Good Corporate Governance

GRI 103-2

The corporate governance management approaches of the company are as follows:

Strategy

Adhering to good corporate governance policies.

Process
  • Charter of the Board of Directors and Charter of 4 sub-committees: Audit Committee, Nomination and Remuneration Committee, Risk Management Committee, Risk Management Committee and Corporate Governance Committee.
  • Principles of good corporate governance for listed companies in 2017 (Corporate Governance Code).
  • Screening and approving policies, as well as operating practices for sustainability management by the Good Corporate Governance Committee.
  • Analysis of areas of knowledge, expertise and potential development of the Board of Directors.
  • Evaluation of the Corporate Governance Report of Thai Listed Companies (CGR) by the Thai Institute of Directors Association.
Storing and Reporting of Performance
  • Using a system for collecting and reporting information in an information system, such as reports of the meetings of the Board of Directors and crucial information regarding company directors.
  • Utilization of an information reporting system on the company, shareholders and directors according to the regulations and requirements of the Securities and Exchange Commission (SEC), as well as the Stock Exchange of Thailand (SET).
GRI 102-11
Corporate Governance

The current structure of the Board of Directors consists of the Board of Directors itself and the following 4 sub-committees, which include the Audit Committee, the Nomination and Remuneration Committee, The Risk Management Committee and the Good Corporate Governance Committee. The company has set the scope of roles and responsibilities of the Board of Directors, along with the charter of the 4 sub-committees with a focus on creating benefits and managing sustainability for all stakeholders in the economic, social and environmental dimensions, while also conducting business with transparency, which can be inspected. The company possesses a Good Corporate Governance Committee who set policies and guidelines for good corporate governance of the company, including undertaking regular reviews of the good corporate governance guidelines of the company by comparing such with international practices and supervising the performance of directors and management, in order to comply with good corporate governance principles of various regulatory institutions. The Board of Directors has also set policies on good governance and have assigned personnel at all levels to adhere to these as per their operational guidelines.

Compliance with Principles of Good Governance (Corporate Governance Code) for listed companies in 2017

The Board of Directors has supervised the company to adopt good corporate governance principles for listed companies in the year 2017 (CG Code) of the Securities and Exchange Commission (SEC). Together with the committee and management, it was found that the company complied with the 8 principles of good corporate governance for listed companies in 2017. In this regard, the company will review such activities annually to ensure that the company operates in a balanced manner to lead to the sustainability of the business.

GRI 102-18, 102-22
Composition of the Board

The company uses a one tier system for the structure of the committee and the Board of Directors in determining the recruiting criteria, taking into account diversity in the selection process in terms of skills, experience, gender, age, abilities and qualifications necessary to achieve organizational objectives and culture, by preparing a table of knowledge elements and expertise of directors. In addition, at least 1-2 independent directors are non-executive directors, who possess experience in power, utilities and related businesses.

For more details of the structure of the Board, please visit View More Additional qualifications of independent directors, please visit View More)

GRI 102-24
Nomination and Appointment of the Board of Directors

The Board of Directors has appointed the Nomination and Remuneration Committee to perform the nominations and screening of suitable persons to appoint as directors of the company based on proposals of major and minor shareholders, including the list of names of directors of reliable agencies (Director’s Pool), which is a database of directors compiled from a list of experts in various fields. The Nomination and Remuneration Committee will then consider the qualifications of directors in numerous issues, according to the criteria set by the company, which will thereafter be presented at the meeting of the Board of Directors and the shareholder meeting for further approval.

In the selection of the directors of the company, the Board of Directors has established the selection criteria with emphasis on transparency, while also taking into account the diversity of director qualifications, both in terms of independence, knowledge, ability, skills, experience and expertise, where the consideration must not be based on gender, race, nationality, religion, age, cultural background, or an other distinction. The Board of Directors has prepared the Board Skills Matrix to ensure that the composition of the overall board is appropriate and complete as necessary to achieve the objectives and main goals of the organization, while also meeting the needs of stakeholders. As a result, the current committee complies with laws and principles of good governance internationally, with the details of such being as follows:

GRI 102-27
Director Development

In addition to recruiting qualified persons in different fields to serve as directors, the company continues to focus on the development of skills and knowledge of the directors of the company. In 2020, the directors of the company have attended various training courses to develop their knowledge and abilities as follows:

Course Training Institute Number of Directors Participating
Crisis Management Training Course PTT Leadership and Learning Institute 1
Crisis Management Training Thailand Energy Academy 1
Top Executive Program in Energy Literacy for a Sustainable Future (TEA 16) Thai Institute of Directors Association 1
IT Governance and Cyber Resilience Program (ITG) class of 15/ 2020 Thai Institute of Directors Association 1
Risk Management Program for Corporate Leaders (RCL) class of 21/ 2020 Thai Institute of Directors Association 1
Role of Chairman Program (RCP) class of 46/ 2020 Organized as internal training by the company 4
Board Skills Matrix

(GPSC's Board Skill Matrix, as of December 31, 2020)

