Risk Management


Muangthai Capital has focused on risk management which is considered as one of the principle culture of the organization. In order to ensure that the operations of the company are in accordance with the principles of good corporate governance, creating a sustainable business, creating creditability and building confidence to investors. The company, therefore, has established a Risk Management Committee to formulate risk management policy, follow up the implementation of the risk management plan, assess the adequacy of risk management plan and report significant risks to the board of directors.

Muangthai Capital has a determination to deliver the value of being a responsible microfinance in which having significant impact to Thailand’s economic and social. We are happy for a contribution in developing the industry’s market conduct to be transparent and fair and, as well, being a part of a solution for financial inclusion problem in Thailand. Moreover, the company also advocates to strengthening the communities, especially those surrounding our branches (across country) and direct stakeholders such as customers and employees. However, the company does not neglect the environmental impact caused by operations, including the energy, water and paper consumption.

ERM Framework and Risk Management Strategy

The Company adheres to the Risk Management Framework, which is based on international standards of the principles of risk management in regard to The Committee of Sponsoring Organizations of the Treadway Commission - Enterprise risk management (COSOERM). The practice covers all 8 components per following.

  1. Internal Environment

    To cultivate a good control environment, following actions have been conducted;

    • The Risk Management and Legal Department has been established and assigned to ensure that the risks are under controlled and within the tolerant level.
    • The Company’s Code of Conducts, Business Ethics, other corporate policies and operational procedures are announced to related stakeholders to ensure that our stakeholders acknowledge and comply with the policies we are having.
  2. Objective Setting
    • The clear business goals are set as a guidance in conducting business, together with Risk Management strategies to reduce or migrate the opportunity to fail.
    • The objective setting involves ensuring that the Board of Director, managements and employees are sharing the same understanding regarding what Company is expecting to achieve in long-run, its strategic objectives as well as the related short-run objective and operational objective that would enable achieving the strategic objectives. The tolerate as well as the acceptance rate have to be clarified, cleared and internally communicated.
  3. Event Identification
    • The Risk Management and Legal Department is responsible to fully aware and enable to identify risks in business processes. There are several tool used in this process, such as brainstorming during the periodically internal meetings between departments, SWOT analysis, assumptions analysis, workshops, comparison to the industry as well as stakeholder engagements.
    • The risks, will be determined whether they are company’s threat, opportunity or uncertainty. The impact or exposure shall be estimated for further assessment process.
  4. Risk assessment
    • The risks are to be prioritized based on its probability and exposure or impact. The risks that are rated as “high risk” and “very high risk” will be closely monitored by the Risk Management and Legal Department, Managements, and Risk Management Committee.
    • The significant findings are recorded for internal and external communication. The adequate and proper record of findings are helpful for managements and the Board of Directors to make decision and to provide guidance on how to limit, mitigate or eliminate such risks.
    • The Risk Assessment are to be reviewed periodically to reflect new risks and mitigation procedures.
  5. Risk Response

    Within the tolerant demined, the risk response exercises are as follows;

    • Avoid the risk: To completely eliminate the event that carries such inherent risk
    • Reduce the risk: implement controls in such a manner that the residual risk remains with in the tolerance defined
    • Share the risk: The risk and rewards are shared by more than one stake holder of which the concerned organization is a party to it through some operations
    • Accept the risk: The management decides to accept the loss on account the risk having an impact on its objectives
  6. Control Activities

    In order to avoid or reduce the risks, the Company’s control activities are preventive and detective;

    • Preventive activities

      The preventive activities are to deter the occurrence of an undesirable event before it occurs and implement internal controls to avoid them.

    • Detective activities

      The detective activities are to identify undesirable events that do occur and alert management about what has happened. This enables management to take corrective action promptly.

  7. Risk Communication and Cultivation

    The information technology system is considered one of the most significant and powerful tool to ensure that the risk communication internally and externally can be performed completely, correctly timely and adequate for the Board of Directors and Managements to make decisions and for the employees to aware and act accordingly.

  8. Risk Monitoring

    The meetings between Risk Management Committee and the Risk Management and Legal Department are held regularly, at least on a quarterly-basis, to ensure that the risk management and risk controlling system is adequate, appropriate and operated effectively.

Risk Management Structure and Responsibilities

Risk Management and Legal Department’s roles and responsibilities are per below;

  1. Establish risk management structure and responsible persons
  2. Consider and implement risk management policies, strategies, framework and plan for risk migrations.
  3. Review the risk factors (periodically and occasionally) and monitor the company risk profile.
Risk Management Process

The three main risk management aspects of the company are strategic risk management, operational risk management and risk management related to sustainable development (mega force risk). The risk management process are;

  1. Risk/Opportunity identification
  2. Risk Assessment
  3. Risk Response and Risk Tolerant Defining
  4. Quarterly Risk Reporting (to Managing Director, Risk Management Committee, Audit Committee and the Board of Directors, respectively)
Corporate Risk Culture

Although the values of the company are to be aggressive in business growth strategy, however, we are highly conservative in risk management. Such values are cultivated to employees at all levels that it becomes our corporate culture, via the 360 degree internal communication channels, to share the experience of risk management throughout the organization as well as to raise awareness about risks, and training and development programs for directors and executives.

Key Risks, Opportunities and Management Strategies