and liquidity position over particular time horizons of the Company and its subsidiaries when the different levels of funds may be required to accommodate borrowings upon maturities, to reduce other types of liabilities, or to acquire of assets by using Liquidity Gap Analysis, various liquidity ratios, and “What If” scenarios to evaluate the sufficiency of the cash flow liquidity depending on customer behavior in extending contracts upon maturity and estimate the need of liquidity in various “What If”scenarios. Meanwhile, the Company and its subsidiaries develop an emergency plan in the case of a liquidity problem and there will be a revision of the significant occurrences that affect working operations. In this regard, the Company and its subsidiaries have assigned the Executive Committee in controlling and managing the liquidity risk to monitor and manage risk on a regular basis. 4. Operational Risk The operational risk is the risk that arises from the damage that occurs from lack of good corporate governance within the organization. Risk may arises from the inadequate efficiency of the internal audit and internal control systems which could be relating to internal operation process, personnel, systems or external events and adversely affect the Company and its subsidiaries’ operating income and capital. This also includes legal risks such as litigations, exploitation by the government, and also damage from settlements outside the courtroom. Such risk can pose an adverse impact on other risks, especially strategic risk and reputation risk. The Company and its subsidiaries are well aware that efficient operational risk management is crucial to the business to achieve goals sustainably. Under current uncertainties, the Company and its subsidiaries, thus, place importance on efficient and effective operational risk management that is sufficiently comprehensive across the Company and its subsidiaries, so that timely preparations can be made in unexpected situations and increasingly stringent regulations are followed. The Company and its subsidiaries set Operational Risk Policies and management that gear toward risk protection and monitoring. In addition, as internal control is a key mechanism in controlling and mitigating possible damage, the Company and its subsidiaries ensure that there is a strong internal control system: an organization structure that has counterbalance, transaction-supporting units with a specialized skill set and independence to reduce possible errors, practice regulations applicable to all types of transactions, information technology system management and data security system, including the business continuity plan. The Company and its subsidiaries determine a principle, form or condition of the process used in the measurement and assessment of internal risks of the Company and its subsidiaries. In the determination of this process, the Company and its subsidiaries consider the circumstantial factors such as supervising guidelines of the government units associated with the Company, state and complexity of the business, the capability of the Company in accepting risks. The Company has also put in place the tools for important operational risk management e.g. Risk and Control Self-Assessment, Key Risk Indicators (KRIs), in case of disaster and loss storage (Loss Data), the use of external service providers for Thanachart Group (Outsourcing Policy), incident management, and business continuity plans (BCP). In addition, to monitor operational risk, the Company and its subsidiaries determine a policy for executives of each department to be responsible for monitoring the risk by considering this as a part of their regular duties. This will help identify all risks and problems that occur in order to respond to the changes in an appropriate and timely manner and not damaging to the Company and its subsidiaries. Nevertheless, to be informed of the result of business operations and problems that occur, as well as trends and changes in information of risk factors, the Company and its subsidiaries organize a filing and reporting of the information associated with operational risk management to be continually and regularly reported to the Board of Directors, the Risk Oversight Committee, and high-level executives to use in the determination of policies, to develop a sufficient risk management system, and to be a tool in aiding the Company and its subsidiaries to evaluate the capability and efficiency of the internal control system. 69 56-1 One Report / Annual Report 2021 Thanachart Capital Publ ic Company Limited
RkJQdWJsaXNoZXIy ODEyMzQ3