Corporate Governance

Overview of Good Corporate Governance Policies and Practices

The Company recognizes the importance of upholding good corporate governance, which is widely acknowledged as a key factor in promoting fairness to stakeholders, maximizing long-term shareholder value, and enhancing organizational efficiency. Accordingly, the Company is committed to operating in alignment with the principles of good corporate governance for listed companies as outlined in the 2017 Corporate Governance Code (“CG Code”) issued by the Securities and Exchange Commission (SEC) of Thailand.

The CG Code is structured into five key categories as follows:

Section 1: Right of Shareholders

The Company realizes and places importance on equality of all shareholders’ rights by keeping equitably with support and facilitation all shareholders to exercise their rights as both investors and owners of the Company. Shareholders are entitled to access to the information accurately, completely, timely, and transparently via the Stock Exchange of Thailand’s disclosure channel and the Company’s website. Furthermore, the Company encourages shareholders to exercise their rights legally such as the right to buy, sell or transfer shares, the right to receive dividends, the right to participate in the annual general meeting, vote and make a question at the meetings of shareholders. Apart from the above mentioned about the right of shareholders, the company is responsible for encouraging and facilitating shareholders to exercise their rights as follows:

1.1 ) Information Disclosure

The Company regularly disseminates important and necessary information to shareholders via the Stock Exchange of Thailand (SET) channel, media, publications, and Company’s website. Moreover, the Company also provide telephone number and information request channel through the e-mail address of Investor Relations section.

1.2 ) The Annual General Meeting

1.2.1) Preparation of the Notice of the Annual General Meeting of Shareholders

  - The Company delivers the notice of the shareholders’ meeting together with relevant supporting documents for each agenda item. The agendas are clearly specified by subject matter and include the Board of Directors’ opinions, relevant provisions of the Company’s Articles of Association, and proxy forms. These materials are provided to shareholders for their consideration at least 21 days prior to the meeting date.

     To facilitate foreign shareholders, the Company also prepares and discloses the English version of the notice concurrently with the Thai version.

  - The Company discloses the notice of the shareholders’ meeting on its website and through the Stock Exchange of Thailand (SET) no less than 28 days prior to the Annual General Meeting. The disclosure is also made via electronic media.

1.2.2) Proxy appointment

  - To facilitate and encourage the participation of all shareholder groups in the shareholders’ meeting, the Company allows shareholders to appoint an independent director or any person as their proxy to attend the meeting on their behalf. Shareholders may use any of the proxy forms provided along with the notice of the meeting. The Company specifies the required documents and evidence for proxy appointments and imposes no undue conditions that would hinder the proxy process.

The proxy form complies with the format prescribed by the Department of Business Development, Ministry of Commerce, and allows shareholders to clearly specify their voting instructions. A list of the Company’s independent directors eligible to be appointed as proxies is also provided.

     For institutional investors or foreign shareholders who appoint a custodian in Thailand to hold and safeguard their shares, the Company coordinates in advance regarding the required documents and evidence to be presented prior to the meeting. This is to ensure a smooth and efficient registration process on the meeting day.

1.2.3) The voting procedure and the method of counting the votes

  - The Company encourages shareholders to exercise their voting rights and gives importance to every agenda item. Clear explanations are provided regarding the voting procedures and vote-counting methods. Each share carries one vote. To ensure transparency, the Company engages a representative from a legal firm to act as an observer during the vote-counting process. Voting is conducted separately for each agenda item to preserve shareholders’ rights.

     Resolutions are passed by a majority of votes, except for agenda items that require not less than three-fourths of the total votes of shareholders attending the meeting and entitled to vote, as specified by law.

  - For electronic meetings, shareholders are allowed to cast their votes electronically for each agenda item when the Chairman of the meeting opens the voting session. Shareholders can select and submit their votes individually for each agenda item.

  - The Chairman of the meeting shall announce the voting results for each agenda item after the voting session for that item has concluded. The results shall be presented separately by the number of votes for approval, disapproval, abstention, and invalid ballots, including their respective percentages of the total votes of shareholders attending the meeting or of those eligible to vote on the relevant agenda item. Additionally, electronic traffic data (Traffic Data) is collected in accordance with the requirements stipulated in the annex to the Notification of the Ministry of Information and Communication Technology.