Name-Surname Director Pool Skill / Expertise
Core Skills Specific Skills Experience
Policy Development Business Judgment Strategic Planning Finance& Accounting Internal Audit Law Corporate Governance&CSR Risk Management&Internal Control HR & Organization Development  Power Industry Expertise* International Business Innovation Management M - Management
A - Academia
C - Consulting
R - research
1. Mr. Pailin Chuchottaworn / / / / / / / / / / / / / M, A
2. Mr. Kurujit Nakornthap / / / /   / / / / / / /   M, A
3. Mr. Payungsak Chartsutipol / / / /   /   / / / /   / M, A
4. MG. Chaowalek Chayansupap   / / /   /   /   / /     M, A
5. Mrs. Nicha Hiranburana Thuvatham   /   /       / / /       M, A
6. Mrs. Saowanee Kamolbutr   / / / / /   / / /       M, A
7. Mr.Somchai Meesen   / / /       / /         M, A
8. Mr.Wittawat Svasti-Xuto   / / /         / / / / / M, A
9. Mr. Wuttikorn  Stithit   / / / /       / / /     M, A
10. Mr. Atikom Terbsiri / / / / /     / / / / /   M, A
11. Mr. Wirat Uanarumit    / / / /       /     /   M, A
12. Mr. Kongkrapan  Intarajang   / / / /     / / /   / / M, A
13. Mr. Bandhit Thamprajamchit   / / /       / / / /   / M, A
14. Mr. Boonchai Chunhawiksit    / / /             /     M, A
15. Mr. Worawat Pitayasiri   / / / /       / / / / / M, A
Total 4 15 14 15 7 5 2 10 13 12 10 7 6  

