ttb 56-1 One Report 2021 (EN)

• Audit Policy To determine the roles of Internal Audit (AUD) and the Audit Committee’s oversight role in conjunction with the roles of the Bank management and external auditor on auditing, controlling and monitoring the Group Companies. The ultimate objective is to ensure sound control culture and good governance throughout the Financial Business Group. 8.1.4 Compliance with the Policies 8.1.4.1 Confidential and Inside Information Policy Protection against abuse of inside information The Bank has written policy and guidelines for keeping and preventing abuse of inside information, and information that the Bank not yet disclose to public which significant to change of price or value of share. The Bank has regulation on the use of inside information and also ensure strict compliance to prevent any director, executive or employee in the position or status having opportunity to access to the Bank’s inside information or related persons which defined by government agencies from exploiting such information for his/her own benefits or for others’ benefits such as trading share before insider information are disclosed to public, using details or confidential information of the Bank/customers to operate business competing with the Bank’s/customers’ businesses or exploit any benefit from his/her authority and responsibility. Directors and executives are required to sign for acknowledgement and compliance with the practice on online reporting the change in the directors and executives securities holding to the Office of Securities and Exchange Commission within 3 days from the date of securities holding change in response to Section 59, Securities and Exchange Act, B.E. 2535 (as amended), In addition, they are responsible for reporting such change to the Company Secretary to record the matter and summarize the shareholding portion of the directors and executives and their spouses and children before submission to the Board of Directors for acknowledgement monthly. The Bank also informs them of the penalties given the failure to comply with such requirement. Compliance is responsible for supporting Management with the implementation, enforcement and updating of the aforementioned policy and procedure and also provides for appropriate monitoring mechanism to ensure compliance with the policy, operations procedure as well as relevant laws and regulations. 8.1.4.2 Control on use of inside information In addition, the Bank established Policy on Confidential & Insider Information and Conflict of Interest, and code of conduct for both executives and employee. This is to operate the bank business according to the banking industry code of conduct and transparency as well as equal treatment of all stakeholder. 223 Form 56-1 One Report 2021

RkJQdWJsaXNoZXIy ODEyMzQ3