1.2.4) Providing shareholders with the opportunity to submit questions related to the Company in advance of the shareholders’ meeting

  - The Company provides shareholders with the opportunity to submit questions regarding the meeting to the Company in advance, no less than 28 days prior to the meeting date. This invitation is announced via the Stock Exchange of Thailand’s website, the Company’s Investor Relations website, and included in the notice of the shareholders’ meeting.

  - Furthermore, during the meeting, shareholders are encouraged to ask questions, express opinions, and provide suggestions on each agenda item without limitation, within the appropriate timeframe in accordance with good meeting practices.

1.2.5) Providing shareholders with the opportunity to propose meeting agenda items and nominate individuals for directorship election

  - The Company provides an opportunity for shareholders to propose matters for inclusion in the meeting agenda and to nominate qualified candidates for consideration as directors in the Annual General Meeting in advance.

1.2.6) The Annual General Meeting of Shareholders shall be held within four months from the end of the Company’s fiscal year.

  - In 2024, the Company held Annual General Meeting of Shareholders (no Extraordinary General Meeting was convened during the year). The meeting was held on 21 June 2024 at 10:00m. in the form of an electronic meeting (e-Meeting), conducted from the meeting room at 388 Exchange Tower, Sukhumvit Road, Khwaeng Klongtoey, Khet Klongtoey, Bangkok 10110.

  - The Company utilized the electronic meeting control system provided by Quidlab Co., Ltd., which is an e-meeting service provider certified by Electronic Transactions Development Agency (ETDA) (The certification document number สพธอ.65-006).

  - The Company published the Guidelines for the Annual General Meeting of Shareholders via electronic means (e-Meeting), along with the User Manual for attending the e-Meeting, through both the Stock Exchange of Thailand’s website and the Company’s website.

  - As the meeting was conducted in the form of an electronic meeting (e-Meeting), the Company utilized information technology systems and a barcode system to ensure transparency and facilitate the registration process for shareholders who had pre-registered or submitted a proxy in advance. Shareholders who expressed their intention to attend the e-Meeting were able to log in to the meeting system at least two hours before the scheduled meeting time, in accordance with the user manual for attending the e-Meeting, which had been published and distributed to shareholders in advance.

  - At the Annual General Meeting of Shareholders held on 21 June 2024, the Company Secretary provided clear explanations regarding the voting procedures, vote-counting methods, procedures for raising questions, and other meeting protocols to ensure that the meeting was conducted in an orderly and efficient manner.

  - The Chairman of the meeting conducted the shareholders’ meeting in accordance with the sequence of agenda items as specified in the notice of the meeting. No additional agenda items were introduced without prior notice to the shareholders.

  - The Company invited a representative from Baker & McKenzie Company Limited to act as an observer to ensure that the shareholders’ meeting was conducted with transparency and in compliance with applicable laws and the Company’s Articles of Association. A complete and accurate record of the meeting minutes was prepared. Details of the 2024 Annual General Meeting of Shareholders are available under the “Shareholders’ Meeting” section of the Company’s Investor Relations website.

1.2.7) Notification of meeting resolutions and minutes of shareholder meetings

  - The Company disclosed the summary of resolutions passed at the shareholders’ meeting, including the voting results for each agenda item, to shareholders and the general public via the information disclosure system of the Stock Exchange of Thailand on the same day as the meeting. The minutes of the shareholders’ meeting, in both Thai and English, were also published on the Company’s website within 14

Section 2: Equitable Treatment of Shareholders

        The Company places great importance on protecting the rights and interests of all shareholders in a fair and equitable manner—whether they are major shareholders, minority shareholders, institutional investors, Thai shareholders, or foreign shareholders. All shareholders are considered owners of the Company and are entitled to equal treatment regardless of gender, age, or nationality. The Company ensures the disclosure of material information and significant operational updates to shareholders and holds an Annual General Meeting of Shareholders each year, enabling all shareholders to exercise their rights and participate in the governance of the Company.

