Risk and Crisis Management

Supporting the SDGs Goals

Thai Credit Bank recognizes the importance of risk management and is committed to implementing a systematic and consistent risk management process. The objective is to promote good corporate governance, strengthen confidence among all stakeholder groups, and embed risk management as part of the Bank’s organizational culture. The Bank has established a Risk Oversight Committee to supervise risk management activities under a sound Risk Governance Framework, aligned with the Bank’s strategic direction and objectives. The framework references the internationally recognized COSO ERM standards, providing guidance for management and employees to apply consistently. The Bank also requires the identification of risk factors, risk assessment, monitoring, and regular and accurate communication to reduce the likelihood and impact of risks that may affect the Bank’s future operations.

Stakeholders Directly Impacted

The Bank's Board of Directors

and Risk Management Committee

Senior Management

responsible for defining risk limits and supervising implementation.

Risk Management Function

Risk Owners

and Employee at all levels

Our Goals

The Bank operates under a sound Risk Governance Framework, aiming to enable all units to manage risks continuously, transparently, and accountably.

Established the

Risk Oversight Committee

to oversee and monitor risk management.

Defined the

Risk Appetite

and warning levels (Yellow/Red Zone) to prevent systemic damage.

Utilized Dashboards and

Key Risk Indicators (KRIs)

for real-time monitoring and assessment.

Review and verify risk management policies at least

once a year

to align with current situations and the Bank’s business plan.

Challenge and Opportunity

The Bank has assessed and analyzed business risks that may arise over the next 3-5 years, impacting its business conduct, operations, and financial position, as well as Environmental, Social, and Governance (ESG) issues, as follows:

Potential Risks	Potential Impact on the Bank	Mitigation Measures
1. Below Potential Growth & Interest Rate Volatility Risk	This structural risk reflects a scenario where the economy may not enter a severe recession but could experience prolonged low growth. Such conditions may gradually increase asset quality vulnerability for both retail and SME customers.	The Bank closely manages its loan portfolio by monitoring early warning indicators, conducting scenario assessments under prolonged low-growth conditions, and adjusting lending products to align with customers’ long-term cash flow and repayment capacity.
2. Rising Household Debt Risk	Despite ongoing responsible lending initiatives by the Bank of Thailand and various assistance programs, high household debt levels continue to affect the long-term repayment capacity of low- to middle-income borrowers. Some borrowers may not be able to return to normal repayment status sustainably, even after multiple restructuring measures, potentially slowing asset quality recovery and creating structural vulnerabilities.	The Bank prioritizes long-term asset quality management by segmenting borrowers based on recovery potential, developing tailored support measures, and applying behavioral data to enhance credit assessments in support of responsible lending.
3. U.S. Trade Policy Risk	Borrowers may face income volatility, higher input costs, delivery delays, and uncertainty in overseas orders. These factors may affect liquidity, debt repayment capacity, and credit quality, particularly among SMEs reliant on exports or integrated into global supply chains. Retail customers may also be indirectly affected through slower economic growth, employment uncertainty, and higher living costs.	The Bank enhances proactive risk management by closely monitoring geopolitical developments and global trade trends, identifying industries sensitive to external factors, and developing financial solutions that support SME liquidity management. A data-driven approach is applied to improve risk forecasting and adapt to changing circumstances.
4. ESG Transition Risk	The Bank must adapt to evolving regulatory requirements, including domestic regulations and international measures such as carbon pricing mechanisms and global ESG standards. These developments may increase costs for customers, particularly exporters affected by policies such as the EU Carbon Border Adjustment Mechanism (CBAM). In addition, stricter domestic regulations could affect competitiveness if adaptation is delayed. Operational adjustments may also increase internal resource and system costs.	The Bank has established internal teams to monitor regulatory developments domestically and internationally, conduct forward-looking impact assessments, assign responsible units for regulatory compliance, and invest in flexible IT systems to adapt operational processes and reduce compliance risks.
5. Virtual Bank Competition Risk	The entry of new virtual banks licensed by regulators may reshape competition in the banking industry, intensifying competition in pricing, service quality, and innovation. If the Bank adapts slowly, it may lose market share to new entrants with lower operating costs and stronger digital capabilities. Customers may increasingly expect faster services, greater flexibility, and lower fees, which could affect interest and fee income.	The Bank closely monitors developments in the virtual banking landscape and continues to enhance its digital channels. Digital products and services, including e-KYC and mobile applications, are continuously improved to provide faster and more convenient services. The Bank also reviews fee structures and interest rates while reinforcing its strengths in reliability and security to maintain customer confidence.
6. Cybersecurity Risk	As the Bank advances its digital capabilities, cyber threats such as hacking, ransomware attacks, data breaches, and online fraud may increase. Potential impacts include damage to IT systems and databases, financial losses from system recovery, and reputational damage due to reduced customer trust. Data protection regulations such as PDPA also increase compliance obligations and potential penalties in the event of data breaches.	The Bank invests in advanced cybersecurity systems and upgrades IT infrastructure to enhance resilience. Regular employee training programs are conducted to strengthen cybersecurity awareness and foster a security-conscious organizational culture. The Bank also prepares incident response plans, conducts simulation exercises such as phishing tests, and maintains cyber insurance to mitigate potential risks.

Management Approach and Value Creation

The bank’s risk management covers all dimensions through 4 core process steps.

The bank places strong emphasis on management in accordance with the principles of good corporate governance and anti-corruption. The principles of the CG Code have been adopted and applied across all of the bank’s operational processes. In addition, a Corporate Governance and Sustainability Committee has been established to continuously oversee ESG-related matters.

Click to Enlarge

Business Continuity Management

The Bank has established a Business Continuity Plan (BCP) to ensure business operations can continue during emergencies or crises such as natural disasters, technological disruptions, or pandemics by:

Regularly testing and reviewing the BCP.
Developing contingency procedures for abnormal situations.
Focusing on rapid, accurate, and continuous internal and external communications.
Developing the organizational structure to be crisis-ready and capable of rapid operational recovery.

Fostering a Risk-Aware Organizational Culture

The Bank aims to cultivate a working culture where “risk is an integral part of decision-making” (Risk Awareness Culture) by:

Promoting executives at all levels to serve as role models in risk management.
Encouraging employees to understand the Risk Appetite Statement (RAS).
Utilizing internal communication channels, such as “HR Speak Up,” to build understanding and engagement at all levels.