ttb 56-1 One Report 2021 (EN)

9. Management and Corporate Governance 9.1 Internal Control Opinion of the Board of directors on Internal Control and Risk Management Effective Internal control is an important cornerstone of the bank’s operating model and strategic direction, both at management and operational levels. The Board of Directors (through the Audit Committee, Risk Oversight Committee, and Nomination, Remuneration and Corporate Governance Committee), Credit Committee, and IT Oversight Committee have been tasked with oversight of internal controls, risk management policies & processes and good corporate governance. Internal Audit carries out reviews over the Bank’s overall operations, related and connected transactions and reports findings to the Audit Committee and the Audit Committee reports to the Board of Directors accordingly. The result of audit report is also a tool for Management to develop process and improve internal controls as deemed appropriate. The Board of Directors meeting no. 1/2022 held on 26 January 2022, attended by members represented in the Audit Committee, has reviewed the report on the Bank’s internal control assessment proposed by Chief Audit Officer. Internal auditors conducted the assessment based on the Internal Control Core Components; (1) Control Environment (2) Risk Assessment (3) Control Activities (4) Information and Communication (5) Monitoring Activities. Board of Directors has acknowledged the status of the Bank’s internal control and risk management based on which are generally at appropriate level. There is continuous monitoring and improvement which is in line with the changing world that is more volatile, uncertain, complex and ambiguous, especially during the pandemic outbreak of the Coronavirus 2019 (COVID-19) resulting in changes in way of life, business model, economic system as well as the financial services. The banking business is relying more heavily on the digital technology leading to enhanced convenience and efficiency at work. Given this paradigm shift, Board of Directors continues to work closely with the management to ensure up-to-date and effective internal control and risk management framework to address emerging cybersecurity risks, such as disruption of basic infrastructure, service delivery, security breaches, or identity theft. In addition, the Board of Directors has monitored development of internal control improvement by management appropriately; which Audit Committee has recommended management and monitored actions in addressing identified deficiencies from the audit with reporting progress to the Audit committee and the Board of Directors on a regular basis. Statement of the Audit Committee Disclosed on the Bank’s website regarding Board Committees’ reports. 226 TMBThanachart Bank Public Company Limited

RkJQdWJsaXNoZXIy ODEyMzQ3