        2.1) Measures to ensure equal treatment of shareholders

        2.1.1) The Company has established measures to prevent the directors and executives to exploit the Company’s inside information for their own benefit;

• Insider Trading Policy

  - The directors or executive officers, including his/her spouse and minor child, shall not use any inside information for the buying, selling, transferring or acceptance of transfer of the Company’s securities before the disclosure of such information to the public or before the disclosure of financial statements of the company to the public. The period in which the purchase, sale, transfer or acceptance of transfer of the Company's securities is controlled, i.e. the period in which the Company's securities price may be affected by activities such as the disposing of assets, opening a new business or new product, etc., and the period from closing the financial statements to submitting financial statements to the SET and the SEC, which is not more than 45 days for quarterly financial statements and not more than 60 days for annual financial statements.  In addition, after the disclosure of the information, the above-mentioned person should not buy or sell (not less than 24 hrs.) securities until the public has received such information and had an opportunity to evaluate it thoroughly.

  - The Company restricts employee’s access rights to the data layer to prevent access to information that may be sensitive and affect the price of the Company's securities based on Need-to-know Basis.

  - The Company has set prohibitions on the use of inside information for personal benefits and communicated to all employees including clear legal penalties.

  - The Company has set a Blackout Period during appropriate timing.

• Measures for reporting of holdings and changes in securities holdings

  - The Company complies with the provisions of the Securities Act and announcements of the Securities and Exchange Commission (“SEC”) and related announcements from the Capital Market Supervisory Board regarding the preparing, disclosing and submitting reports on holdings and changes in securities holdings of the Company's board of directors, executives, including management positions in the accounting or finance fields who are department managers or equivalent, their spouses and children who minor within the specified period to the Office of the Securities Commission and the Stock Exchange (“SEC Office”).

  - The Company discloses the shareholdings of directors and executives, both direct and indirect, clearly separated, disclosing the number of shares held at the beginning of the year and which were traded during the year and report to the board meeting on annual basis.

  - The Company shall notify the directors and executive officers who have responsibilities to report the possession of the securities by himself/herself, his/her spouse and his/her minor child that when the directors or executive officers including their spouse or their minor child buy, sell, transfer or accept transfer of the securities of the Company, they have duties to submit the reports of securities holding in accordance with the rules, conditions and procedures specified in the notification of the Capital Market Supervisory Board.

• Measures for preparing reports on interests

  - To comply with Section 89/14 of the Securities Act, the Company requires directors and executives to report their interests related to the management of the company's or subsidiaries’ business or those of related persons to the Company, in accordance with the rules, conditions and procedures announced by the Capital Market Supervisory Board.

  - The Company Secretary submits a copy of the report to the Chairman of the Board and the Chairman of the Audit Committee according to the criteria stipulated by the Securities Act Section 89/16 and the Stock Exchange and reports every time there is a change in order for the Audit Committee to consider the risk of conflicts of interest of persons who may have conflicts according to the SEC announcement.

• Measure to establish information technology and data security

  - The Company has established IT Steering Committee (ITSC) to promote, supervise and manage the use of information technology system and the IT security system to prevent the leakage of inside information or damage that may occur to the data. The Company also implements and complies the standard system ISO27001:2022 (Information Security, cybersecurity and privacy protection – Information security management system) that the International Organization for Standardization (International Organization for Standardization, abbreviated as ISO) officially in October 2022, which was modified from ISO27001:2013

2.1.2) The Company sets up the following policies to prevent conflict of interest;

• Measures to prevent structural conflicts of interest

  - The Company has arranged a transparent and clear management structure in the shareholding structure and investment in subsidiaries or associated companies.

• Measure to inspect and report connected transactions

  - The Company has established measures for related transactions between the Company and persons who may have conflict of interest that the executives or related persons will not be able to take part in approving such transactions. In addition, the Company has arranged for the Audit Committee to consider and give opinions on the transactions between the Company and related persons which are disclosed in the connected transactions.

• Measure to prevent the conflict of interest by rules and regulations of the company

  - The Company has established “Rules and regulations of entertainment and gift exchanging” for employees at all levels to be aware of the principles, terms of accepting gifts and hospitality for customers. Such rules and regulations shall be regarded as part of this anti-corruption policy as well and disclosed in the Anti-Corruption Policy.

• Board of director meetings voting policy

  - Directors who have a conflict of interest in any matter will not have the right to vote on that matter.

