Good corporate governance risk management, and legal compliance

Corporate Governance Report of Thailand Listed Companies 2023

The Company’s Corporate Governance rating is at Excellence by an internationally recognized institute.

Board of Directors’ Structure

          The Company has 10 directors of the Board, composite of 2 executive directors, 4 independent directors, and 8 non-executive directors.

Attendance at the Board of Directors Meeting 2023

Performance and key performance indicators of CEO and executives

          The Company evaluates the performance of chief executive officers and executives annually using the Key Performance Indicators (KPI) cover the following indicators: Financial returns, Relative financial indicators compared to companies in the same industry, and non-financial indicators.

          In this regard, the company will evaluate performance aligned with the 5 core policies and 5 organizational cultures for sustainable growth. The details of the key performance indicators (KPIs) are as follows:

Corporate Key Performance Indicators (KPIs) 2023

1. Risk and Crisis Management

1. Risk and Crisis Management

2. Business Ethics and Code of Conduce

          The Company aims for operating its business with morality by reviewing and establishing the Business Ethics and Code of Conduct for all employees since executives to employees, as well as partners and contractors to adhere to the practice of working responsibly and honestly, including not being involved in corruption, non-violation of human rights.

Communicating, educating and raising awareness

          The Company is committed to operate business with honesty, integrity, transparency, accountability, and do not directly or indirectly support or accept any form of corruption. Therefore, the Company has continuously organized the training about Anti-Corruption policy for directors, executives, and all employees, publicized the Anti-corruption policy to all stakeholders through the Company’s website, internal communications “Share Point” and Public Relations Board at all stores.

          In 2023, employees receive communications on anti-corruption policy, Business Ethics and Code of Conduct total 5,051 people

1. Whistleblowing

          The company has determined the practical guidelines regarding whistleblowing or complaints handling to be in accordance with Anti-Corruption policy. Besides, the company gives all stakeholders a chance to inform complaints or whistleblowing to the company in various channels as prescribed by the company.

2. Communicating, educating and raising awareness

          The Company is committed to operate business with honesty, integrity, transparency, accountability, and do not directly or indirectly support or accept any form of corruption. Therefore, the Company has continuously organized the training about Anti-Corruption policy for directors, executives, and all employees, publicized the Anti-corruption policy to all stakeholders through the Company’s website, internal communications “Share Point” and Public Relations Board at all stores.

          In 2023, employees receive communications on anti-corruption policy, Business Ethics and Code of Conduct total 5,051 people.

3. Cybersecurity and Information Management

          The Company has established the Information Technology Security policy to define the principle and regulation in IT security management together with aims to raise awareness on cybersecurity and important information of the Company, as well as personal data protection which is a part of risks of the Company.

Personal Data Protection

          The company is aware of the importance of respecting individual rights and maintaining the security of personal data of customers, partners, and employees, The company has therefore established a Privacy Policy to inform individuals about the privacy policy, details of data collection, use, or disclosure in accordance with the Personal Data Protection Act 2019 (PDPA). Including the establishment of operational regulations with strict measures to keep personal data secure, to ensure that the personal data of customers, partners, and employees will be kept confidential. In this regard, if the company intends to use personal data, it must obtain consent beforehand and legally use. The company has implemented measures to elevate the protection of personal data as follows: 

  • Announcement of the implementation of processes that comply with PDPA (Personal Data Protection Act).
  • Appointment of the Data Protection Officer: DPO, to handle personal data protection in accordance with legal requirements.
  • Disseminate knowledge about the PDPA (Personal Data Protection Act) to employees at all levels.

Action Procedure after occurrence of data impacts

          The Company have procedure of taking action with personal data breach by the Data Protection Officer: DPO will notify the Innovation & System Development to check the cause, the origin of leaking of information and the corrective action as well as report directly to the Board of Directors