Risk and Crisis Management and Resilience
Central Retail places utmost importance on risk management and strengthening crisis response capabilities, particularly given its diversified portfolio and global operations. With on going global shifts, the company prioritizes comprehensive risk management, encompassing vigilant monitoring, proactive mitigation, and effective response strategies. Central Retail is the committed to increasing awareness and comprehension of risk management protocols across all business units, to promote a proactive risk culture among employees at every level. In addition to improving organizational flexibility, the company is exploring new opportunities for business growth
Impact to Business, Stakeholders, and Human Rights
By applying effective risk management processes and prevention measures, as well as fostering a flexible risk management culture, Central Retail can reduce the likelihood and/or mitigate potential losses that may disrupt critical business activities, lead to disputes and legal issues, or damage reputation, lives, and assets.
It can be confirmed that by improving the efficiency of creating an environment and work processes, Central Retail can achieve sustainable growth by increasing profits and reducing operational costs. As a result, employees feel secure and work safely, partners will trust in the organization's ability to ensure reliable payments and maintain strong business relationships, customers will be satisfied and have confidence in the quality and consistency of products and services, and communities will benefit from a source of income and financial stability through collaboration with Central Retail. The government will also benefit from tax payment, while shareholders and investors will enjoy appropriate returns as well as dedicated to upholding human rights in all its operations
On the contrary, inadequate risk management and lack of disaster resilience capabilities can result in the cessation of Central Retail's business operations, thereby impacting revenue, product quality, and leading to heightened operating expenses.
Management Approach
Risk Governance
Central Retail has established its structure, roles, and responsibilities in the risk management process as follows:
- The Risk Policy Committee (RPC) comprises independent directors, with the Chief Executive Officer (CEO) playing a role in aligning risk management policies with the Company's objectives and strategies. The RPC is tasked with supervising, advocating, and encouraging Central Retail to effectively manage risks in accordance with established policies and international standards. This includes continuous monitoring and assessment of the efficacy of risk management policies, along with providing ongoing advisory support on risk-related matters. The RPC is mandated to regularly report to the Board of Directors and the Audit Committee (AC), convening at least biannually. Additionally, it delegates the Risk Management Unit to liaison with AC to assess the adequacy of Central Retail's internal control systems and extending oversight to its subsidiaries.
- The Risk Management Committee (CRC RMC) is appointed by the RPC, with the Chief Executive Officer (CEO) serving as Chairman and the Chief Financial Officer (CFO) as Vice Chairman. The committee comprises the Chief Digital Officer (CDO), Chief Business Unit Officer, and the Assistant Managing Director of Investor Relations and Risk Management as directors. Operating as the second line of defense in alignment with the principles of the three lines of defense, the CRC RMC is tasked with deliberating on strategies, risk items, frameworks, and risk assessment criteria. Moreover, it oversees the reporting of risk management outcomes at both organizational and departmental levels by convening with RPC at least semi-annually to report progress on risk management outcomes.
- The Risk Management Unit comprises proficient individuals with specialized knowledge and experience in risk management, operating as the second line of defense in alignment with the principles of the three lines of defense, its primary responsibility is to conduct risk assessment and analysis. Additionally, it plays a role in compiling a list of key organizational risks (Corporate/CRC Risk), its degree, and Key Risk Indicators (KRI), as well as developing Risk Management Plans (Risk Mitigation Plans/Risk Management Plans). These plans are then reported to the Risk Management Committee (CRC RMC) for approval and ongoing monitoring. The outcomes and the performance of risk management activities are reported to both CRC RMC and RPC respectively, according to predefined intervals or, at minimum, semi-annually
- The Risk Owner, appointed by CRC RMC, comprises executives from each business unit, support unit, division, or department, serving as the first line of defense in adherence to the three lines of defense principles. Their primary responsibility is to identify, analyze, and evaluate risks within their respective areas of operation. Additionally, they are tasked with developing guidelines for responding to risks and overseeing the monitoring, the controls execution, and reporting of risk management outcomes to the Risk Management Working Team.