Remark: *Power Industry Expertise is in accordance with GICS Utilities Sector

GPSC 's Board Industry Experience, as of December 31, 2020
Name Surname Position Work Experience
1. Mr. Pailin Chuchottaworn
Chairman of the Board / Independent Director (Non-Executive Director) Mr. Pailin Chuchottaworn is a Chairman of the Board and independent director of GPSC Group since 2019. He has background in chemical engineering (Ph.D.) with more than 30 years working experienced with roles of being director, executive, advisor, expert in variety of industry sectors including utility, power, oil & gas, petrochemical, transportation, research & academic and governmental institutions. Mr. Pailin previously held the position as Chief Executive Officer of PTT Public Company Limited. Thus, he deeply understands on the insight of the business and strategic operations in the industry. Additionally, he also receives regular capacity building and training to continuously update and elevate his competency & skills on the critical issues such as director certification program, finance for non-finance directors program, certificate in Top Executives in the Energy Education Program from Thailand Energy Academy etc.
2. Mr. Kurujit Nakornthap
Independent Director/ Chairman of the Corporate Governance Committee/ Member of the Audit Committee (Non-Executive Director) Mr. Kurujit Nakornthap received Ph.D. in Petroleum Engineering. He is an Independent Director, Chairman of the Corporate Governance Committee, and Member of the Audit Committee of GPSC Group since 2017. Before joining GPSC Group, Mr. Kurujit worked in the energy and utility sectors for a number of years. In particular, he worked for Electricity Generating Authority of Thailand as a Director and Chairman of the Board in 2011, switched to Ministry of Energy as General Director of Department of Mineral Fuels in 2014, and joined the National Reform Steering Assembly as Chairman of Energy Affairs Committee in 2015. In addition, he has received several trainings related to financials, energy and utilities, such as the Top Executives in the Energy Education Program from Thailand Energy Academy, Senior Executive Program from London Business School and Money Laundering Seminar.
3. Mr. Payungsak Chartsutipol
Independent Director / Chairman of the Risk Management Committee / Chairman of the Nomination and Remuneration Committee (Non-Executive Director) Mr. Payungsak Chartsutipol is an Independent Director, Chairman of the Risk Management Committee and Chairman of the Nomination and Remuneration Committee of GPSC Group since 2014. Mr. Payungsak brings a solid understanding of the industrial knowledge to the board as he previously a Director/Chairman of several energy, utility, and material organizations, for example, Siam United Steel Company Limited and Siam City Leasing and Factoring Public Company. In addition, he brings a unique perspective to the board as he received several trainings related to risk management and energy such as Director Accreditation Program and Top Executives in the Energy Education Program from Thailand Energy Academy.
4. MG. Chaowalek Chayansupap
Independent Director/ Member of the Audit Committee (Non-Executive Director) Maj.Gen. Chaowalek Chayansupap is an Independent Director and Member of the Audit Committee of GPSC Group since 2016. Maj.Gen. Chaowalek was a member of the Corporate Governance Committee of GPSC Group in which he monitored and reviewed the GPSC corporate governance guidelines based on international practices of the energy and utility sectors. He brings unique perspective to the GPSC board as he served Royal Thai Army for multiple years. Also, he received a number of trainings including the Top Executives in the Energy Education Program from Thailand Energy Academy, and Logistics Management Course from the Royal Thai Army Logistics School.
5. Mrs. Nicha Hiranburana Thuvatham
Independent Director / Member of the Corporate Governance Committee (Non-Executive Director) Mrs. Nicha Hiranburana Thuvatham is an Independent Director and Member of the Corporate Governance Committee of GPSC Group since 2018. She has more than 10 years with experienced in government sector. She previously held position as an advisor to the Prime Minister on social, Secretariat of the Prime Minister. Currently, she holds position as Deputy Secretary-General to the Prime Minister for administrative affairs. She is a key person who oversee and ensure good corporate governance and business transparency across the company.
6. Mrs. Saowanee Kamolbutr
Independent Director / Chairman of the Audit Committee (Non-Executive Director) Mrs. Saowanee Kamolbutr is an Independent Director and Chairman of the Audit Committee of GPSC Group in 2020. She has a strong understanding of the industry and in particular utility power sector as she previously was an Independent Director of Glow Energy Public Company and Pacific Pipe Public Company Limited. In addition to the experience in energy sector, Mrs. Saowanee brings a unique perspective to the board as she has an experience in communication services and financials, as she was an Independent Director and Member of the Audit Committee of Interlink Communication from 2013-2017, and Deputy Permanent Secretary of Ministry of Finance from 2009-2012.
7. Mr.Somchai Meesen
Independent Director / Member of the Corporate Governance Committee (Non-Executive Director) Mr. Somchai Meesen is an Independent Director and Member of the Corporate Governance Committee of GPSC Group in 2020. He brings an information technology perspective to the board as he was a Director of Spring News and a Managing Director of Thansettakij Multimedia. In addition, his understanding of real estate from Aquarius Estate Company Limited in 2018 helps GPSC Group to shape and implement strategy.
8. Mr.Wittawat Svasti-Xuto
Director / Member of the Nomination and Remuneration Committee / Member of the Risk Management Committee (Non-Executive Director) Mr. Wittawat Svasti-Xuto is a Director, Member of the Nomination and Remuneration Committee and Member of the Risk Management Committee of GPSC Group since 2018. With his experience on information and technology at PTT Public Company Limited, Mr. Wittawat has responsibility for technology, information and corporate security, property, and vendor management, enterprise information as he had experience on information and technology. Also, he has strong background in energy sector, as he has been working for PTT Public Company Limited for over 30 years. Currently Mr.Wittawat also holds a Chief Technology and Engineering Officer of PTT Public Company Limitd and Director of PTT Global Chemical Public Company Limited. With his experiences, he is a key person who oversees information technology and cybersecurity related issues across GPSC Group. Mr. Wittawat holds M.S. in industrial Engineering from the University of Rhode Island. He also received a number of energy-related trainings such as the Top Executives in the Energy Education Program from Thailand Energy Academy.
9. Mr. Wuttikorn Stithit
Director (Non-Executive Director) Mr. Wuttikorn Stithit is a Director of GPSC Group since 2019. He also currently holds a Senior Executive Vice President position of Gas Business Unit, PTT Public Company Limited. Mr. Wuttikorn has vast experience in an energy sector, as he was an Executive Vice President, Natural Gas Supply & Trading, PTT Public Company Limited and Executive Vice President, Natural Gas Distribution, PTT Public Company Limited before joining GPSC Group.
10. Mr. Atikom Terbsiri
Director / Member of the Nomination and Remuneration Committee (Non-Executive Director) Mr. Atikom Terbsiri is a Director and Member of the Nomination and Remuneration Committee of GPSC Group since 2020. He is also a Chief Operating Officer, Upstream Petroleum and Gas Business Group of PTT Public Company Limited, and a Director of PTT Exploration & Production Public Company Limited. Mr. Atikom brings industry insights to the board with experience in the energy and utilities as a Chief Executive Officer and President at Thai Oil Public Company Limited, Senior Executive Vice President at PTT Public Company Limited, and a President of IRPC Public Company Limited. Mr. Atikom holds M.A. in Finance and International Business from Armstrong University. Mr. Atikom also received many trainings including the Executive Education Program from Harvard Business School and Executive Program on Energy Literacy for a Sustainable Future from Thailand Energy Academy.
11. Mr. Wirat Uanarumit
Director / Member of the Risk Management Committee (Non-Executive Director) Mr. Wirat Uanarumit is a Director and Member of the Risk Management Committee of GPSC Group since 2019. He received Master degree in Financial Management from Pennsylvania State University and Bachelor of Engineering (Electrical Engineering), Chulalongkorn University. Mr. Wirat brings a unique perspective to the board as he is also a Director and Secretary of the Board of Directors / Member of the Risk Management Committee / Chief Executive Officer and President of Thai Oil Public Company Limited.
12. Mr. Kongkrapan Intarajang
Director / Member of the Risk Management Committee (Non-Executive Director) Mr. Kongkrapan Intarajang is a Director and Member of the Risk Management Committee of GPSC Group Since 2017. His educational background was a chemical engineering, Ph.D. from University of Houston and electrical engineering, B.S. from Chulalongkorn University. Mr. Kongkrapan has responsibility for GPSC risk management as he has insights on from being a Director of the Risk Management Committee and Chief Executive Officer at PTT Global Chemical Public Company Limited. In addition, Mr. Kongkrapan brings international perspective to the board, as he was a director of PTTGC international Private Limited. He received several trainings related to energy and utilities including the Executive Program in Energy Literacy for a Sustainable Future, Thailand Energy Academy.
13. Mr. Bandhit Thamprajamchit
Director / Member of the Corporate Governance Committee (Non-Executive Director) Mr. Bandhit Thamprajamchit is a Director of GPSC Group since 2018. He holds a M.Sc. in Advance Chemical Engineering (Distinction) from Imperial College, University of London. Since 2016, Mr. Bandhit has been executive for Thai Oil Public Company Limited, an energy and utility company. With such experience, Mr. Bandhit brings a strong understanding of the industry to GPSC Group. He also received several energy-related trainings such as the Executive Program in Energy Literacy for a Sustainable Future from Thailand Energy Academy.
14. Mr. Boonchai Chunhawiksit
Director (Non-Executive Director) Mr. Boonchai Chunhawiksit is a Director of GPSC Group since 2019. Before joining the board, he was a Vice President at PTT Global Chemical Public Company Limited, managing different business units such as Olefins Plant, Group Performance Center and Upstream Petrochemical Business. Mr. Boonchai holds a B.S in Electrical Engineering from King Mongkut’s Institute of Technology, and M.A. in Business Administration from Thammasat University.
15. Mr. Worawat Pitayasiri
Director / Secretary to the Board / Member of the Risk Management Committee / President and Chief Executive Officer (Executive Director) Mr. Worawat Pitayasiri is a Director, Secretary to the Board, Member of the Risk Management Committee and President and Chief Executive Officer of GPSC Group since 2020. He also holds a position as a director of many utility organizations, such as Xayaburi Power Company, Ratchaburi Power Company and Glow Group. Previously, Mr. Worawat brings strong industrial and utility insights to the board, as he was a President at PTT MCC Biochem Company Limited, Executive Vice President, Downstream Business Group Collaboration at PTT Public Company Limited, and Executive Vice President, Downstream Business Group Planning at PTT Public Company Limited. He brings more than 20 years of in-depth experiences and operational insight that can strategically apply across the group effectively.
GRI 102-28
Performance Evaluation of the Board of Directors

