Risk Management

Goal and Performance Highlights

Goal

Performance 2024

Complaints

Commitment, Challenge and Opportunity

The Company recognizes the need to operate in a rapidly changing environment and is therefore committed to enhancing an effective risk management system that covers all processes and aligns with the principles of good corporate governance. Directors, executives, and employees at all levels are required to actively participate in risk management to ensure that the Company can achieve its objectives and long-term goals sustainably.

Nevertheless, risk management faces ongoing challenges due to constantly changing economic, social, technological, and regulatory environments. Embedding a deep understanding and fostering a risk management culture across all levels of the organization requires time and resources. At the same time, resource limitations remain an obstacle to identifying, assessing, and managing risks comprehensively.

On the other hand, developing an effective risk management system not only helps reduce the likelihood and impact of risks but also strengthens stakeholder confidence, reinforces the Company’s image of good corporate governance, and increases the chances of business success. Furthermore, integrating risk management with information technology enhances operational efficiency and prepares the Company to better respond to uncertain situations.

Management and Operational Approach

Risk Management Policy

The Company recognized that operating its business in a continuously changing environment necessitates effective risk management in order for the Company to operate in accordance with objectives and achieve the set goals. As a result, for the risk management to be appropriate and beneficial to the Company, the Risk Management Committee has been assigned by the Board of Directors to determine the enterprise risk management policy as follows:

The Company has set its risk management as a responsibility for all directors, executives, and employees to recognize risks in their work and the Company’s work by participating and recognizing the importance of systematic risk management at a sufficient and appropriate level.
The Company has set effective risk management processes in every step of work based on the corporate governance policy in addition to integrating risk management with information technology management for good management to minimize the likelihood of risks, effects of risks and uncertainties in overall performance, while increasing opportunities for success.
The Company has risk management measures with effects on the Company. Risks must be managed systematically to reduce risks to acceptable levels. Furthermore, risk management measures must be consistent with dynamic environmental conditions. The measures for managing risks at an acceptable level must be approved by Risk Management Committee members before implementation.
The Company supports successful risk management in the entire organization by using limited resources effectively to properly identify, assess and manage risks.

The Structure of the Organization’s Risk Management

Click to Enlarge

Corporate Risk Management Process

The Company has established an annual action plan, as well as corporate-level risk factors, to manage potential risks in addition to setting a risk management framework in accordance with the international standard guidelines of the Committee of Sponsoring of the Tread way Commission - Enterprise Risk Management (COSO-ERM). The procedures for corporate risk management are as follow:

Internal Environment
Objective Setting
Event Identification
Risk Assessment
Risk Response
Control Activities
Information & Communication
Monitoring & Evaluation

Furthermore, the Company’s Board of Directors is responsible for promoting effective internal control systems, appropriate risk management, and ensuring compliance with internal control systems and overall risk management policies as determined by the risk management committee. The Board has reviewed and assessed the adequacy of the Company’s internal control system including risk management practices at the Board of Directors Meeting No. 2/2025, held on March 11, 2025.

Risk Factors Related to the Company’s Business Operations

Key Organizational Risks
- Risk from construction material prices and rising construction costs
- Risk in land acquisition
- Risk of delays, quality issues, contractor performance, and labor shortages
- Risks arising from global and domestic economic conditions
- Risk of future financial performance not meeting targets
- Risk related to debt servicing and covenant compliance
- Risk of interest rate volatility
- Sustainability risks
  - Environmental impact risks
  - Health and safety risks to stakeholders
  - Human rights risks in business operations
  - Corporate governance risks
- Emerging Risk
  - Cybersecurity risks
- Emerging Environmental Risks
  - Supply chain disruption risks due to natural disasters
  - Risk from climate policy enforcement
Investment Risks to Shareholders

Risk Appetite and Risk Tolerance

Risk Appetite

Not accepting risks that may result in serious injury to customers or employees. In making key organizational decisions, health and safety risks are prioritized as a critical consideration.

Risk Tolerance

Minor incidents may occur during construction activities.

While accidents such as cuts from sharp objects or nail punctures may happen mostly involving construction workers, the Company requires all contractors to provide appropriate insurance coverage to mitigate the impact of such incidents.

Risk Appetite

Not accepting any risks that may cause severe negative impacts on its reputation or organizational stability. Every effort is made to minimize reputational damage and mitigate potential adverse effects on all stakeholders involved.

Risk Tolerance

Customers may complaint regarding the quality of houses or condominium units may arise based on individual satisfaction levels, potentially impacting the Company’s reputation.

