Internal Control and Risk Management Policy

Internal Control and Risk Management Policy

I.C.C. International Public Company Limited realizes the importance of effective and efficient risk management that has enabled the Company towards sustainable growth amidst the changes of external factors; such as, risks from domestic and global economic conditions, politics, financial volatility, laws and regulations, e.g. Personal Data Protection Act, B.E.2562 (2019) (PDPA), epidemics, more intense competitions, rapid changes of key information technologies, and climate changes, e.g. flood and air pollution. The Company not only has to cope with the changes of the external factors, but of the internal factors; such as, operational risk management, internal information management, and cybersecurity risks, as well.

The Company believes that enterprise risk management is a process that builds confidence in achieving goals amidst changes, prevents and mitigates obstacles and the impact of risks, responds to the needs of all stakeholders, and is able to create business value. The Board of Directors, therefore, appointed an Internal Control and Risk Management Policy.

  1. To constantly identify present as well as foreseeable business risks, operation risks, logistics risks, financial risks (including returns as well as justifications on investments), technology risks as well as Human Resources risks.

  2. To recommend to the Board of Directors available optimum short-term and long-term solutions.

  3. To recommend to the Board of Directors to recruit a small number of permanent staff internally or externally dedicated to this Risk Evaluation Support Unit as needed to conduct useful and constant evaluations of all assets. This unit is subject to oversight by the Risk Management Committee.

  4. The Risk Management Committee meets at least once a month. The Committee Chairman may meet as often as needed with the Risk Evaluation Support Unit, and may request any member of the committee and/or other senior executives to attend relevant meetings.

  5. The Risk Management Committee submits reports to the Board of Directors on a quarterly basis.