Jaymart Public Company Limited Sustainability
EN
TH

Risk Management

Risk <span class="page-header__title-highlight">Management</span>

Our Commitment

Jaymart Group Holdings Public Company Limited recognizes the importance of risk management as a cornerstone in supporting the stability and sustainability of its business across all dimensions. This is particularly critical in the context of rapidly evolving business environments influenced by economic, technological, and regulatory factors, as well as changing consumer behaviors. If not effectively managed, these risks can present challenges that impact the company’s operations, growth, and reputation.

To prepare for such uncertainties, the Board of Directors and management have established a comprehensive and effective risk management framework. This framework integrates risk management into good corporate governance practices and strategic planning for both the short and long term. The company's risk management processes include identifying and assessing risks, prioritizing them, and implementing appropriate measures to control or mitigate risks to acceptable levels. These measures address both internal factors, such as human resource management, systems, and internal processes, as well as external factors, such as global economic conditions, industry competition, and regulatory changes.

Moreover, the company promotes a thorough understanding of the role of risk management among employees at all levels, encouraging active participation in mitigating risks relevant to their responsibilities. This is achieved through training programs, advisory support, and open communication to raise awareness about risks and appropriate management strategies. In addition, the company places a high emphasis on leveraging technology and innovation to enhance its capability to monitor and manage risks across all areas effectively.

High-quality risk management also strengthens the confidence of stakeholders, including investors, partners, customers, and business allies, ensuring that the company is well-prepared to handle potential scenarios and effectively address uncertainties. This enables the company to continue its operations seamlessly and maintain its competitive edge in the market.

With this commitment, Jaymart Group Holdings Public Company Limited integrates risk management as part of its organizational culture to build trust and confidence among its stakeholders. This approach ensures the company’s operations remain efficient, transparent, and sustainable in the long term.

Supporting The SDGs Goal

Advancing global sustainability through alignment with the UN SDGs.

SDGs 8
SDGs 12
SDGs 16
Stakeholders Directly Impacted
Employees
Employees
Customers and Consumers
Customers and Consumers
Shareholders and Investors
Shareholders and Investors
Partners and Stakeholders
Partners and Stakeholders
Communities and Society
Communities and Society
Government Agencies and Regulators
Government Agencies and Regulators

Management Approach

The company places great importance on managing risks, particularly new risks related to its business operations. The company implements risk management policies throughout the organization (Enterprise Risk Management: ERM) based on international standards set by the Committee of Sponsoring Organizations of the Treadway Commission (COSO). Risk assessments are conducted annually to ensure that the business grows on a foundation of sustainability.

The company also adopts a Business Continuity Management Policy and a Corporate Investment Policy to proactively plan for potential crises, reducing the impact of business disruptions. The company analyzes and considers risk factors in three dimensions: Economic, Social, and Environmental (ESG), which helps ensure that business operations and investments are effective and sustainable within the established risk management framework. This framework is connected to the organization’s internal controls and audits in a systematic manner.

The company evaluates both normal and emerging risks across the organization to prepare for changes in factors that could affect the company’s business objectives. These changes may result in new business models that could impact existing products or services. Additionally, the company is committed to engaging employees in risk management to foster an organizational culture that is vigilant about potential risks. The results from risk assessments and management are used to set strategies, goals, and business development plans for both the short and long term.

Risk Management Structure

The company recognizes the importance of enterprise risk management, which plays a key role in helping the company achieve its strategic goals, objectives, or targets, as well as supporting good corporate governance and stable, sustainable growth. Therefore, the company has established a risk management policy to serve as a guideline and framework for all departments within the company and its subsidiaries.