Accelerated construction and transfer processes may lead to inspection errors before handover. To address this, the Company has implemented QA/QC procedures, offers structural and product warranties, and provides a defect reporting system and after-sales services to ensure customer satisfaction.

Risk Appetite

Complying with all applicable laws, regulations, and official supervisory requirements, and considering setting aside appropriate provisions to cover any potential financial losses that may arise.

Risk Tolerance

Certain laws or regulations still allow room for discretionary interpretation by authorities, which may lead to varying interpretations and potential misunderstandings in implementation.

Operations are subject to external regulations and policies, which may lead to errors due to misinterpretation. Personnel must understand relevant rules and follow a formal inquiry process with authorities when clarification is needed.

Risk Appetite

Not tolerating any damage resulting from unauthorized or unintentional disclosure of information, as well as the collection, dissemination, or use of data in violation of the Personal Data Protection Act (PDPA) or any other applicable laws and regulations.

Risk Tolerance

No information shall be disclosed or distributed without prior authorization.

Risk Appetite

Not tolerating any damage resulting from unauthorized or unintentional disclosure of information in violation of the Personal Data Protection Act (PDPA) and related laws and regulations. This includes any compromise of critical internal data caused by data breaches or technological intrusions, whether from internal threats, external attacks, or hacking activities.

Risk Tolerance

Technology changes or software updates may cause temporary incompatibility or service disruptions.

The Company requires regular IT equipment checks, access rights reviews, penetration testing, and continuous monitoring of unauthorized access alerts to minimize potential impacts and limit the scope of damage.

Risk Appetite

Operating with integrity and transparency, the Company is committed to sound financial risk management while striving to enhance its credit rating. Key financial ratios, such as the interest-bearing debt-to-equity ratio (IBD/Equity), are maintained at appropriate levels. Other financial metrics are managed in accordance with the Group’s financial management policy.

Risk Tolerance

External factors such as economic volatility, political instability, and pandemics.

External factors remain uncontrollable and require continuous monitoring. Despite the Company’s cautious adherence to policies, crises such as economic downturns, political instability, or pandemics may pose significant financial risks to the Company.

Risk Appetite

Not accepting any risk that may lead to default or financial error due to a lack of funding or organizational liquidity.

Risk Tolerance

External factors such as economic volatility, political instability, and pandemics.

External factors such as economic downturns, political instability, and pandemics remain beyond the Company’s control and may significantly impact financial performance. To mitigate such risks, the Company adheres to a prudent investment policy and maintains a cash reserve to cushion the effects of economic and market volatility.

Risk Appetite

Not tolerating any form of fraud or bribery, whether internal or external, that may result in financial loss or reputational damage to the organization.

Risk Tolerance

Errors not exceeding the amount of THB 3,000.

Although the Company has declared its commitment to anti-corruption and requires employees to undergo annual training and knowledge assessments, lapses in consistent policy enforcement or habitual oversight may create vulnerabilities that could be exploited for misconduct.

Risk Appetite

Managing operational losses arising from errors related to operations, processes, or personnel. The value of such losses must remain within the thresholds defined by the Company’s internal policies.

Risk Tolerance

Project delays are acceptable within a maximum of two months, with risk-related budget deviations not exceeding 5% of the total project value.

Risk Appetite

Committing to conduct business in a manner that promotes long-term sustainability for shareholders and all stakeholders. This includes actively addressing climate-related risks, minimizing environmental impacts, and enhancing social well-being, all underpinned by strong corporate governance and ethical business practices.

Risk Tolerance

Inconsistent policy enforcement across business units may result in operational deviations.

The Company conducts regular policy compliance reviews and welcomes complaints to ensure early detection and resolution, minimizing potential impacts and limiting the scope of damage.

Emerging Risk

The Company has assessed the situation in terms of politics, economy, society, law, environment, and trends that may pose risks to business operations. As well as analyzing changes that may be new issues or risks annually to find measures and management guidelines to mitigate such risks to able to respond to those risks in a timely manner. The results of risk assessment and management in advance will be used to formulate proactive measures to prevent risks and create opportunities for business growth.

The Company has established a process for identifying incidents, assessing opportunities and impacts, and a risk management plan as well as risk monitoring by risk management mechanisms of the Company in driving to support the ability of the Company to achieve goals according to the strategy and direction as set.