Performance evaluation is done for maximum effectiveness in the operation and development in the performance of the Board of Directors. The company has therefore provided an annual performance evaluation of the Board, sub-committees and individual directors. In this process, the Good Corporate Governance Committee has screened and agreed to present the assessment methods, assessment criteria and the annual performance appraisal form of the Board of Directors’ meetings to consider and approve the evaluation criteria. The annual assessment consists of evaluating the performance of the entire board, the 4 sub-committees and individual directors, both in terms of self- and crossover assessment. The company secretary will then summarize the evaluation results and recommendations received from the assessment for the Board of Directors meetings to consider the guidelines for operational development for the best interests of the company. The results of the performance evaluation of the Board of Directors in 2020 are as follows:

Performance Evaluation of the Board of Directors Average Score (%) 2020
Type 1: Assessment Results of the Entire Board of Directors 93.05 (Excellent)
Type 2: Assessment Results for Individual Directors
1. Self-assessment Results 97.34 (Excellent)
2. Cross Evaluation Results 97.94 (Excellent)
Type 3: Assessment Results for Sub-committees
1. Audit Committee 99.62 (Excellent)
2. Audit Committee (Self-assessment) 98.02 (Excellent)
3. Nomination and Remuneration Committee 90.19 (Excellent)
4. Good Corporate Governance Committee 96.11 (Excellent)
5. Risk Management Committee 95.00 (Excellent)
Independent Assessment of the Board of Directors

In 2021, the company considered assigning Kincentric (Thailand) Co., Ltd. as an independent external assessor to conduct an independent assessment of the Board and sub-committees. There are three types of assessments which are the entire board of directors assessment, individual directors assessment (self-assessment and cross-assessment) and sub-committee assessment for 4 sub-committees, which have completely assessed all of 15 directors.

The process included in-deep interviewing directors to receive more adequate information to analyze the result of assessment for more accuracy and used its result to improve board performance for further efficiency. Board and sub-committee assessment details are as follows:

Result of Performance Evaluation of the Board of Directors Average Score (%)
Type 1 : Assessment Results of the Entire Board of Directors 91.39 %
Type 2 : Assessment Results for Individual Directors  
1. Self-assessment Results 94.12 %
2. Cross-assessment Results 94.65 %
Type 3 : Assessment Results for Sub-committee  
1. Audit Committee 99.15 %
2. Nomination and Remuneration Committee 85.83 %
3. Corporate Governance Committee 97.27 %
4. Risk Management Committee 96.00 %

In addition. GPSC Group's board of director is regularly independently evaluated for 3 years by external third party to assess performance of the board, sub-committees, and individual directors that meet international standards. The evaluation process systematically included a questionnaire and an in-depth interview of board members by assessing the Board Composition, Board Roles, Risk Management, Fulfillment of Responsibility etc. The outcomes of this evaluation will use to provide feedback and recommendations to improve board performance. ensuring transparency and accountability towards GPSC Group's good corporate governance.

Global Power Synergy Public Company Limited Group (GPSC Group) has established guideline for the President and Chief Executive Officer in order to reward appropriate compensation that reflect the corporate and individual achievement. The Board of Directors with the recommendations from Nomination and Remuneration Committee conducts a performance assessment and determines the remuneration of the President and Chief Executive Officer using the designated performance assessment criteria in tandem with the self-assessment of the President and Chief Executive Officer

  1. Performance in relation to the Key Performance Indicators (KPIs) in short-term covering the following indicators:
    • a. Financial returns (e.g. Operating Revenue, Earnings Before Interest, Taxes, Depreciation, and Amortization (EBITDA), net profit, Return on Assets (ROA), Return on Equity (ROE) and Return on Invested Capital (ROIC))
    • b. Relative financial metrics in the comparison to companies in the same industry (e.g. Return on Assets (ROA), Return on Equity (ROE) and Return on Invested Capital (ROIC))
    • c. Other non-financial indicators (e.g. Customer Perspective, Internal Business Process Perspective and Learning and Growth Perspective)
  2. 2. Performance in pursuing the company’s performance in the long term, and the managerial ability and leadership, which would contribute to the company’s long-term sustainability.

The success of these KPIs are reflect to short-term and long-term remunerations for CEO and executives which GPSC has transparency and reasonable process to determine their compensation. The short-term remuneration comprises salary, bonus and other benefits. The long-term remuneration (e.g. bonus based on long-term performance, etc.) will be awarded to the CEO and executives over a four years vesting period.

CEO & Executive Performance and KPIs

GPSC evaluates the performance of CEO, Executives and Employees annually using Corporate Key Performance Indicator (KPI). The performance is assessed base on: Initiatives (70%), which support corporate KPIs and special assignments and core behavior (30%), which is evaluated based on behaviors of ACT SPIRIT.

Long-term Compensation (deferred bonus, time vesting, and performance period for variable compensation) and Clawback Provision

GPSC group has the longest performance period of one year to evaluate variable compensation of the President and Chief Executive Officer while the longest time vesting period is 4 years. The company has a clawback provision in place. GPSC group referred clawback provision to the section 85 of Limited Public Company Act, B.E.2535 (1992) (“Public Company Act”) and section 89/7 of Securities and Exchange Act, B.E. 2551 which requires directors and executives to perform the duty with responsibility in accordance with the law, objective, and articles in association of the company. In case any directors or executives does not perform any act or fail to comply which cause damage to the company, the company will claim a compensation from such directors or executives and they may be subject to civil penalty and/or criminal punishment under the laws.