Risk Management Structure
Click to Enlarge
  • The Board of Directors is responsible for supporting, promoting, and overseeing the management of risks that may have a significant impact on the company.
  • The Audit Committee is responsible for overseeing and independently monitoring risk management, reviewing the internal control system, communicating with the Executive Committee, and reporting to the Board of Directors regarding risks.
  • The Executive Committee is responsible for approving risk management policies, monitoring the development of processes, and evaluating risks. Additionally, they communicate and coordinate with the Audit Committee regarding significant risks.
  • The Chief Executive Officer is responsible for creating and reviewing risk management policies to align with changing circumstances, ensuring that the company has adequate and appropriate risk management plans in place.
  • The Legal Officer / Regulatory Authority is responsible for establishing frameworks, plans, and processes for risk management within the department, presenting them to the Executive Committee for approval, and supporting and monitoring the department's risk management within their area of responsibility.
  • The Internal Auditor is responsible for reviewing the internal control systems and the risk management operations.
  • Supervisors and employees are responsible for identifying, measuring, controlling, monitoring, and reporting risks, as well as collaborating in the development and implementation of risk management plans.
Risk Management Structure and Responsibility

Management and all employees of the group companies are the owners of risks, with shared responsibility for identifying and assessing risks within their respective departments. This includes determining appropriate measures to manage the risks. The company will manage risks to an acceptable level (Risk Appetite) or will deviate no more than the level the company deems acceptable (Risk Tolerances). To foster this mindset, the company must promote a Risk Management Culture to create an understanding of awareness and shared responsibility regarding risks among both management and employees.

Risk Management Process

The company continuously evaluates and monitors risk issues, considering both internal and external factors that may impact the company's operations in all aspects. The company's risk management process is designed to be systematic and comprehensive to effectively identify, analyze, and manage risks, aiming to keep risks at an acceptable level.

The company recognizes the importance of appropriate risk management to support business operations in alignment with the company's strategy, objectives, and goals, while also promoting long-term stability and sustainability. This process consists of 8 steps, as follows:

  • Strategy and Objective Setting

    Define strategies and objectives for the operations of all departments, and ensure that employees set clear business strategies, objectives, or work goals that align with policies, targets, strategies, and acceptable risks.

  • Identifies Risks

    Responsible department heads and employees should understand the risks, identify potential risks arising from both internal and external factors, which could be events that have either positive or negative impacts on achieving objectives.

  • Assesses Severity of Risk

    Department heads and employees should assess the risks based on the likelihood of an event occurring and the severity of the impact that the event may have.

  • Prioritizes Risks

    Department heads and employees should prioritize and manage risks based on urgency. High-risk activities critical to achieving strategies and objectives should be addressed first, followed by high-risk activities of secondary importance.

  • Implements Risk Responses

    Department heads and employees should consider effective and efficient risk management methods, taking into account acceptable risk levels, costs, and benefits. Risk responses may involve using one or more strategies to reduce the likelihood or severity of potential events.

  • Develops Portfolio View

    Department heads and employees should develop risk management by integrating risk factors and relationships across departments, creating a shared risk management database.

  • Review and Revision

    Department heads and employees should ensure ongoing risk monitoring and review of risk management performance. Any necessary adjustments should be made to ensure effective risk management across all levels of the company. Risks that significantly impact the achievement of company objectives should be reported to responsible parties.

  • Monitoring and Evaluation

    Department heads and employees should establish regular monitoring and review of risk management, communicate risk information collaboratively, and report on risk management to the executive committee.

This is to ensure that the corporate governance system aligns with best practices, regulations, and oversight requirements. To keep the risk management policy up-to-date and suitable for current situations, the policy should be reviewed at least annually.

Business Continuity Plan (BCP)

The Business Continuity Plan (BCP) is designed to enable various departments in the company to respond and operate effectively during crises or emergencies, whether caused by natural disasters, accidents, or malicious activities targeting the organization. The goal is to ensure that these crises do not disrupt business operations or prevent the company from continuing its activities. If the organization lacks a response process during a crisis or emergency, it could negatively impact departments and stakeholders in various aspects such as economics, service delivery, society, community, environment, as well as public safety and property.

Therefore, developing a Business Continuity Plan is essential for helping the organization cope with unexpected emergencies and ensuring that critical business processes can resume to normal or predetermined service levels. This will help minimize the severity of the impact on the organization.

To address the uncertainty of such situations and maintain business continuity, the company conducts risk analysis, prioritizes risk issues, and systematically plans for risk management. Additionally, the BCP is tested through simulation events to gather results for plan improvement, review personnel capabilities, and assess the plan's effectiveness in responding to crises.

