Supporting the Sustainable Development Goals

The company recognizes that risk management is vital as we face diverse challenges including commercial, asset, legal, environmental, health and safety, business interruption, and climate change risks. We apply an integrated approach to data collection and analysis to identify and prioritize material issues by utilizing insights from stakeholders across the value chain, advertising industry trends, and sustainability developments. Risk prioritization remains a critical step in driving Plan B’s sustainable business growth.

SDGs 8 SDGs 12 SDGs 13 SDGs 16

Goals and Performance Highlights

Sustainability Targets 2025 Performance
Long term (2026-2030) Short term (2026)
Fully integrate material sustainability topics including Climate Change and Cybersecurity into the risk management process based on the COSO ERM 2017 framework 100% of employees and executives completed training and passed assessments regarding Enterprise Risk Management and ESG risks Deliver risk management training to foster a robust risk culture at all levels from executives and managers to supervisors and operational staff
Zero major business interruption incidents occurred from key risks identified and assessed by the Company Identify and assess at least 1 to 2 emerging risks while establishing proactive mitigation plans
Goals and Performance Highlights
Our commitment to sustainable impact is demonstrated through ESG goals and performance.

Commitment, Challenge and Opportunity

Commitment
  • Strive to establish a comprehensive, transparent risk management system aligned with international standards

  • Promote a risk-aware culture that encourages participation and accountability from employees at all levels

  • Continuously enhance processes for monitoring, assessing, and managing risks to support organizational sustainability and stakeholder interests

Challenges
  • Integrating risk management with business strategy to ensure alignment and value creation, rather than merely focusing on damage prevention

Opportunities
  • Foster innovation and adaptability by leveraging data and proactive risk analytics to identify new pathways for growth

  • Enhance confidence among investors, customers, and business partners through a transparent and effective risk management system

Risk Management Framework and Structure

The Company has adopted the enterprise risk management framework of the Committee of Sponsoring Organizations of the Treadway Commission (COSO). This framework is implemented enterprise wide through the Risk Management Policy involving employees at all levels. Sustainability risk factors including Climate Change, Cybersecurity, and Emerging Risks are systematically integrated into the core risk assessment process.

The Risk Management Committee (RMC) establishes the enterprise risk management policy and framework and is responsible for overseeing risks accordingly. Simultaneously, the risk management management team supports related operations including data collection, training, and the promotion of a risk management culture throughout the organization to build sustainable risk awareness.

The Company defines a risk management policy covering all business activities and both internal and external factors that may directly or indirectly impact operations. Effective risk management plans are integrated into strategic planning, operations, and investment decisions for new businesses to ensure risks remain within acceptable levels. Consequently, the Board of Directors appointed the Risk Management Committee with the following duties and responsibilities:

  • Define and review the enterprise risk management policy and framework covering significant risks such as financial, investment, operational, fraud, and corruption risks including Environmental, Social, and Governance (ESG) dimensions. This includes establishing monitoring guidelines for Emerging Risks that may impact the organization over the next 3 to 5 years. The committee evaluates, monitors, and reviews the adequacy and effectiveness of the risk management system and policy compliance for Board approval.
  • Oversee and support enterprise risk management operations to ensure alignment with business strategies, goals, and changing circumstances.
  • Supervise compliance with the risk management policy and framework to maintain an efficient and continuous system across the organization. The RMC may appoint individuals or working groups to perform assigned tasks and report back on policy adherence.
  • Review risk reports from relevant working groups to monitor key enterprise risks and provide recommendations on control measures or risk management plans to ensure adequacy and appropriateness.
  • Support operations to achieve enterprise risk management objectives.
  • Report significant risks and management plans to the Board of Directors. This includes reporting risk assessment results, operational oversight, and control measure compliance periodically. In the event of significant factors or incidents that could materially impact the group’s financial position and performance, the RMC must report to the Board immediately to consider urgent control measures.
  • Coordinate with the Audit Committee regarding significant risk data and internal controls. This allows the Audit Committee to consider such information for internal audit plan approval, providing reasonable assurance that the Company possesses appropriate internal control and risk management systems implemented throughout the organization.
  • Promote an organizational risk management culture.
  • Meet at least once per year.
  • Perform other duties as assigned by the Board of Directors.

In 2025, the Risk Management Committee worked closely with management to assess and control risks within acceptable levels, holding a total of 4 meetings.