To drive and promote individual ownership, as being part of corporate’s desired behavior, our CEO has encouraged GPSC employee especially executive members to voluntarily hold GPSC’s shares in order to build its commitment and gain long-term trusts from our investors. However, all must strictly comply with regulation set by the Securities and Exchange Commission in order to prevent insider or unethical trading. For more information on number of shares held by CEO and the executive members please see below;

President and other executive officers hold company shares (as of Dec, 2020)

Position Multiple of base salary
CEO 0
Executive (average) 0.97
Revised as of February 2021

The above content is prepared in accordance with the sustainability reporting standards. The Global Reporting Initiative (GRI Standards) has been validated by external agencies and thus provides limited assurance of reporting data (Limited Assurance).

Risk and Crisis
Management

In the midst of current and emerging risks and uncertainties in business, both direct and indirect factors are those that affect business goals, which must be properly addressed in a systematic and efficient manner. On the other hand, risks and uncertainties can create business opportunities and organizations must seek ways to take advantage of them. The company therefore adheres to the Enterprise Risk Management guidelines in accordance with international standards, the Committee of Sponsoring Organizations of the Treadway Commission (COSO) ERM Framework and ISO 31000: 2009. This is to ensure that relevant persons understand the principles of risk management and that such individuals are able to apply these appropriately to maximize benefits and establish a risk management committee under the delegation of the board of directors in performing the duties of supervising the overall risk management of the organization. The established risk and crisis management guidelines are as follows:
Risk Management Policies

Management policies have been established to serve as guidelines for all executives and employees and are to be implemented accordingly. These risk management approaches are clear, systematic and consistent with the business strategies of the company, which cover all aspects of business risks, including environmental, social and governance (ESG) risks, as well as fraud and corruption related risks.

Risk management policy
GRI 102-30, 103-2

The risk management of the company is carried out under the supervision of the Risk Management Committee (RMC), which consists of a group, some of whom from the board of directors. This committee is responsible for defining and reviewing the risk management policy framework, overseeing and supporting the implementation of corporate risk management in accordance with business strategies and goals, including monitoring and scrutinizing opinions or recommendations on risk management to ensure the continuity of risk management operations (More details can be found on the scope of powers, duties and responsibilities of the Risk Management Committee at the Risk Management Committee Charter). The management committee (GPSC Management Committee: GPSCMC) comprises senior executives of the company from various departments who are responsible for considering and monitoring operations, as well as the internal risk management committee, (Risk Management and Internal Control Committee: RMCC) which is made up of senior executives of the company who are responsible for overseeing the risk management system and the internal control system of the company to be appropriate and efficient. Monitoring and reporting on the progress of corporate risk management is carried out through the RMCC meeting and the results of which are reported to the RMC, which is held at least on a quarterly basis.

Within the framework of risk management throughout the organization of the company, (Enterprise Risk Management: ERM) risk management guidelines have been established at two levels: Corporate Level and Functional Level.

Enterprise Risk Management Framework of the company

Risk Management Strategies

The company has established risk management strategies throughout the organization with the goal of creating a risk culture through training for executives, employees and all stakeholders, including the appointment of representatives of various departments as coordinators (Risk Agent). These are categorized by groups of risks associated with all aspects of work, for which there exists a risk management division acting as a central coordinator, supervisory, as well as a formulator of strategies and driver of continuous improvement, along with advocating for development of risk management systems (Continuous Improvement), also under the context of risk management. The company has also set objectives and acceptable risk levels (Risk Appetite), as well as an acceptable level of deviation (Risk Tolerance), in order for the risk management to move in the same direction throughout the organization and for these to be in accordance with the strategies of the business. In addition, the company has also established cooperation among the PTT Group in seeking to develop knowledge of risk management in various areas, such as the development of operational excellence (Operational Excellence Management System: OEMS)

Accepted Risk by the Organization (Risk Appetite)

GRI 102-11

Organization Risk Management Process

The company realizes the importance of risk-related matters, which must be fully addressed and sufficiently possess risk mitigation measures. Therefore, the company continually reviews, analyzes and assesses the existing matters on risk, as well as examining and evaluating emerging risks based on changing activities or business contexts, with supervision and management by the relevant departments, including raising the risk level to the corporate level in the list to be consistent with the target.

1. Identification of Risk Factors

The company identifies risk factors by assessing future situations as a result of changes from both internal and external factors that may affect the achievement of the goals of the organization.

2. Risk Assessment and Analysis

The company assesses and analyzes all aspects of risks that may occur at both the corporate and department level, with the following criteria for risk assessment:

  • The criteria for assessing the impact of risks on finance, business and operational processes, reputation of the organization, as well as customers and people, are divided into four levels of severity, from low to severe.
  • The criteria for assessing likelihood is divided into four levels, from low likelihood (less than 10%) to high likelihood (over 50%).

The company presents the assessment results by using the risk matrix to prioritize risks. Risk groups that are assessed as high to very high impacts are classified as risks that need to be managed and risks that have moderate to low impacts are classified as those that require monitoring.

The dimensions of risk that the company has framed include strategic, business, operational and financial risks by the level of risk management. The company has divided the management and supervision into two levels:

  • Corporate Level: Considers impacts or damages that may result in the company being unable to achieve its objectives, strategies and business plans of the organization as specified.
  • Functional Level: Considers impacts or damages that may result in the organization being unable to achieve its objectives and responsibilities.
3. Risk Management

The company considers appropriate management to keep risks at an acceptable level by setting a time frame for risk management actions to reduce the likelihood and impact of risk incidents and assigning responsible persons to take action (Risk Owner), in order to formulate a risk management plan (Mitigation Plan).

4. Communication Report Tracking

The company continually monitors and reports on risk management by assigning clear responsibility for monitoring and reporting as follows:

  • The company has assigned the Risk Management and Internal Control Committee (RMCC) at the management level to continuously monitor risk issues at the departmental and the corporate level, as well as continually emerging risks. The results of corporate risk monitoring and emerging risks that are significant to the company are presented to the Risk Management Committee (RMC).
  • The company has established a "Risk Agent" to be at the center of each work group for identifying risk factors and assessing risks through the use of a "Risk Register", whereby the risk management department will report its performance to the Risk Management and Internal Control Committee (RMCC), which is at the management level, in order to continuously monitor management progress.