Risk Issues: Cybersecurity Risk

Threats have become a significant risk in the increasingly digital-driven era, especially with the shift toward remote working and work-from-anywhere models, which have amplified exposure to external attacks. Cyber risks take various forms, with ransomware being particularly prevalent in Thailand over the past 2–3 years. Such attacks can severely damage IT systems, databases, and overall business operations often demand large ransom payments. If such incidents were to affect the Company, they could compromise on its reputation, credibility, and continuity of IT-driven business activities.

The Company recognizes the severity of cyber threats and has implemented proactive monitoring and prevention strategies. This includes the establishment of an Information Security Policy and adherence to international cybersecurity standards (ISO 27001). The Company has deployed various cybersecurity tools such as firewalls, regularly updated anti-virus software, network access control systems, and traffic logging mechanisms. In addition, it has developed a Disaster Recovery Plan (DRP) and conducts regular recovery drills to ensure business resilience.

To build a long-term cyber-resilient culture, the Company also promotes Cybersecurity Awareness across all employee levels, encouraging proactive behavior and understanding of digital threats.

Emerging Environmental Risks

Risk Issues: Supply Chain Risk from Natural Disasters

In the real estate development business, the supply chain is a critical component of project execution, with risks potentially impacting every stage from material procurement to construction delivery. The increasing frequency and severity of natural disasters such as floods, storms, and heatwaves can delay the transportation of construction materials and disrupt project timelines. Additionally, cost fluctuations in construction materials and energy driven by environmental regulations like carbon taxes and eco-label requirements can significantly increase project costs. A lack of supplier readiness in meeting environmental standards or providing complete carbon footprint data may also compromise ESG disclosure transparency and reduce investor confidence. Thus, supply chain risks extend beyond cost and scheduling challenges to directly affect the Company’s ability to achieve its sustainability goals and maintain long-term competitiveness.

The Company has implemented systematic measures to manage supply chain risks, including the development of emergency response plans and recovery strategies for projects located in high-risk areas. Risk diversification is achieved through the selection of multiple qualified contractors who can deliver on schedule and comply with environmental standards.

Additionally, the Company incorporates ESG criteria into its partner evaluation and selection processes and includes environmental clauses in contracts to ensure that all partners align with the Company’s sustainability policies. Contractors are also required to provide complete, transparent, and reliable carbon footprint data for each project.

Risk Issues: Climate Change Policy Risk

The Company is directly exposed to risks arising from the tightening of climate-related policies and environmental regulations. These include potential mandates on carbon emissions reduction, carbon taxation, and green building standards, which may shift from voluntary guidelines to legal requirements. In addition, regulations regarding energy efficiency could compel construction projects to incorporate renewable energy technologies leading to increased development and operational costs. These costs include the use of eco-friendly materials, certification fees, and potential delays in obtaining construction permits.

Furthermore, consumer and investor preferences are increasingly shifting toward environmentally responsible developments, and ESG criteria are now widely used in investment decision-making. Projects that lack clear sustainability strategies may face reduced access to capital. In response, the Company has adjusted its strategies by selecting low-carbon materials, incorporating energy-efficient building design, and installing renewable energy systems. The Company also discloses carbon footprint data and develops buildings to meet recognized environmental standards, aiming to build trust and strengthen long-term competitiveness.

The Company recognizes the risks posed by climate change policies and has implemented control measures to mitigate their impact. A Sustainable Development Policy has been established, alongside the appointment of an Environmental Committee and working group to drive initiatives related to sustainable resource use, waste management, and climate change mitigation in a systematic manner. Moreover, the Company has begun calculating and verifying its organizational carbon footprint and is formulating plans to reduce greenhouse gas emissions. Key strategies include the use of environmentally friendly materials, energy- and waste-efficient building design, and the adoption of clean energy solutions across projects. These efforts aim to create energy-efficient buildings that comply with increasingly stringent environmental regulations, reinforcing the Company’s long-term commitment to sustainable real estate development.

Investment Risks for Shareholders

Investment in the Company’s securities may be subject to risks arising from share price volatility, which can be influenced by market conditions, overall economic factors, industry performance, and other external factors beyond the Company’s control. Investors are advised to carefully review the Company’s information, particularly risk factors that may affect business operations, financial position, performance, and dividend-paying capability, as these may result in returns that differ from expectations.

The Company discloses Management Discussion and Analysis (MD&A), risk factors, and mitigation measures in its Annual Report. However, there remain unforeseen risks that cannot be fully anticipated. Shareholders and potential investors are therefore encouraged to consider all relevant information thoroughly before making investment decisions.