EGAT's operational management procedures and regulatory measures encompass the establishment of clear corporate policies, quality management procedures, implementation of internal control mechanisms, and conducting risk assessments to ensure the company's compliance and effectiveness. These procedures vary according to the specific requirements of each department. Apart from focusing on enhancing safety, quality, and efficiency, they are supported by comprehensive execution strategies. They are continuously updated to address the evolving civil aviation regulations and customer demands.

RISK MANAGEMENT FRAMEWORK

RISK MANAGEMENT PROCESS

EGAT’s risk management process includes: risk identification, risk analysis, risk assessment, risk response, risk supervision and review mechanisms, and risk disclosure and communication.

RISK IDENTIFICATION AND MITIGATION

Strategic Risks

Changes in international political and economic situations, industry technological trends, market demand fluctuations, and reliance on a single or few customers may affect the company's operational planning.

Response Measures

1. Expand into new markets and service scopes to reduce reliance on a single or few major customers, diversifying the customer base to mitigate business risks.
2. Monitor changes in international geopolitical developments and economic situations, industry technological trends, and market demand fluctuations closely, adjusting business strategies and operational plans promptly. Conduct market analysis and gather competitive intelligence to respond to changes promptly.
3. Invest in research and development and technological innovation to keep pace with industry trends, maintaining high technical standards and service quality.

Operational Risks 1

Fluctuations in prices of materials, parts, and equipment required for aircraft maintenance or supply chain issues. This may lead to cost increases or supply disruptions, affecting maintenance operations.

Strategic Risks

Establish sound relationships with suppliers to ensure stable supply of materials and equipment. Besides maintaining regular contact with manufacturers and actively monitoring order delivery status, increase inventory levels for aircraft materials that may affect aircraft release or have longer delivery periods, and place orders in advance according to maintenance plan requirements to secure order sequencing. In emergency situations, besides purchasing from aircraft manufacturers or original equipment manufacturers (OEMs), simultaneously explore alternative sources in the aircraft material market to address urgent needs.

Response Measures

Operational Risks 2

Technological advancements: Continuous development and updates in aircraft technology and equipment may result in changes in maintenance methods and processes. Failure to keep abreast with technological changes may lead to efficiency reduction and customer loss, among other cost risks.

Response Measures

Continuously invest in R&D and technological innovation, adopting advanced technologies, and closely collaborating with international aviation manufacturers, domestic academia, and research institutions to respond to technological changes, enhance competitiveness, and cultivate EGAT’s technical capabilities in the aviation industry.

Operational Risks 3

Regulatory and compliance risk: Aircraft maintenance must comply with strict regulations and standards, requiring resource investment to ensure compliance. Non-compliance may lead to risks such as fines, lawsuits, and reputational damage.

Response Measures

The responsible units should regularly update regulatory and compliance requirements and have obtained ISO 9001, AS 9110, and AS 9100 quality system certificates. Additionally, pass quality system certifications from international aviation majors such as Boeing and Airbus to ensure the Company complies with strict regulations and standards. Moreover, they undergo regular third-party audits by the International Civil Aviation Organization (ICAO) to ensure impartial assessment. EGAT has established a dedicated quality assurance unit responsible for overseeing the quality and legality of aircraft maintenance and aviation product manufacturing inspections.

Operational Risks 4

Labor market changes: Aircraft maintenance requires skilled workers, which may lead to increased labor costs. Furthermore, there may be instances of workforce instability.

Response Measures

1. Develop systematic training programs and recruit high-quality employees to maintain the professional workforce needed for aircraft maintenance operations and improve efficiency and quality.
2. Implement comprehensive compensation and benefits policies, provide a conducive work environment, promote labor-management communication, and offer career development plans to maintain workforce stability.
3. Continuously expand and stabilize recruitment channels for human resources, such as strengthening cooperation with vocational education institutions, rehiring retirees, and hiring professional personnel who have resigned, to ensure a stable and qualified workforce.
4. Collaborate with multiple domestic universities and colleges for corporate internship programs and actively research automation and smart production lines to use advanced technology to replace manual labor, enabling employees to focus on high-value-added production operations.

Compliance Risks

Failure to comply with relevant laws, regulations, and requirements of the International Civil Aviation Organization (ICAO), national civil aviation authorities, and regulatory agencies during business operations may result in potential losses. Risks related to the integrity and effectiveness of contracts, such as the legality of service undertakings and awareness of international laws, also exist.

Response Measure

1. Develop standard operating procedure (SOP) documents such as procedural manuals and work instructions in accordance with the requirements of civil aviation authorities, obtaining maintenance facility licenses verified by aviation authorities, conducting initial and regular recurrent regulatory training for authorized maintenance personnel, and ensuring that aircraft maintenance releases are legally executed.
2. Conduct regular internal audits and undergoing annual external audits by aviation authorities to maintain certification validity and enhance compliance risk management in accordance with legal requirements.

Financial Risks

International exchange (currency) risk, interest rate risk, credit risk, revenue concentration risk, procurement concentration risk, cost risk, etc., pose potential risks of losses.