Risk Management Organizational Structure

As of December 31, 2025, the Risk Management Committee consists of four directors and senior executives:

  1. Mr. Mana Jantanayingyong

    Independent Director and Chairman of the Risk Management Committee

  2. Mrs. Monluedee Sookpantarat

    Independent Director and Member of the Risk Management Committee

  3. Pinijsorn Luechaikajohnpan, Ph. D

    Director, Member of the Risk Management Committee, and Managing Director

  4. Mr. Arnon Porndhiti

    Member of the Risk Management Committee and Member of the Corporate Governance and Sustainability Committee

Operational Risk Verification and Monitoring Process

The Company designates the Investor Relations and Corporate Sustainability Department as the operational verifier. Following meetings with risk management representatives to screen and evaluate specific risk topics, those identified as high or very high risk are escalated to the Risk Management Committee and the Board of Directors to discuss and determine collective mitigation strategies. Additionally, the Investor Relations and Corporate Sustainability Department monitors risk status and the management processes of each department on a quarterly basis, providing regular updates to the Risk Management Committee and the Board of Directors.

Risk Management Implementation and Reporting Guidelines

The Company has established systematic risk response and reporting guidelines to ensure that risks across all dimensions, including business risks, sustainability risks (ESG risks), and emerging risks, are appropriately managed and reported to the relevant decision-makers as follows:

Risk Monitoring and Review

Risk Monitoring and Review

Emerging Risks

Plan B is committed to comprehensive risk management that extends beyond currently significant risks to place a high priority on preparing for Emerging Risks. The Company has defined a long term risk assessment timeframe of 3 to 5 years, recognizing that such risks may present both impacts and business opportunities in the future. Consequently, the Company implements continuous processes for monitoring, analysis, and the development of management plans to build organizational resilience and drive sustainable growth within a rapidly changing business environment.

Emerging Risk Factors, Business Impact, and Mitigation

Business Impact

The violation of Corporate Governance principles and the occurrence of corruption grievances do not only result in legal consequences and financial penalties but also erode the confidence of investors, business partners, and stakeholders. Such incidents may lead to the loss of concession agreements and business opportunities while causing severe damage to the corporate reputation.

Prevention and Management Guidelines

The Company focuses on sustainable business operations by prioritizing Good Corporate Governance and robust internal control processes, which are supported by the following preventive measures:

  • Policy and Guideline Establishment The Company has established an Anti Corruption Policy encompassing comprehensive definitions and transparent guidelines. This policy is thoroughly communicated to both internal and external personnel to ensure widespread awareness.
  • Risk Assessment and Internal Control The Company conducts audits and assesses corruption risks across all operational activities. Control measures and monitoring processes are implemented to address potential loopholes, ensuring transparency and accountability. Furthermore, the Company performs integrity due diligence on business partners and agents prior to entering into transactions.
  • Whistleblowing Channels The Company provides dedicated channels for stakeholders to report leads, suggestions, or grievances regarding corruption directly to the Audit Committee. This ensures independent investigations and guarantees the protection of whistleblowers.
  • Fostering Corporate Culture Currently, the Company is a certified member of the Thai Private Sector Collective Action Against Corruption (CAC). To further enhance management, a key objective was set for 2025 whereby 100 percent of employees must undergo training and pass the Code of Conduct assessment. This initiative is designed to instill strong ethical awareness and integrity throughout the entire organization.

2025 Code of Conduct Knowledge and Understanding Training

2025 Code of Conduct Knowledge and Understanding Training

Business Impact

The Company focuses on enhancing operational efficiency through the integration of digital technologies, which has resulted in an increased reliance on technological infrastructure and internet connectivity. As cyber threats can emerge at any time, they are considered a significant risk. Should computer systems or networks be subject to a cyberattack or security breach, it could lead to system downtime for digital advertising screens nationwide and disrupt other business operations. Such incidents would not only result in revenue loss due to the inability to display advertisements as contracted but also cause significant reputational damage and severely undermine the confidence of customers and investors alike.

Prevention and Management Guidelines

To ensure readiness and strengthen computer system cybersecurity in accordance with international standards and the Thailand Cybersecurity Act, during 2025, the Company implemented systematic proactive and reactive risk management measures as follows:

  • Governance and Policy Establishing clear cybersecurity policies for the corporate group and forming a dedicated working group responsible for both short term and long term developments. These initiatives are based on international security frameworks such as ISO 27001 or the NIST Cybersecurity Framework.
  • Awareness Building Providing training sessions for employees regarding various types of potential threats and guidelines for self prevention and incident response to ensure that damage and impacts are minimized.
  • Testing and Recovery Planning Executing system testing and Disaster Recovery Plan (DRP) drills to maintain readiness and ensure effective recovery in the event of a threat.