- The Internal Audit Department comprises specialized expertise in internal auditing field, performing its duty independently from other business units to maintain the principle of the three lines of defense. Functioning as the third line of defense, which responsible to assess internal controls, ensuring that Central Retail achieves its objectives and goals efficiently and effectively within the risk management framework. Additionally, it also provides insights regarding inspection, risk management, internal control, and essential operational processes. The department evaluates the sufficiency and efficacy of risk management within its designated mandate and scope of work, presenting periodic progress reports and synthesizing key issues for review by the Chief Executive Officer and the Audit Committee on a quarterly and annual basis.
Risk Management Policy
The Company recognizes the importance and necessity to adopt the internationally standardized risk management system to its management in order for CRC to achieve its objectives in an efficient and effective manner and to comply with the relevant laws and standards. To limit the overall risks within the acceptable level, the Risk Management Policy has been defined as follows:
- Determine that the risk management is the responsibility of employees in every level whereby they must be aware of risks in operations of their own units and of CRC as well as focus on managing different types of risks under the systematic internal control in an adequate and appropriate manner.
- Establish the enterprise risk management process that is in accordance with the good international standards in order to efficiently manage risks that may affect CRC’s operations, bring developments, and carry out the risk management in the same direction throughout the organization by embedding the risk management system as part of the decision-making, strategic planning, plans and operations of CRC as well as focusing on achieving the specified objectives, goals, vision, mission and strategies to establish operational excellence and build confidence of relevant parties.
- Set up measures to prevent and mitigate the risks from CRC’s operations in order to avoid any damage or loss that may incur.
- Promote and develop a cutting-edge information technology system to be implemented in CRC’s risk management process and support personnel at all levels to have access to the sources of risk management information thoroughly as well as set a system to report the risk management to the Risk Policy Committee in an efficient manner.
Enterprise Risk Management (ERM) Process
Central Retail manages risks according to COSO ERM 2017 standards that adopts an integrated approach to enterprise risk management process, encompassing the concepts as follow:
Governance & Culture
- Establishing a structure, roles and responsibilities of risk management
- Fostering an organizational culture of risk awareness
Strategy & Objective-Setting
- Formulation an integrated strategy on risk management
- Developing strategies in accordance with an acceptable risk level and risk appetite
Performance
- Setting and assessing risk level, risk appetite, and sensitivity analysis
- Prioritization of risks based on magnitude and likelihood of potential risks
Review & Revision
- Regularly monitoring of operating results and review of risk exposure
- Review risk mitigation measures for continuous improvement
Information, Communication, and Reporting
- Promoting use of information technology system in risk management
- Raising awareness through proper communication and reporting
Central Retail identifies and assesses risks, including ESG risks, that are deemed as detrimental to the achievement of corporate strategies and business objectives. The risks are then prioritized into low, medium and high based on impact criteria and likelihood criteria. Central Retail’s risk matrix for 2023 is shown below.
Risk Assessment Criteria and Matrix
Risk Level | Impact Criteria | Likelihood Criteria |
---|---|---|
High Risk (Unacceptable) Need to manage immediately and report the results to Top Managements |
High impact on the business operation |
High chance of occurrence |
Medium Risk (Acceptable) But need to be controlled and monitored regularly by Risk Owners or set additional mitigating actions |
Moderate impact on the business operation |
Moderate chance of occurrence |
Low Risk (Acceptable) The risk is controlled by the existing process as usual |
Low impact on the business operation |
Low chance of occurrence |
2023 Risk management performance
In 2023, Central Retail Corporation convened quarterly meetings of the Risk Policy Committee and Risk Management Committee to oversee the risk management practices of the organization. Leading up to the end of 2022, the risk management team conducted a thorough analysis of significant risk profiles, utilizing Central Retail's vision, mission, values, and objectives as central pillars in their risk assessment process. In addition, they considered various internal and external factors, business context, economic trends, political climate, societal influences, technological advancements, environmental considerations, legal regulations, as well as insights from reputable international organizations such as the World Economic Forum, CRO Forum, and Internal Audit Foundation.