Additionally, the company has communicated risk-related issues to all executives and employees to create a robust risk management culture, with there being ongoing risk management training and publicizing of risk-related information via email, while also setting risk management as one of the operational indicators of all executives and employees.

5. Risk Management Plan Review

The company pays attention to the review and adjustment of the risk management plan, which is consistent with each situation, with the goal of managing risks in an integrated way to keep these at an acceptable level on a regular basis.

Risk Correlation

Risk matters that are among the most impactful to company operations include efficiency of investments, organizational potential, regulatory compliance, power plant security and project execution. The correlation of risks is significant to the risk management of the company, as the relationship of different risks can create a chain effect that may increase or decrease the risk level based on the relationship between such risks.

Annual Risk Correlation Analysis Chart

Emerging Risk

GPSC Group recognizes and aware of the long-term emerging risks that could cause impact to the company. Accordingly, GPSC Group identify risks that may arise in the next 3-5 years, which will result in opportunity loss for the company if it is not appropriately managed. Therefore, the company has assessed the emerging risks, evaluated the impacts as well as defined mitigation actions to manage those risks effectively.

Emerging Risks Risk level Time
frame
Description of Risks Potential Business Impacts of the Risks Mitigating Actions
1. COVID-19 Pandemic Medium 2023 The Covid-19 pandemic has hurt the global society and economy including GPSC Group, its joint ventures, and customers. Rapid outbreak of this pandemic causes obstacles in operations and changes of customer behavior due to several containment measures i.e. lockdown, prohibition of mass gathering.
  • Constraints on National Power Policy and Macro Power balance
  • Constraints on power generation and the overall business outlook
  • Reduction of energy demand which cause an effect on GPSC revenues and profits
  • Shifting of customer energy consumption behavior
  • Shifting of business operation practices to new normal
  • Closely monitor of the situation
  • Development of a business continuity plan (BCP)
  • Providing safe houses for employees in charge of power generation and reliability and critical utility supply
  • Conducting stress tests on our financial system
  • Provision of cash flow to ensure proper liquidity in case of emergencies affecting business operations
  • Develop new business to meet the needs of variety customers in the new normal (e.g. small scale distributed power generation, micro grid management)
2. Drought Crisis Medium 2026

Climatic feature caused by the lack of rainfall over an extended period of time cause an inadequate of water resources. As water is a critical component of our power generation business, drought and water shortages are a threat to GPSC’s operation as previously seen on a drought crisis that became more severe in 2020.

  • Water shortages for manufacturing bases of many firms in Thailand and for hydropower generation from hydroelectric dams in neighboring countries. This impacts on company production and delivering processes, which resulted to company reliability and financial impacts for more than 739 MTHB.
  • The water related risk assessment based on Aqueduct projection showed medium impact on water stress in Rayong and Chonburi
  • Lack of water supply that delay on production process and client delivery
  • Need to acquire and prepare seawater reverse osmosis system to generate fresh water from seawater for production process.
  • Closely monitoring of the national water supply and networks
  • Participating with other organizations and state agencies in the Committee on Water Resource Management (a public-private cooperation in charge of monitoring and managing water resources at all storage facilities)
  • Implementing 3Rs program
  • Reducing water usage by up to 10-30 percent in case of crisis
  • Installing a mobile wastewater RO unit and a seawater reverse osmosis system
  • Joint efforts with customers to cut water usage
  • Manages water both internally and externally with the representatives from PTT Group's water resource management committee in order to assess water situation in the Eastern region
  • Have back-up emergency storage for at least 3 days of operations.
  • Set up water management plan to prepare for risky events related to water resource such as secure contract of demineralized water from other supplier
3. Threats and Cybersecurity High 2023 Cyber threats can cause significant impacts on company information technology management and online operations since digital technologies have improved its efficiency and become much more widely used-particularly in the power generation business. Every facet of operations at plant facilities and our offices rely heavily on digital technologies and the internet. Thus, cybersecurity becomes more important and IT threats using internet connections have become unwelcome risks.
  • Leak of company’s confidential information
  • IT comes to a halt, affecting production and distribution systems, and thereby the company’s reliability
  • Get penalized through fines and penalty from regulators
  • Potential to damage to company’s financial and social capital
  • Loss of company reputation, reliability, and trust from stakeholders
  • Loss of business opportunities and revenue
  • Increase in infrastructure, operating, and insurance cost
  • Clearly defining cybersecurity policy for the company and its subsidiaries and forming dedicated working committees in charge of short-term and long-term management
  • Improve cyber security system to meet the requirements of international standard and get ISO 27001-certified
  • Actively educating the entire workforce on various IT threat patterns and related procedures for protecting against and handing each threat at site to prevent escalating damage to the company
  • Periodically testing the system with self-instructed decoys and organizing lessons learned to nurture awareness for all employees on the use of information technology
  • Regularly organizing workforce drills to respond to IT threats and cyber-attacks for office support functions
  • Regularly perform information system tests and system recovery drills in case of emergency threats to the power generation operating areas
  • Regular and update for cyber-related law and regulations
4. Innovation and Technology Transformation High 2026 With rapid change in customer and consumer energy consumption behaviors, technology transformation such as Blockchain and IoTs, businesses need to adapt to stay competitive and to develop innovations for future growth. In addition, disruptive technology has been rapidly driving energy technology changes, leading to changing consumer behavior for industrial and public users in energy transition towards renewable electricity such as EV. These uncertainties are unavoidable and may affect on company competitiveness against its peers
  • Decrease competitiveness if the company is unable to adapt to technological changes
  • Loss of company reputation, reliability, and trust from stakeholders
  • Loss of business opportunities, market share and revenue
  • Increase financial and intellectual capital to build company’s competency on new business
  • Aggressively continue with the new S-curve business model beyond the existing power-generating business model to support future business growth
  • Actively develop a system integrator, integrating energy production and consumption patterns to better respond to the needs of both such as Micro Grid and Smart Grid
  • Consistently develop a new Energy Trade Platform to cope with new behaviors of industrial and public users, simultaneously reducing impacts to our power generation and distribution operations currently and in the future
  • Conduct customer behavior analysis and shift in market pattern to understand current and future change in consumption behaviors
  • Battery and Energy Storage Technology