Section 3 Roles of Stakeholders

        The Company recognizes importance of rights of all stakeholders including shareholders, employees, customers, competitors, business partners, creditors and society and environment. It’s a common duty of the Company to equally consider of every type of stakeholders, by taking actions legally with fairness

Section 4 Information Disclosure and Transparency

        4.1) Disclosure of Information

        4.1.1) Disclosure of information is one of the important CG principle

        The Company has set up a policy, approved by the Board of Directors, relating to information disclosure for external parties in order to ensure that such disclosure information; financial and non-financial information, is accurate, adequate, timely, and equally accessible by all related recipients and also complies with related laws and regulations. Apart from annual disclosure 56-1 One report most of the information is posted on the Company website in Thai and English with regular updates, thus helping shareholders, customers and interested persons to access the information with ease, equality and reliability. The Company also disclosed other financial transactions and press release to analysts and investors through the Company’s website (www.aeon.co.th). The Investor Relations also communicated with investors through conference calls and email on a regular basis.

4.1.2) Personal Data Protection Policy

• The Company has policies and guidelines aimed at protecting the personal information of all stakeholders.
• The company has established the PDPA Steering Committee (PDPA Steering Committee) to promote proper PDPA compliance.
• The Company has issued a Privacy Notice for customers, shareholders, third parties, and employees on the Company's website to inform the data owner of the purpose, period, and legal basis for collecting data, cases in which information may be disclosed to third parties including other details as required by law.

4.2) Investor Relations

        The Investor Relations section has been assigned to take the responsibility of providing and disseminating information and activities of the Company of the benefits with institutional and individual investors, stock analysts, shareholders, and other people. Investors and interested parties can contact the Investor Relations section directly for the Company’s information, including financial statements, 56-1 One Report, and notifications to SET/SEC, etc.

Investor Relations contact information

Section 5 Responsibilities of the Board

        The Board of Directors is responsible for overseeing the Company’s operations to ensure efficiency, transparency, and compliance with the principles of good corporate governance, with the aim of creating long-term sustainable value for shareholders. The Board performs its duties within the defined scope of roles and responsibilities outlined in the Board Charter, which serves as the primary guideline for the Board’s operations to ensure clarity, transparency, and accountability.

Anti-Corruption & Bribery Policy

        AEON Thana Sinsap (Thailand) Public Company Limited (the “Company”) is against and does not accept corruption in any form. The Company has prescribed anti-corruption & bribery procedures for its activities to comply with this policy and will regularly review whether these procedures comply with the relevant laws and maintain the Company’s reputation. All the employees, subsidiaries and parties involved with the Company must strictly comply with this policy.

Objectives

        This policy has been established to ensure that all employees of the Company and its subsidiaries comply with the anti-corruption & bribery measures, and shall review the practices, roles, responsibilities, risk management systems and internal control and audit measures to anti-corruption & bribery and prevent fraud within the Company.

        The Board of Directors is responsible for establishing policies and overseeing the implementation of an effective anti-corruption & bribery system. This ensures that the Company recognizes and prioritizes the importance of comba tting corruption, while fostering and embedding it as part of the corporate culture.

Definitions

        Corruption shall mean any exploitation that is unlawful, whether by offering, promising, soliciting, demanding, giving or accepting bribes, assets or any other benefits or behavior associated with corruption with government officials, government agencies, or any parties related to the Company, whether directly or indirectly, for those parties mentioned to perform or refrain from performing their duties; and to acquire, maintain or keep any other inappropriate business interests except when acceptable by the laws, regulations, local traditions or trade practices.

        Bribery shall mean a form of Corruption, involving the act of offering, giving, or receiving any form of benefit, whether monetary or non-monetary, with the intent to improperly influence the actions, decisions, or behaviors of individuals in positions of responsibility. It also extends to facilitation payments, which are monetary or non-monetary items offered to accelerate or secure certain operations. Such actions, whether conducted directly or indirectly, are considered unethical and often violate legal and organizational standards.

        Embezzlement shall mean the act of dishonestly taking or misusing funds, assets, or resources entrusted to someone, usually for personal gain.

        Entertainment and Gifts expenses shall mean the expense for activities to establish good relationships which include accommodation fees, business-related fares, business visits or food and drink.

