review and Revision
Department heads and employees should ensure ongoing risk monitoring and review of risk management performance. Any necessary adjustments should be made to ensure effective risk management across all levels of the company. Risks that significantly impact the achievement of company objectives should be reported to responsible parties.
Monitoring and Evaluation
Department heads and employees should establish regular monitoring and review of risk management, communicate risk information collaboratively, and report on risk management to the executive committee.
This is to ensure that the corporate governance system aligns with best practices, regulations, and oversight requirements. To keep the risk management policy up-to-date and suitable for current situations, the policy should be reviewed at least annually.