Information Technology and Cybersecurity Measure

Information Technology and Cybersecurity Strategies for Success

As digital technology and information systems are critical to business operation both the production system and the operating network that connect to the internet network which could lead to a risk of cyber threats. To productively and effectively facilitate the digital technology and information operation of GPSC group as well as be able to prevent threats and effectively manage the cyber and information risk in accordance with ISO / IEC 27001, NIST standard and relevant laws, the company has guidelines for information security and cybersecurity as follows:

Cybersecurity Policy

GPSC has Information Technology and Cybersecurity governance structure are as follows:

Board of Directors (BoD)

Board of Directors are responsible for reviewing and approving GPSC’ s key strategies, policies, objectives, action plans, and financial goals as well as regularly overseeing and monitoring the executives so that such plans are carried out in accordance with the prescribed directions and strategies. Moreover, the roles and responsibilities of them are to consider potential risk factors, formulate comprehensive risk management guidelines, ensure that the executives operate with efficient risk management systems and processes in place and to ensure sufficient and effective internal control as well as regular assessment of the suitability of GPSC’s internal control systems.

Risk Management Committee (RMC)

GPSC Risk Management Committee appointed by the Board, which have roles and responsibilities according to the charter consisting of determining and reviewing risk management policy and framework, monitoring and supporting the operation of risk management in accordance to the changing situations covering information technology and cybersecurity risk as well as providing recommendations for the Risk Management and Internal Control Committee (RMCC) (management level) and Management Committee (MC) to ensure that the company has an efficient risk management. The results of risk management operations will be reported to the Board.

Audit Committee (AC)

GPSC Audit Committee (AC) have duties to review to ensure that the internal audit systems, internal control systems and risk management of the company are appropriate and efficient as well as to guide and give any advice to management to improve processes effectively in order to reduce any risk factors.

Management Committee (MC)

GPSC Management Committee are responsible for monitoring and driving the business operations in accordance with the prescribed directions and strategies as well as managing any obstacles and risks which might affect business operations. In addition, the roles and responsibilities of them are to provide recommendations to President and Chief Executive Officer in order to make decisions on important issues to business operations and plans as well as to manage the working system with the same direction and to scrutinize the risk management of the company. The results of risk management and business operations will be reported to the Risk Management Committee and the Board, respectively.

Risk Management and Internal Control Committee (RMCC)

GPSC Risk Management and Internal Control Committee are responsible for governing risk management activities and internal control systems which cover all risks, including environmental, social, and governance risk (ESG risk) to ensure that the company can achieve organizational goals with reasonable confidence through supporting and monitoring the operation in accordance to the risk management policy and framework of GPSC Group as well as overseeing the operational risk management both corporate and functional risks. In addition, the roles and responsibilities of them are to scrutinize the risk management framework as well as to monitor and evaluate the results of risk management. They also have the responsibilities to support and provide recommendations to the management committee in risk management, according to their scope of duties as well as to develop enterprise risk management to align with international standard to ensure that the risk management system meets the requirements. The results of risk management will be reported to GPSC Risk Management Committee, Audit Committee, Management Committee and related functions. In case that there is a significant factor or situation which might affect the company significantly, the committee must report to the Board immediately.

Digital and Cybersecurity Steering Committee (DCSC)

Executive Vice President Corporate Strategy and Subsidiary Management performs the chairman of the DCSC and has responsibilities for managing any changes, assessing digital technology and cybersecurity risks, establishing strategies to achieve operational goals as well as driving and supervising various projects in accordance with the organization's strategies and operations.

In addition, senior executives from various departments join to perform the committee and be responsible for regulating and driving digital technology and cybersecurity operations to have the effective results and comply with the cybersecurity, ISO/IEC 27001, NIST standard, and relevant laws.

Digital technology and cybersecurity risk management and result of the operation will be reported to GPSC Management Committee as necessary. In case of emerging risk or high risk, the committee must report to the Risk Management and Internal Control Committee to consider and provide recommendations on the risk management as well as to concretely drive the efficient risk management.

Cybersecurity Working Team

Representatives from various departments, consisting of information technology (IT) and operation technology (OT) departments are responsible for preparing a plan, improving and defining a framework for cybersecurity to comply with GPSC Group's cybersecurity policy, relevant laws and regulations in order to manage cybersecurity risks. The cybersecurity working team must monitor and report the operational result to DCSC as necessary.

ISO/IEC 27001 Information Security Management System (ISMS)

ISMS consists of 3 working groups are as follows

Information Security Management Representative (ISMR)/ Information Security Management Assistance (ISMA) is the company’s management representative which has responsibilities for supervising to establish, use and develop the information security management system in GPSC as well as for maintenance, continuously monitoring and improving to achieve the information security policy and to conform to ISO/IEC 27001 standard. In addition, ISMR/ISMA also has duties in providing recommendations and suggestions about information security and policy applying to all employees as well as supervising any changes that might occur in the company along with coordinating to assess, solve and appropriately control risks from those changes and in case of security breaches. ISMR/ISMA must report the result of the operation to DCSC.