        Facilitation payment shall mean the money, objects, prizes or any other things given to conduct favorable actions, whether directly or indirectly, to facilitate or accelerate any operations.

Anti-Corruption & Bribery Policy

• The Company has a policy to conduct business in good faith with honesty, transparency and ethical principles by focusing on fostering the attitude among its employees to oppose, correct and be responsible for corruption issues, including communicating the knowledge, understanding to all employees and performing tasks honestly and in accordance with the policy.
• The Company does not accept any corruption activity which may be an offence under the law and is committed to conduct business with integrity, honesty, and fairness according to the Company's commitment to prescribe and enforce effective anti-corruption & bribery measures.
• The Company will cooperate and support anti-corruption & bribery activities by promoting and participating in monitoring, auditing and having mechanisms to monitor and control the exercise of power to be appropriate, transparent and efficient as well as to act in compliance with the anti-corruption laws.
• The Company shall set the standard for the investigation procedure for trials to be effective and in compliance with the operation of the appointment of the Disciplinary Working Team and operation for appointment of the Disciplinary Working Team for Fraud Case which are considered part of this policy.
• The Company shall establish a standard investigation procedure to ensure its effectiveness. The board of directors and the management shall conduct an annual review of the policy to ensure its ongoing suitability, adequacy, and effectiveness.

Roles and Responsibilities

• The Board of Directors is responsible for approving the Policy of Anti-Corruption and Bribery. Additionally, the Board establishes the direction for the Anti-Corruption and Bribery Policy and provides oversight at the Board level.
• The Audit Committee is responsible for the revision of the financial and accounting reporting system, internal control, internal audit and risk management system to ensure that they are succinct, appropriate, modern, efficient and in line with international standards. The Audit Committee also collaborates with the Risk Management Committee and the Corporate Governance (CG) Committee, and/or other department that may be involved, to ensure a comprehensive approach to anti-corruption risk oversight.
• The Executive Committee and senior executives are responsible for forming the system to promote and support the - & bribery policy to communicate this policy to all employees and relevant departments and review the suitability of the system and measures and search the anti-corruption & bribery measures that conform to the changes in business, regulations, rules and laws.
• The supervisors at all levels are responsible for ensuring that all employees under their supervision are aware of and understand this policy, and they regularly review their knowledge of the policy.
• All employees at all levels are appointed to:
  • Strictly adhere to the organization’s guidelines on anti-corruption and bribery.
  • Promptly report any suspected or confirmed incidents of bribery, corruption, or unethical behavior through the designated reporting channels.
  • Refrain from activities that may create or appear to create conflicts of interest, ensuring decisions are made ethically and transparently.
  • Actively engage in anti-corruption and bribery training sessions to enhance understanding of relevant policies and regulations.
  • Foster a work environment that values honesty, transparency, and accountability, setting an example for ethical behavior across the organization.

Whistle Blowing

        The Company provides channels and encourages employees, including the stakeholders, to report any suspicious matters or behavior relating to misconduct as soon as possible, or when the employees and stakeholders witness or suspect that an action conflicts with this policy, or could lead to an offense in the future.

        The Company shall investigate without disclosing the whistle blower’s identity to prevent any potential adverse impact on the whistle blower. The Company shall proceed with the investigation process in accordance with the regulations prescribed by the Company and record the investigation in writing. The whistle blower's identity shall be kept confidential and shall be accessible by concerned personnel only.

Whistle Blower Protection

• The Company encourages and is open to employees to report actual offenses under this policy, even if it was found later that such a report is based on a misunderstanding. The Company has no policy to demote, punish or cause negative effects on employees who refuse to commit corruption, even if such action will cause the Company to lose a business opportunity.
• The Company promises that no employee shall be adversely affected by the denial of participation in corruption, including well-intentioned reporting of suspicious behavior of bribery, or other fraud that occurs or may occur in the future.
• If an employee is subject to unfavorable treatment, such as dismissal, disciplinary action, bullying, contract termination, or other inappropriate treatments due to whistle blowing. If any employee is treated in such manners, he/she must report such treatment immediately to the supervisor, senior management of the department /or supervisor in the line of work.
• The Company guarantees protection against retaliation or discrimination against whistleblowers acting in good faith.
• All reports will be handled with utmost confidentiality to safeguard the whistleblower’s identity and ensure their security.
• All reported cases will be thoroughly investigated by an appointed team to ensure impartiality and fairness, and appropriate actions will be taken in line with company policies and legal requirements.