Furthermore, Risk data from business units was utilized to create a preliminary framework for risk appetite, risk tolerance, risk indicators, and risk assessment criteria. This framework considered statistical data on events and operational outcomes that have had a direct impact on Central Retail and similar businesses. Following this, a summary of the data was updated to senior management through surveys to identify key risks, levels of risk severity, risk appetite, risk tolerance, Key Risk Indicators (KRI), and risk assessment criteria for approval by CRC RMC and RPC. Subsequently, Risk Owners were assigned to oversee and manage risks within their respective departments. Risk exposures are then assessed based on the impact and likelihood criteria as shown in the risk matrix. Risk exposures is regularly reviewed and updated at least twice a year to ensure risks are well managed throughout the organization.
Risk | Description | Risk tolerance | KRI | Mitigation action | Responsible person |
---|---|---|---|---|---|
Strategy risk: S1 Macroeconomic risks |
Risk of potential impact on the Company's financial performance due to fluctuations in macroeconomic factors | The Company accepts fluctuations that may affect financial performance target by no more 5% |
|
|
|
Operational risk: O1 Inventory and obsolescence risk |
Risk arising from an inadequate stock management may lead to a decline in product value, financial impact, and sales performance | The Company allows flexibility in management, which may affect the target by no more 5% than an acceptable ratio. |
|
|
|
Compliance risk: C2 Fraud & corruption risk * |
Risk from any misconduct from regulatory compliance and good corporate governance. This risk could impact on legal, financial, reputational, and operational aspects of the Company | According to good corporate governance, Central Retail will not tolerate any risks from fraud, corruption, and any regulatory non-compliance |
|
|
|
Remark: * Central Retail has established specific criteria for assessing fraud and corruption risks. These criteria designate the likelihood of occurrence and the acceptable level of impact as very low. Consequently, this risk is considered more sensitive than other risks, frequently resulting in a risk level classified as medium (yellow) or high (red). These measures are implemented to ensure the prevention, monitoring, and close oversight of such risks.
Risk Culture
Central Retail is dedicated to fostering a culture of risk awareness across the entirety of the organization, encompassing key personnel within Central Retail as outlined below:
Central Retail is committed to cultivating an environment where risk consciousness is integral throughout the organization, particularly among the essential personnel of Central Retail as delineated herein
- Board of Directors and Executive level: Inviting experts from various institutions specializing in risk management. These lectures will provide valuable insights into important risk data and trends, ultimately enhancing the skills and knowledge of senior management and the board of directors. This initiative aims to improve our ability to effectively manage risks within the organization.
-
Employee level: Central Retail provides a variety of training programs, which include online e-learning courses focusing on essential aspects of risk management. These initiatives aim to enhance employees' understanding of risks across all levels of the organization, covering topics such as:
-
Occupational Safety, Health and Work Environment: All employees at Central Retail are provided with thorough safety and emergency training. This training has been successfully completed by 100% of our workforce. For additional details, please refer to our Sustainability Report on page 83.
Read More -
Anti-Corruption: Central Retail has provided training on anti-corruption, with the participation of the entire Board of Directors (100%), 72% of senior executives, and 91% of employees. For further information, please refer to the Central Retail Elevation Excellence Sustainable Future Performance Data 2023 document, available on page 4. Additional details can be found therein.
Read More
-
In addition, Central Retail has established risk management performance as a Key Performance Indicator (KPI) for employees and executives engaged in risk management. For instance, the management of Health & Safety risks has been implemented as a KPI for the Occupational Safety, Health and Work Environment Committee in some business units.