Business Impact

Driven by government policy pressure, investor requirements, and global societal expectations, the transition toward a low carbon society is accelerating significantly. This shift involves the setting of Net Zero greenhouse gas emission targets and the upcoming implementation of carbon pricing mechanisms such as Carbon Tax and CBAM, which will impact business models over the next 3 to 5 years. For the out of home advertising industry, the Company may face direct pressure from brand clients seeking to reduce the carbon footprint of their marketing activities. Furthermore, there is a risk of increased Capital Expenditure (CAPEX) from the accelerated transition of media technologies and infrastructure toward higher energy efficiency. A lack of ESG readiness and sustainable innovation could ultimately lead to a loss of market share and long term competitiveness.

Prevention and Management Guidelines

To maintain competitiveness and transform climate challenges into business opportunities, the Company has proactively prepared for a systematic transition as follows:

  • Target Setting and Carbon Management Conducting corporate carbon footprint assessments to establish a baseline for monitoring and managing energy costs, while defining clear greenhouse gas (GHG) reduction targets to mitigate risks from future carbon tax legislation.
  • Development of Low Carbon Media Solutions Offering environmentally friendly advertising options to clients, such as utilizing upcycled materials for vinyl production and installing high efficiency LED screens to support the Scope 3 emission reduction goals of brand clients throughout their supply chains.
  • Investment in Clean Energy and Carbon Credits Researching and implementing renewable energy solutions for advertising structures in high potential areas, while registering for the Thailand Voluntary Emission Reduction Program (T-VER) to accumulate carbon credits for offsetting corporate emissions and generating added business value.

Business Impact

While Artificial Intelligence (AI) and Big Data analytics play a vital role in enhancing operational efficiency and competitive advantages, in the near future, risks stemming from unethical AI usage or algorithmic bias may directly impact the trust of customers, business partners, and the public. Furthermore, data utilization lacking transparency could lead to privacy violations or non-compliance with increasingly stringent new regulations, such as the EU AI Act and international AI ethical guidelines. Without an appropriate governance framework, the Company may face reputational risks, legal consequences, and a loss of trust in its long term business operations.

Prevention and Management Guidelines

To manage technological risks systematically and sustainably, the Company is committed to developing a robust AI and Data Governance Framework with the following implementation guidelines:

  • Establishing Clear Policies and Guidelines Drafting requirements and ethics for AI usage to ensure alignment with laws, regulatory mandates, and internal policies, thereby driving the organization toward Responsible AI.
  • Ensuring Control and Security Implementing stringent data access control systems and enhancing database security to prevent the misuse of data for unintended purposes.
  • Auditing for Transparency and Bias Mitigation Establishing regular AI auditing processes for algorithms and models to evaluate and mitigate dataset bias. This ensures that outputs used for business decision-making or advertising content delivery remain fair and transparent.
  • Knowledge and Ethics Enhancement Conducting training sessions to upskill and raise awareness among employees regarding the proper and safe application of AI.
  • Ethical Impact Assessment Establishing a process for the consideration and assessment of ethical risks prior to the actual implementation of advanced AI projects to prevent negative impacts on all stakeholder groups.

Business Impact

In an era of rapid information dissemination through social media, a large number of consumers are increasingly prone to confirmation bias, favoring information that aligns with their personal beliefs over objective facts. This makes it challenging to distinguish between factual truth and disinformation or fake news. Such behavioral shifts pose a significant challenge for brands in communicating their corporate values, sustainability initiatives, or ethical standards in a credible manner, particularly when viral social trends can lead to brand cancellation even in cases where information is incomplete.

For an advertising and brand awareness business like Plan B, this evolution represents a critical risk requiring close monitoring. It may affect the ability to maintain content governance in public spaces, impact the trust that clients place in brands utilizing the Company’s media platforms, and increase the likelihood of brands being targeted by online attacks or having their intentions misinterpreted.

Furthermore, this risk influences the direction of future communication strategies, which may need to be restructured to emphasize transparency and sincerity. This includes leveraging influencers or highly credible information sources to safeguard the reputation and trustworthiness of both the clients and the corporate brand.

Prevention and Management Guidelines

To address the challenges of the post-truth era, the Company has established communication strategies and risk management directions as follows:

  • Strategic Communication Adaptation Focused on Transparency Emphasizing communication styles that prioritize transparency and sincerity, while engaging thought leaders, influencers, or highly credible information sources to maintain and enhance the trustworthiness of both advertising media spaces and client brands.
  • Rigorous Advertising Content Screening Establishing standardized content screening guidelines and review processes prior to broadcasting on Plan B’s digital screen network. This measure prevents the platform from being utilized as a medium for disseminating distorted information, causing public misunderstanding, or violating ethical and moral standards.
  • Crisis Management and Reputation Recovery Planning Preparing crisis communication guidelines to clarify factual information and protect the brand image of clients, while professionally safeguarding the credibility and standards of the Company's advertising media spaces.