The management process includes the following steps:
  • 1
    Assessing the impact of a crisis: Preparing for and being ready to respond to any potential situation, ensuring that business operations can continue uninterrupted.
  • 2
    Establishing a Business Continuity Management Team: To ensure the BCP is executed effectively with clear responsibilities, minimizing duplication in addressing crises.
  • 3
    Analyzing business impacts: Prioritizing the impacts and identifying critical processes that need immediate attention to restore normal operations as quickly as possible.
  • 4
    Emergency notification process (Call Tree): Notifying the BCP team members to ensure accurate and consistent information, allowing each member to prepare and respond to crises systematically with clear responsibilities.
  • 5
    Business continuity and recovery plan: Restoring the situation to normal or pre-crisis conditions as quickly as possible.
  • 6
    Review and improvement of the BCP: Management is responsible for updating the Business Continuity Plan annually to improve its effectiveness and ensure it stays relevant to current circumstances.
Crisis or Emergency Management

The Business Continuity Plan (BCP) is designed to address situations of crises or emergencies that may occur within office areas or departments. The company must prepare plans in advance to be ready to respond to any potential scenario at all times, ensuring that departments can continue their business operations. The company has considered the following potential impacts:

Flooding
Flooding
Fire Incidents
Fire Incidents
Power Outages
Power Outages
Protests / Riots
Protests / Riots
Terrorist Activities
Terrorist Activities
Pandemics / Severe Contagious Diseases
Pandemics / Severe Contagious Diseases
Earthquake Incident
Earthquake Incident
Crisis or Emergency Management
Click to Enlarge
Key Business Functions Management

To effectively respond to emergency situations and potential disasters, the Company has established a set of guidelines for managing key business functions. These guidelines aim to ensure continuous business operations in a professional, timely, and efficient manner, even in changing or unforeseen circumstances. The Company has outlined the following key measures:

1. Point of Sale (POS) System

The POS system is a critical business process as it serves as the primary tool for receiving payments for goods.

  1. 1.1 Provide staff training on manual sales and payment processing procedures in situations where the POS system is unavailable.
  2. 1.2 Backup POS sales data to a secondary server.
  3. 1.3 Develop a daily sales summary form in Excel format to collect and manage sales data systematically, enabling effective retrospective review.
2. Inventory Management System

This includes the product planning process, procurement, warehousing, and logistics.

  1. 2.1 The Sales and Product teams must plan weekly product demand forecasts and manage inventory levels according to designated minimum and maximum stock thresholds. This ensures product availability and prepares for temporary supply chain disruptions during emergencies.
  2. 2.2 Branch staff must record transactions on stock cards to monitor inventory inflows and outflows, especially when the POS system is unavailable, in order to prevent product loss.
  3. 2.3 The Product team must identify and prepare 1–2 backup warehouses and logistics providers in addition to existing partners, to mitigate risk from logistics disruptions.
3. Sales Channels
  1. 3.1 Maintain a consistent presence and readiness of online sales channels to ensure continued product availability to customers if physical branches are unable to operate.
4. Accounting and Finance System
  1. 4.1 Establish a plan to back up financial and accounting data on the cloud or secondary servers to prevent data loss.
  2. 4.2 Create contingency plans for managing payments to suppliers during emergencies.
  3. 4.3 The Accounting and Finance team must be prepared to advise branch staff on alternative payment procedures for products and services when standard processes cannot be followed during emergencies.
5. Customer Service and Help Desk
  1. 5.1 Headquarters and branch staff must communicate and monitor emergency situations closely to ensure accurate and consistent updates, enabling them to promptly and correctly inform customers.
  2. 5.2 Prepare skilled personnel with professional communication and listening abilities to effectively address customer inquiries and reduce potential misunderstandings.
6. Human Resources Management System
  1. 6.1 Develop a time-recording plan for staff during emergency situations.
  2. 6.2 Maintain a routine check of staff numbers and statuses to ensure employee safety and readiness for immediate support during critical events.
  3. 6.2 Establish an additional backup payroll disbursement method in case the standard payroll system is temporarily unavailable.
Discover the latest in ESG practices shaping a brighter future.
See latest sustainability report