The Company implements a risk management system within a comprehensive framework that encompasses all identified risks faced by the Company. The aim of the Company’s risk management system framework is to minimize and manage risks from any event or activity that could negatively impact the Company’s achievements.

Establishment of the Risk Management Working Unit (RMWU)

The Company has established a Risk Management Working Unit (RMWU) to implement good corporate governance principles. The establishment of the RMWU is based on the Board of Directors’ Decision Letter Number: 075/IP-LEGAL/BOD/SK/XII/2022 dated December 19, 2022. The RMWU has the function and duty to manage and prevent risks in the Company, generally covering:

1. Business Competition Risk
2. Consistency of Raw Material Supply Risk
3. Labor Risk
4. Financial Risk
5. Cyber Security Risk
6. Risks related to Climate Change, force majeure, and geopolitical risks

Additionally, the RMWU will monitor, mitigate, and evaluate risks and report to the Board of Directors in the form of RMWU work reports for review and approval by the Board. These work reports have been included in the Annual Report for the fiscal year 2023.

General Overview of Risk Management

Risk management is part of the Company’s efforts to maintain business sustainability by controlling business risk factors that can hinder the Company’s business continuity. Therefore, the Company is committed to implementing risk management to address various types of risks such as operational risks, financial risks, strategic risks, safety and environmental risks, and other risks related to business activities.

The implementation of the Company’s risk management accommodates risk handling in the form of risk identification, potential risk prevention, and mitigation. Prevention and action are integrated by collaborating with related organs such as the Internal Audit Unit and the Internal Control System Manager. This integration is carried out in the form of an Early Warning System.

Risk mitigation procedures are formulated based on the assessment of the types of risks mapped in the Company’s risk tolerance index.