ISMS Core Team (CT) consists of representatives from various departments. They have duties in coordinating with ISMR/ISMA to conduct risk assessments and manage risks for each segment as well as to measure the effectiveness of the process and control in the system. In addition, CT is responsible for coordinating with ISMR in the event of security breaches or any emergency cases to control and deal with these challenges that arise.

ISMS Document Controller (DC) is responsible for supervising and controlling the use of documents and records of the system to comply with the requirements of ISO/IEC 27001 standard, including coordinating with the GPSC central document controller team in order to operate the system to be in line with the company standard.

Updated as of February 2021

The above content is prepared in accordance with the sustainability reporting standards by the Global Reporting Initiative (GRI Standards), which is validated by external parties and provides a limited level of assurance of reporting information (Limited Assurance).

GRI 103-2

Approaches to Business Ethics and Anti-Corruption are as follows:

Strategies
  • Corporate Governance (CG) & Code of Conduct Policy and Manual
  • Anti-Corruption Policy
  • Compliance Policy & Charter
  • Whistleblowing and Complaints Handling Policy
  • Law and Regulation Policy
  • Asset Management, Confidentiality and Information Disclosure Policies
Action Plans
  • Roles and responsibilities for legal affairs
  • Practices on anti-corruption, anti-gift/benefit accepting and giving through information technology and communications
  • Reports on stakeholder engagement of directors, executives and related persons. The report criteria include those in the first report, quarterly reports on changes of stakeholders’ information and annual reports on shareholders’ information
  • Raising awareness of business ethics and anti-corruption among all stakeholders, including directors, employees, executives, representatives of affiliate companies, business partners and other groups
Filing and Reporting Performance
  • Filing and Reports on security holdings of the company’s directors, and senior executives
  • Filing and Reports on shareholder engagement of the company’s board members, executives, and persons involved
  • Filing and Reports on lists of gifts or other benefits incompliance with the practices on anti-corruption, anti-gift/benefit accepting and giving through information technology and communications
  • Filing and Reports on disclosure of the company’s conflicts of interest
GPSC’s Corporate Governance & Code of Conduct

All the company’s employees must uphold and comply with the GPSC’s Corporate Governance & Code of Conduct under the supervision of the good governance committee to ensure sustainability of the company’s good governance in comparison to international practices. The company has instilled ethics in its working culture, with integrity as one of the core corporate values, through various activities and various channels. After signing an acknowledgement of GPSC’s Corporate Governance & Code of Conduct Manual, all the company’s board members, executives and employees, have strictly upheld these as guidelines. In 2018, a brief version of GPSC’s Corporate Governance & Code of Conduct Manual was published covering 15 aspects of the practices for running the business with fairness, accountability and transparency based on international corporate governance. A report on disclosure of the company’s conflicts of interest was also published, where the company’s employees are required to report conflicts of interest at least once a year and whenever any changes, as specified in the Code of Conduct, on shareholder engagement and conflicts of interest, arise.

Anti-Corruption Policy

The company is committed to conducting business and management with honesty, transparency, fairness and responsibility towards society and all stakeholders. In accordance with good corporate governance principles and business ethics, the company does not accept any form of corruption, both direct and indirect. By declaring the intention clearly the company has signed an intention to join the Thai Private Sector Collective Action against Corruption (CAC) project since 2018. Policy) and Anti-Corruption Policy Guidelines about receiving - giving gifts Feasting or any other benefit or No Gift Policy to require company personnel to strictly abide by.

Complaint handling and protection process

This is to allow for the operations of the company, its subsidiaries and associated companies to perform efficiently in accordance with laws, regulations, good corporate governance policies and codes of conduct in the company operations with transparency, fairness and accountability. The company therefore has issued a complaint handling and protection policy, (Whistleblowing and Complaints Handling Policy) along with announcing the process for receiving complaints and providing protection for whistleblowers and related persons, with a mechanism for monitoring and auditing, in order to prevent risks and damages that may occur to all stakeholders, including to provide protection to those who report any piece of evidence or tip, as well as complaints made in good faith in the year 2020. The company has received complaints through the fraud reporting channel (Whistleblowing) regarding the violation of the business ethics of the company. There was one complaint that had gone through the complaint channel of the company, which met all criteria and was accepted and subsequently registered. The investigation and disciplinary proceedings have since been completed with the relevant parties, with the aforementioned complaint having been classified as fraudulent, where ultimately no legitimate complaints about the competitive behavior or any other kind of commercial monopoly of the company having been found (Anti-competitive behavior, antitrust and monopoly practices).

Promotion and education of business ethics and tackling of anti-corruption and fraud

The company promotes, supports, provides knowledge and organizes activities, in order for all employees to acknowledge and understand the principles of business ethics and the fight against anti-corruption and fraud in a concrete way, which can be applied in business operations in 2020. Therefore, various activities have been organized in 2020, including:

Revised and announced the use of the Good Corporate Governance and Business Ethics Manual on January 1st, 2020, as well as signed in acknowledgement of this, including 100% testing through all channels.

Orientation activities for new employees to communicate knowledge and understanding of good corporate governance principles, business ethics, fraud and anti-corruption.

QSHE & KM Day 2020 activity to communicate knowledge and understanding of business ethics, especially in the area of conflicts of interest on November 12th, 2020.

PTT Group CG Day 2020 activity under the concept of “Step to the Future, the new world in CG style”. The PTT Group is determined to drive the organization according to CG principles to suit every situation, even in the face of crises, such as the COVID-19 incident, in order to operate smoothly and efficiently on December 23rd, 2020.

Knowledge transfer, legal management, Personal Data Protection Act, Anti-Corruption and conflicts of interest at the 2020 business partner seminar (GPSC Annual Supplier Seminar 2020) on December 16th, 2020.