Business Impact

In a landscape where the advertising and marketing industry is intensively driven by the application of Artificial Intelligence (AI), the Company may face critical challenges from a shortage of personnel with specialized high-tech skills. These individuals are essential to supporting the rapid pace of Digital and AI Transformation.

If the Company is unable to recruit and develop talent in a timely manner, it could lead to a slowdown in the development of new solutions, affecting service quality and eroding long-term competitiveness. Additionally, this poses risks to work quality, the reliability of data measurement, and the overall efficiency of AI-assisted decision-making in advertising. Ultimately, it could result in lost business opportunities by failing to meet the needs of brands and agencies that are rapidly adopting Generative AI within their creative and production processes.

Prevention and Management Guidelines

To manage personnel risks and ensure future readiness, the Company has initiated concrete AI upskilling and application projects as follows:

  • Internal Talent Upskilling and Reskilling Actively implementing AI capability-building programs for existing staff to enhance operational processes through specialized training courses, such as Advanced Data Analytics and Prompt Engineering.
  • Operational Process Efficiency Enhancement Prioritizing the multi-dimensional application of AI technology, including Big Data Analytics for precise business decision support, Automation to reduce redundant tasks, and the development of tools to elevate service quality and better meet client needs.
  • Organizational Restructuring for Innovation Establishing a roadmap to form a dedicated Data and AI Taskforce to serve as a hub for testing, research, and the development of innovative advertising solutions capable of addressing technological shifts sustainably.

Prevention and Management Guidelines

To manage personnel risks and ensure future readiness, the Company has initiated concrete AI upskilling and application projects as follows:

  • Internal Talent Upskilling and Reskilling Actively implementing AI capability-building programs for existing staff to enhance operational processes through specialized training courses, such as Advanced Data Analytics and Prompt Engineering.
  • Operational Process Efficiency Enhancement Prioritizing the multi-dimensional application of AI technology, including Big Data Analytics for precise business decision support, Automation to reduce redundant tasks, and the development of tools to elevate service quality and better meet client needs.
  • Organizational Restructuring for Innovation Establishing a roadmap to form a dedicated Data and AI Taskforce to serve as a hub for testing, research, and the development of innovative advertising solutions capable of addressing technological shifts sustainably.

Emerging Risk Management Plan

Plan B recognizes that the current business landscape is evolving rapidly due to various economic, social, technological, and environmental factors, all of which influence business operations over the medium to long term. These Emerging Risks such as stricter ESG regulatory trends, shifting demographic structures, or changing consumer behaviors in the era of information overload may not present immediate impacts in the short term. However, a lack of preparedness could lead to a loss of competitiveness, increased costs, and future reputational damage.

To mitigate these impacts and enhance Business Resilience, the Company is in the process of developing an Emerging Risk Management Plan with the following concrete implementation guidelines:

  1. Emerging Risk Monitoring Framework
  2. Prioritization & Materiality Assessment
  3. Risk Response Plan
  4. Strategic Integration
  5. Review & Adaptation

Corporate Risk Culture

Corporate risk culture is a fundamental component for effective enterprise risk management. Plan B focuses on fostering a robust risk culture throughout the organization and expects all employees to be accountable for risk management in their daily activities. In 2025, Plan B conducted training and disseminated risk management information to employees across the group and its subsidiaries. This reached 1,068 participants ranging from the Board of Directors and executives to supervisors and operational staff to instill awareness and foster a comprehensive understanding of the context and significance of risk management within the organization.

Executive

Number of Personnel

23

Manager

Number of Personnel

126

Supervisor

Number of Personnel

253

Operation

Number of Personnel

666

Risk Management Performance

The Company conducts annual risk assessments and utilizes the findings to inform corporate strategic planning. Risks are categorized into five severity levels according to their business impact and classified into five dimensions namely Strategic Risk, Operational Risk, Financial Risk, Regulatory Risk, and Sustainability Risk. This framework encompasses both internal factors and the volatile external business environment.

During 2025, the Company executed a comprehensive risk assessment with cooperation from every business unit. The evaluation considered impact severity from low to very high and the likelihood of occurrence ranging from likely to occur within the next year to certain to occur within three months. As a result, 61 specific risk issues were identified.

Stakeholders Directly Impacted

Shareholders
Shareholders
Employees
Employees
Customers
Customers
Business Partners
Business Partners
Communities
Communities
Lessors
Lessors
Regulatory Authorities and Government
Regulators and Government Agencies