Furthermore, Central Retail places significance on diverse risk factors stemming from the implementation of business models and services, as well as the integration of tools, equipment, or technologies into its operational framework. Such risks include security concerns related to branch renovations or upgrades, challenges associated with the unsuccessful expansion of branches as projected, and the uncertainties accompanying the development of innovative business models. To effectively address these risks, Central Retail has devised comprehensive frameworks and risk management protocols for its projects, alongside establishing a New Business Checklist specifically tailored for ventures like Tops Care, Tops vita, Pet & Me. These resources serve as guidelines for enhancing risk management practices within the organization
Project Highlights
GRC (Governance, Risk, Compliance) training course for the Board of Directors and Executives
In 2023, Central Retail organized training sessions for the Board of Directors and executives with the aimed of fostering comprehension of GRC principles and practical implementation. The session mainly conducted in collaboration with consulting firms to share knowledge and expertise on GRC methodologies
Risk Management Training
In addition, Central Retail has released the GRC E-Rulebook on the intranet so that employees can study and explore GRC more conveniently, as well as use it as a tool to promote understanding of the GRC framework and proactive risk management throughout the organization as well
Risk Management Manual
Central Retail has already published a risk management manual to equip employees with the knowledge and skills to identify, evaluate, and effectively respond to potential risks relevant to their accountability. This manual is readily accessible through the company's intranet platform. Moreover, it was provided as a vital communication tool for engaging with key individuals involved in driving risk management initiatives, including the Risk Policy Committee, the Risk Management Committee, department/business unit supervisors responsible for risk management, and risk owners.
Emerging Risk
The Company has been consistently identifying and assessing emerging risks, or those that appear low level of impact in the short term but gradually become significant in the long term. The Company has identified the cost-of-living crisis and terrorism as significant emerging risks specific to the Company’s context, which are also considered as a risk item of the Global Risk Report of the World Economic Forum 2023. To mitigate the impact of these emerging risks, the Company places importance in strengthening its resilience.
Consumer Behavior Change from Emerging Cost of Living Crisis
Category | Societal |
---|---|
Description |
The cost-of-living crisis is a social risk that ranks among the top 10 in global risk rankings. It is likely to occur during the next 2-3 years, which directly causes people to become more careful and conservative in their consumption behavior by focusing only on products that are daily necessities. In addition, fluctuations in inflation rate and prices, especially energy prices, goods, and services, lead to varying interest rate adjustments that can affects debt issues and the government’s fiscal planning. Reference: https://www3.weforum.org/docs/WEF_Global_Risks_Report_2023.pdf |
Impact |
The increase in the cost of goods and services not only increases the Company's operating costs but also increases the cost of living, which is inconsistent to the stagnating household income and economic growth. This may result in reduction in the purchasing power of consumers. Meanwhile, retail business becomes more competitive due to increased competition from online-commerce and mass-market retailers which impact on the Company’s sales and revenue. However, the government's economic stimulus policy may benefit retail businesses in the short term, but some conditions in the policy may hinder business operations in the long term. |
Timeframe | 5 year period |
Mitigating Actions |
|
Increasing Risks of Terrorism
Category | Geopolitical |
---|---|
Description |
According to the 2022 Global Terrorism Index (GTI), a survey of 163 countries on terrorism conducted by the Institute for Economic & Peace (IEP), it was found that Thailand's GTI was ranked 26th globally. This shows an increase of 4 ranks higher than previous year (2021), indicating that Thailand has higher risks of terrorism. Reference: https://www.visionofhumanity.org/maps/global-terrorism-index/#/ |
Impact |
GTI shows that Thailand is likely to be at a higher risk of terrorism, which can take many forms including stress and frequency of violent behavior in public places. For example, a shocking terrorist incident involving mass-shooting occurred at a department store located in downtown Bangkok in October 2023. Such terrorism incidents cause loss of life to people and negatively affect the department store and the Company’s reputation if appropriate response measures are not readily and quickly in effect. Furthermore, it undermines consumer confidence and deteriorates the shopping experience, leading to feelings of distress and insecurity among customers. Additionally, the Company operates many department stores in prime locations that serve as popular destinations among international tourists. Terrorism incidents may turn down the traffic of potential tourists and significantly decrease the Company’s performance. |
Timeframe | 5 year period |
Mitigating Actions |
|