Whistle Blowing Policy and whistleblower protection

        AEON Thana Sinsap (Thailand) Public Company Limited has established a whistleblowing system as a channel for receiving reports or complaints regarding misconduct, non-compliance with internal policies, rules and regulations, or the AEON Code of Conduct, including any inappropriate or unethical behavior within the organization. The objective is to enable early detection of issues, allow for appropriate remedial actions, and prevent future occurrences. Examples of reportable misconduct include:

• Non-compliance with internal policies or regulations
• Collusion with conflicting businesses
• Breach of trust or ethics
• Violation of the AEON Code of Conduct
• Breach of working rules and regulations
• Power harassment or sexual harassment
• Insider trading

Whistleblowing Channels

        Reports can be submitted to the following designated contacts: the Managing Director, the Director in charge of Legal, the Director or representative responsible for Corporate Governance, the person in charge of compliance, or an independent legal counsel.

        Internal Whistleblower: All employees may report via the internal whistleblowing channel.

        External Whistleblower:

  1) Send a letter to: Whistleblowing Helpdesk Team

  AEON Thana Sinsap (Thailand) Public Company Limited

  388 Exchange Tower, 26th Floor, Sukhumvit Rd., Khwaeng Klongtoey, Khet Klongtoey, Bangkok 10110

  2) Email: [email protected]

        The Company is committed to conducting its business with honesty, transparency, and integrity. In support of this commitment, the whistleblowing system is open to all stakeholders who may report any concerns relating to suspected misconduct, fraud, corruption, or violations of laws, regulations, or internal company policies. Investigation and Confidentiality

        Upon receiving a whistleblowing report or complaint, the Company will proceed with a formal investigation process in accordance with its internal procedures. All reports are documented and reviewed systematically.

        The Company places utmost importance on maintaining the confidentiality of whistleblowers. The identity of the whistleblower or complainant will not be disclosed unless consent is given, or disclosure is required by law. All information received will be securely stored, and access will be restricted only to those directly involved in the investigation process. This ensures that whistleblowers are protected from retaliation or any adverse consequences arising from their good-faith reporting.

Anti-Money Laundering and Combating the Financing of Terrorism and Proliferation of Weapons of Mass Destruction: AML/CFT/WMD

        AEONTS and subsidiaries are committed to combating money-laundering and financing of terrorism and the proliferation of weapons of mass destruction to be complied with the applicable laws and regulation of legal entity and to be complied with AFS Group’s AML/CFT policy.

        We are taking into the account its social responsibility as a financial institution, company and corporate group, considers the prevention of money laundering and terrorist financing to be one of its most important management issues.

        To ensure that compliance with the laws concerning Anti-Money Laundering, Combating the Financing of Terrorism and the Proliferation of Weapons of Mass Destruction (AML/CFT/WMD) is complete, successful and efficient as applicable laws, the Company therefore implements the AML/CFT/WMD policy as follows:

1. The Company supports and strictly complies with the applicable laws and regulations on Anti-Money Laundering, Combating the Financing of Terrorism and the Proliferation of Weapons of Mass Destruction to ensure that the completion of the customer due diligence which includes the customer’s identification and verification process, transaction reporting and other duties as stipulated in laws and regulations.
2. The Company will develop the primary and subordinate of AML/CFT/WMD policies and guidelines which cover the following topics: customer acceptance principles including unacceptance criteria. The process should include but not limit to Know-Your-Customer (KYC) and Customer Due Diligence (CDD), Identification and Verification of customer and beneficial owner, Name screening against watchlist and designated person, risk assessment, the approval or rejection of establishment of relationship transaction reporting and the termination of customer’s relationship.
3. The Company develop policy, regulation, procedure and guidance to manage and mitigate the customer’s risk in Money Laundering risk, Financing Terrorist and Proliferation Financing of weapons mass destruction since establish relationship until exit relationship. The process to assessment money laundering is start from Know-Your-Customer (“KYC”) to identification and verification the customer identity, the customer’s risk assessment to assess the customer’s risk, transaction monitoring process to monitor the customer’s transaction and report the regulator if required. To achieve money laundering risk management, the company shall develop the related policy and procedure applicable to all products/services and channels to meet the regulatory requirement and shall complete the process of identification and assessment of ML risks prior to the launch of new products, service, business practices, delivery channels or mechanisms or application of new technology to existing products and services.
4. The Company shall submit the transaction reporting to AMLO and will develop the policy which includes all transaction reporting categories, method, process and timeframe as per regulatory requirement.
5. The company shall develop independent internal control which meets the company risk management and the business size by developing the policy to be complied with AMLO regulations and applicable laws.
6. The company shall develop the sharing information policy and related materials among group of company, branches and subsidiaries, both local and oversea entity.
7. The company shall retain the KYC/CDD information and transaction information as stipulated by laws and regulations.
8. The company shall not support the directors, executives, staffs, employees and anyone who acts on behalf of company to involve, support, and willful blindness in AML/CFT/WMD including prohibited by law from disclosing (“tipping-off”) the fact that a suspicious transaction report (STR) or related information i.e. KYC, AMLO reporting is being filed with AMLO. But these provisions are not intended to inhibit information sharing required for the purposes of lawful duty money laundering or sharing information among branches and subsidiaries when necessary for AML/CFT purposes.
9. The company shall appoint the management to oversight and oversee the AML/CFT/PF risk regarded as the highest importance responsibility and to be complied with the applicable laws and regulations including the internal policy and intra-group management.
10. The company shall provide and enhance the staff’s knowledge and understanding on the compliance with the applicable laws, policies and guidelines regarding Anti-Money Laundering, Combating the Financing of Terrorism and the Proliferation of Weapons of Mass Destruction as well as provides training of such as per the training policy of the Company to the Company’s staffs to ensure that the Company’s staffs have sufficient and efficient knowledge to perform the responsibility relation to AML/CFT/PF.
11. The Company shall arrange to have its internal audit program regarding the compliance with the primary and subordinate policies as well as guidelines on Anti-Money Laundering, Combating the Financing of Terrorism and the Proliferation of Weapons of Mass Destruction by ensuring that the internal audit program is performed independently without the conflicts of interest.
12. The Company will set out policy and procedures of information sharing in regards with AML/CFT/WMD between the company and branches, subsidies, located in Thailand and oversea that are the same group by having in place measure for strictly safeguarding the shared information. In case there is a domestic law or foreign law prescribing the use, or sharing of customer’s information, it should follow such law.
13. The Company must set out internal control and measure of sharing information between branches or affiliated companies within the same business group.

Policy of the Right of Personal Data Protection and Personal Data

        Since the operation of the Company is related to personal data, it is therefore highly aware of the problem of personal data abuse and adheres to the protection of privacy rights security of personal information, the use of personal data to meet the purpose of collection under the legal framework, as well as compliance with the key principles of personal data protection.

        The Company has policies and practices to protect personal data of all stakeholders. The Company has improved processes and practices following the Personal Data Protection Act to develop potential and create awareness among personnel in the organization. Therefore, we have provided the company’s personnel the training about guidelines for personal data protection to be informed and prevent damage that may occur in the collection, usage and disclosure of personal information as well as the information is kept safe, confidential and will not be disclosed except required by law or with the consent of the service recipient.

        For personal data collection, use, or disclosure, the Company has provided a Privacy Policy Statement or a Privacy Notice for customers, shareholders, third parties and employees on the Company's website to notify the data owner of the purpose, data to be collected, duration, legal basis for data collection where information may be disclosed to third parties, including other details as required by law.

        The Company also devotes attention to the legal rights of the data owner. Therefore, the appropriate channels for right exercising and receiving complaints are provided. The Company has a policy to investigate and deal with within a reasonable time.

Policy of Human Rights

        The company and its subsidiaries prioritize expanding its business growth while also focusing on respecting the rights of everyone involved, including customers, employees, partners, and local communities. This involves clear communication of the policies, enforcing strict guidelines, and regularly updating the policies to be consistent and in line with the current situation. All these efforts aim to prevent any human rights violations and to build trust among the customers, employees, partners, business partners, and local communities connected to the company's business operations activities.

