Subcommittee Report

Risk Management Committee comprises independent director and directors of the Company who have expertise as well as comprehension in business operation and risk management. Currently, there are 3 risk management directors, namely:

1. Dr. Satian Pooprasert Independent director / Chairman of the Risk Management Committee Attended 2/4 times
2. Mr. Pawatt Ongvasith Director / Risk Management Director Attended 4/4 times
3. Ms. Chonticha Chitraporn Independent Director / Risk Management Director Attended 4/4 times

The scope of operation of Risk Management Committee was determined in accordance with Charter of Risk Management Committee. In 2024, Essence of their performance could be summarized as follows.

1. Supervising and monitoring at 2 levels of risk management as follows
   • Strategic risk management
   • Operational risk management
   Determination to appoint risk management working group at strategic and operational levels to enable thorough operation in accordance with international standards by clear steps of operation mechanism and consistent with to be the same direction refer to the company policies and the Enterprise Risk Management.
2. Key Risk Monitoring in accordance with the current situations that affected to the company by the scope thereof covers:
   
   
   • Strategic Risk
     In 2024, the company continues to emphasize supporting the Thai film industry to meet the needs of diverse customer groups, which serves as a risk reduction approach, since in 2024 foreign films did not generate revenue according to targets. Beyond what has been mentioned, the company still places great importance on finding business partners for joint investments. Additionally, when producing Thai films, there must be co-investors or sponsors for production, and the films must be sellable through other channels before Thai film production begins.
     The company also focuses on expanding business revenue by setting a goal to increase the proportion of revenue from the Concession business to as high as 50% of revenue from Box Office, to strengthen financial stability. This involves focusing on strategies to develop products and services that better address consumer behaviors.
     The company recognizes the importance of Environmental, Social, and Governance (ESG) and focuses on conducting business responsibly. It has conducted risk assessments and established preventive and corrective approaches at the strategic level to reduce ESG risks and build trust with investors.
     
     
   • Operational Risk
     The company continues to focus on risk awareness of executives and employees by proposing the policies, guidelines or measures to manage operational risks as a level that can be systematically controlled and audited, also attend to the safety and availability of facilities, training employees to can cope with the emergency situations for efficiently operate in terms of business and safety for employees, customers and stakeholders.
     
     
   • Financial Risk
     The company has taken strict measures, especially reserved fund management, investment, reorganization, including resource utilization planning to be proper for the company’s liquidity and the expense control in all dimensions on continuous basis.
     
     
   • Compliance Risk
     Since the Personal Data Protection Act B.E. 2562 (PDPA) has been officially enforced. The company has communicated to employees and related parties for strict implementation to maintain personal data rights of customers and employees, emphasis on the code of conduct, in addition to operate business license to be completely comply with the laws, policies and orders of government agencies. Policies that public companies give importance to such as business ethics, conflicts of interest policy, anti-corruption policy, giving and receiving gifts, support, holding meal policy, charitable donations policy, supporting political activity policy, personal data protection policy, etc. that affect company board of director, customers, business partners, investors, and employees. All policies shall be adhered to by employees to promote overall organizational order.
     
     
   • IT Risk
     In light of the Digital Disruption era, wherein Cyber risk emerges as a significant concern, the Company has formulated and announced a comprehensive policy addressing Cyber Risk and VPN access. Concurrently, it has undertaken a thorough review and enhancement of IT-related work procedures. Furthermore, a dedicated working group has been established to ensure adherence to Safety and Compliance standards, thereby mitigating potential risks. Moreover, the Company has diligently implemented a Cyber risk prevention plan in alignment with established protocols. Additionally, a robust Cyber Resilience Assessment Framework action plan has been prepared to further fortify the Company's resilience against potential cyber threats.
     
     
   • Corruption Risk
     All forms of corruption harm to the development which also affect to the sustainable growth. The company has announced the intention and has been certified as Private Sector Collective Action against Corruption (CAC), as well as focus on employee training to realize the importance of being a transparent organization without all forms of corruption that leading to development for sustainable growth. Moreover, risk mitigation measure was implemented, in both forms of preventive action and corrective action, with proper coverage to enable various measures to be enhanced efficiently on continuous basis.
3. Consider risk assessment on both sides, i.e. likelihood and impact of each risk to identify the risk level, with proper principles and adequate supporting information for risk assessment, which would reflect facts of key risks emphasized and monitored by the company, to ensure proper and most efficient management.
4. Consider risk management operation in accordance with international mechanism and standard, starting from current risk monitoring and identification of new risks, risk assessment, determination of risk management measure and monitoring for risk reporting, by compiling risk information in the form of risk registration including preparation of risk management handbook at operational level requiring determination of work plan and clear operational steps which could be readily implemented.

In view of the foregoing operations of the Company on risk management, the Company was confident that it could fully achieve all established targets of business operation to maintain and create optimal benefits to all shareholders and stakeholders of all groups.