Skip to main content

The Audit Committee independently assesses and evaluates the effectiveness of the Company’s internal control systems to ensure that they are in compliance with good corporate governance principles. The Audit Committee performed an assessment of the effectiveness of the system of internal controls including a review of all internal audit findings and recommendations. Based on the Audit Committee’s assessment, the Board concluded that the Company’s internal control systems are suitable and adequate, and are functioning consistent with the good corporate governance aspects described below.

Organization and control environment

The Company believes the existing organizational structure is appropriate and effective in operating the Company’s businesses. It is the Company’s policy that directors, officers, and employees are expected to observe the highest code of ethics and avoid any actual or apparent conflict between their own personal interests and the interests of the Company. They are also expected to deal fairly with each other and with the Company’s suppliers, customers, competitors, and other third parties.

Risk management

The Company applies rigorous risk assessment and management practices in all aspects of its business. The Company has processes in place to analyze and assess the significance of potential risk and determine mitigation measures to reduce those risks to the extent feasible. Risk management plans are embedded as an integral part of business processes, developed with consideration for both internal and external risk factors, and designed to include follow-up processes to ensure effective implementation and continuous improvement.

Management control

The Company adopted a Delegation of Authority Guide which summarizes the responsibilities and authorities that form the overall framework for ensuring that business arrangements and transactions are reviewed and approved at an appropriate level. By delegating authority, management ensures that decisions will be made by individuals with the required skills and knowledge. A basic premise is that the delegated authority bears with it the obligation to exercise good business judgment and due diligence as well as effective segregation of duties.

Information and communication

Meeting agendas and supporting information are provided to Board members in a timely fashion to ensure that material information is available to those responsible for making relevant decisions. Minutes of the Board meetings, including relevant comments by Board members, are properly documented for subsequent review. All financial and supporting documents are retained in accordance with the Company’s Information Management System (IMS).

Monitoring and evaluation

Controls training is provided to all employees consistent with job requirements. Internal audit staff independently assesses compliance with policies and procedures and evaluates the effectiveness of all control systems relating to the business. Material control weaknesses, irregularities, and business practice issues are promptly addressed and reported to management and subsequently reviewed by the Board Audit Committee. Corrective actions, in accordance with internal audit findings and recommendations, are monitored by the management of each business unit until the issues are appropriately resolved. The Audit Committee periodically reviews and assesses the effectiveness of the management follow up process.

Internal control system

The Company recognizes the importance of an effective internal control system. In this regard, extensive internal controls and procedures, including those set out in the Company’s System of Management Control (SMC) – Basic Standards and Controls Integrity Management System (CIMS), are fully established at all levels in the organization.

The internal control system, including compliance with policies and procedures, is formally assessed by independent internal audit staff and external auditors during each audit cycle. This includes a review of the effectiveness of all financial, operational, and related controls.

System of management control (SMC)

The System of Management Control (SMC) sets forth basic control principles, concepts, and standards. The Company implemented this system of management control to ensure the effective, efficient, and proper utilization of the Company’s resources. The basic purpose of the controls framework is to make sure business activities are conducted properly and in accordance with management’s general and specific directives.

The SMC is based on 7 basic principles: Decentralization of Management, Segregation of Duties and Responsibilities, Documentation, Supervision and Review, Timeliness, Relevance to Risk, and Minimum Interdependence of Controls. Management at all levels and in all businesses is required to establish systems and procedures that meet or exceed these control principles.

Controls integrity management system (CIMS)

The Controls Integrity Management System (CIMS) is a formal system of internal methods and analytical tools to assess and mitigate operational, financial, and administrative control risks. It also facilitates the timely reporting to management of control weaknesses and business practice issues. CIMS is based on the principles and standards of SMC and provides key attributes of an effective control system that helps to ensure the Company’s policies and in-line controls are implemented and effectively sustained over time.

CIMS is comprised of seven elements: “Management, Leadership, Commitment & Accountability”, “Risk Assessment”, “Business Process Management & Improvement”, “Personnel & Training”, “Management of Change”, “Reporting & Resolution of Control Weakness”, and “Controls Integrity Assessment”. Each element has five components: Objectives, Standards, Procedures, Expected Results, and Verification & Feedback Mechanism.

Auditing and compliance

Business practices review (BPR)

The Company has long recognized the importance and value of sound corporate governance, a straight-forward business model, and high ethical business standards. We believe the methods we use to obtain business results are as important as the results themselves. All employees are expected to be familiar with the Company’s policies and standards of business conduct and apply them to their daily work. They are required to confirm their knowledge and compliance with the policies and standards on an annual basis. In addition, formal business practice reviews (BPR) are attended by all employees every four years. The BPR objectives are:

  • Promote the Company’s reputation for honesty and straightforward approach to business integrity;
  • Promote clear understanding of and compliance with the Standards of Business Conduct;
  • Demonstrate applicability of the Standards to all aspects of day-to-day business activities and practices at every level in the organization;
  • Convey consequences for non-compliance with the Standards;
  • Identify, evaluate, report, and where necessary, correct practices that may not be consistent with policies; and
  • Report compliance concerns and ensure employee awareness of channels available for reporting concerns.

Internal audit

The internal audit staff independently assesses compliance with policies and procedures, and evaluates the effectiveness of all control systems related to the business. Management of each business segment is obligated to consider all internal audit findings and recommendations, and take appropriate corrective actions. Generally, each segment of the business is subject to an internal audit every three years.

In addition, business segments appoint controls advisors to provide guidance on controls and facilitate self-assessments for their units at the mid-point of the audit cycle based on CIMS and audit standards.

The plan and results of internal audits are reviewed by the Audit Committee.

Independent external audit

Independent external auditors audit the Company’s financial statements in accordance with generally accepted auditing standards in Thailand to ensure that the financial statements are free of material misstatement and in conformity with generally accepted accounting principles.

Auditor's remuneration

The audit fees paid to the office of the external auditor, PricewaterhouseCoopers ABAS Limited, for the 2017 accounting period were Baht 4,500,000. There were no other fees paid to the Company’s auditor.