Objectives and Goals

• The company aims to increase awareness about the importance of respecting human rights in all its activities to avoid any harm to the rights of employees, customers, business partners, and the local community that might come from its business operations.
• The company has developed a human rights policy to comply with laws and key global standards. This policy includes ensuring equality and no discrimination, providing a positive workplace, opposing child labor and forced labor, protecting personal information, and supporting the community, among other things.
• The company aims to foster and enhance respect for human rights. The company supports and agrees with the importance of respecting each other’s rights, in both its business practices and as part of the global community.
• The company implements a comprehensive human rights due diligence process in accordance with the United Nations Guiding Principles on Business and Human Rights (UNGP) to manage human rights within the organization and its supply chain. This is to prevent human rights violations, comply with laws and international standards, build trust and credibility, manage risks, and promote sustainability in the company's business operations.

Guidelines

        The company follows AEON Group Future Vision as a guideline for promoting respect for human rights for every individual throughout the organization. This means treating and protecting everyone’s fundamental rights with equality and fairness. The focus is on allowing people to express themselves, ensuring they are paid fairly, and standing against discrimination, human trafficking, child labor, and forced labor. The company has specific rules to guide these practices in the following details.

• The company recognizes the principle of equality and categorically rejects all forms of discrimination, irrespective of race, nationality, skin pigmentation, gender, age, language, religion, sexual orientation, physical disability, political beliefs, or any other characteristics that are not relevant to an individual’s moral integrity, diligence, and competence
• The company commits to ensuring a secure and salubrious work environment conductive to both physical and mental well-being, devoid of any form of harassment, victimization, or other conduct deemed inappropriate.
• The prohibition of child labor, forced labor, and all forms of human trafficking within the confines of the company's operations and its supply chain is strictly enforced.
• The company prioritizes and promotes human rights principles and child rights protection in accordance with the United Nations Convention on the Rights of the Child (UN Convention on the Rights of the Child) as follows:

 -   Non-discrimination and equal treatment in all actions related to all groups of children.

 -   Consideration of safety, protection of rights, and opportunities for comprehensive child development.

 -   Ensuring the best interests of the child to avoid and prevent actions that diminish or infringe upon children's rights.

 -   Encouraging children to participate and express their opinions through the company's social activities.

• The company respects the privacy of its employees, customers, and business partners, ensuring the protection of their personal information with utmost diligence.
• Through the establishment of the AEON Thailand Foundation, the company actively fosters social engagement, executing social responsibility initiatives in a systematic manner that avoids the infringement of human rights.
• The company facilitates two-way communication channels, empowering employees and stakeholders to be well-informed, comprehend, and exhibit respect for human rights. This includes providing opportunities for employees and stakeholders for the submission of suggestions, comments, and the reporting of indicators or complaints concerning potential violations of human rights.
• The company has a procedure for the examination of information received from whistleblowers or complaints pertaining to human rights issues, addressing management challenges, and communicating findings to the Board of Directors as stipulated.
• The company ensures the provision of appropriate, regular training and development programs tailored to the potential of its employees, promoting continuous learning and adaptation to the evolving global landscape.
• The company ensures that treatment and welfare of our employees adhere to labor law standards and relevant regulations.
• The company implements a comprehensive human rights due diligence process to prevent and mitigate human rights risks, following the United Nations Guiding Principles on Business and Human Rights (UNGP) to manage human rights within the organization and its supply chain. The practices include:

 -   Announcing Human Rights Policy: The company publicly announces its human rights policy and discloses human rights performance through sustainability or annual reports.

 -   Human Rights Risk and Impact Assessment: The company assesses human rights risks from various operations, including the supply chain.

 -   Preventing and Mitigating Human Rights Impacts: The company establishes measures to prevent and mitigate human rights impacts comprehensively and integrates human rights principles into its operations and stakeholder-related activities.

 -   Monitoring and Evaluating Human Rights Performance: The company regularly monitors and evaluates human rights performance and updates measures and practices to align with the situation when violations are identified.

 -   Remedying Human Rights Violations: The company has measures to remedy those affected by human rights violations and prevent such incidents from recurring in the future.

 -   Reporting Human Rights Performance: The company prepares reports on human rights audits and resolutions transparently for stakeholders.