Response Measures

1. International exchange (currency) risk: We adopt a prudent and conservative approach to international currency fund management and hedging strategies. Relevant financial personnel maintain close contact with banks at all times and gather market information related to exchange rates to fully understand exchange rate trends. We also aim to reduce the amount of international currency holdings to mitigate the potential adverse effects of exchange rate fluctuations.
2. Interest rate risk: Regular assessment of borrowing interest rates and maintaining good relationships with financial institutions to obtain lower financing costs. Strengthening working capital management to reduce dependence on bank borrowing and diversify the risk of interest rate fluctuations.
3. Credit Risk: EGAT has established procedures for customer credit investigation and approval. By collecting information on customers’ financial status and credit ratings, we manage credit risks effectively. Standardized review processes and risk monitoring allow us to assess customer risks, set credit limits, and monitor changes in risk. Through accounts receivable management, we monitor customer payment status, optimizing the company’s creditworthiness. Revenue concentration risk: Prior to providing maintenance services, obtaining certification from civil aviation authorities is necessary to meet stringent customer requirements for product safety standards. Currently, the Company’s aircraft maintenance clientele spans across all continents globally. In addition to maintaining stable and favorable relationships with existing clients, efforts are being made to actively explore new markets and attract new clients domestically and internationally to ensure continued stable business growth. Procurement concentration risk: To mitigate the risk of concentrated procurement, the company actively seeks qualified suppliers to diversify risk. Specifically, for materials critical to aircraft operation or with longer lead times, inventory levels are increased, and orders are placed in advance according to maintenance schedules to secure a favorable position in order prioritization. Furthermore, EGAT has established procedures for vendor evaluation, vendor management, and inventory control to ensure the most appropriate control operations and maximize the effectiveness of inventory management. Cost risk: The Company mitigates cost risk by implementing comprehensive standard operating procedures and internal control systems. These measures effectively address various factors that could lead to increased operational costs. By diligently managing risk and controlling costs, the company ensures the stability and sustainable development of its business.

Information Risk

Information system security management, operation, and risks resulting from backup failures. Risks such as data leakage, cyberattacks, information system failures, and knowledge management.

Response Measures

1. Conduct confidential information asset inventories in accordance with information asset management regulations to protect the integrity and availability of the Company’s confidential information assets.
2. Implement endpoint protection detection management, vulnerability detection, and penetration testing for critical systems to strengthen information security.
3. Regularly conduct social engineering drills and information security awareness courses to enhance employee awareness of information security.
4. Regularly conduct disaster recovery drills to ensure that disaster recovery mechanisms can quickly return to normal or acceptable operating levels at critical moments.
5. Upon receiving information security intelligence, assess the impact, risks, and resources of the information and determine the most appropriate response, making records accordingly.
6. Establish procedures for reporting information security incidents to ensure the effectiveness of related operations when information security incidents occur.

Environmental and Climate Change Risks

Address risks related to climate change and natural disasters, such as greenhouse gas emission management, carbon rights management, energy management, and compliance with new environmental regulations and requirements.

Response Measures

The Sustainability Committee Executive Team has identified four climate risks and three climate opportunities facing EGAT through the risk management process. After analyzing the financial impacts of issues on the company and the time frame of their effects (short, mid, long term), corresponding management measures and goals were proposed. The execution of various management measures and the achievement of goals are regularly reviewed by the Sustainability Committee and submitted to the Board of Directors for resolution.

Other Risks

Includes risks not described above but could cause significant losses to the company, such as long-term emerging risks, occupational safety risks, significant external, uncontrollable, or non-human-induced hazards, etc. Establish appropriate risk control and management procedures based on the characteristics and degree of impact of the risks.

Response Measures

Occupational safety risks involve the health and safety of employees, which also affect work efficiency and quality. Therefore, the following response measures have been formulated: 1. Provide appropriate environmental control measures to ensure the comfort and safety of employees under various environmental conditions. 2. Provide sufficient occupational safety training and education for employees to identify and respond to potential hazards and risks in their work. 3. Convene monthly Occupational Safety Promotion Group meetings and comprehensive safety management meetings to review various occupational safety and health management items, occupational disaster improvement results, and conduct regular and irregular safety and health inspections every month to ensure compliance with safety regulations.

Provide high-quality maintenance, assembly, and component services for aircraft, engines, and components is the core business of EGAT. To ensure product safety and quality, a complete management system and operating instructions have been established to implement product safety and quality control.

INTERNAL AUDIT REGULATIONS AND PROCESSES

EGAT has established the “Regulations Governing Internal Audits” and established an Auditing Division to conduct regular audits in the areas of legal compliance, information security, finance, and company operations. These audits aim to examine any deficiencies in internal control systems, measure operational performance, provide timely improvement recommendations, and develop annual audit plans based on the results of risk assessments to ensure the company’s sustainable operation.

According to the “Regulations Governing Internal Audits”, internal auditors are required to have attended internal audit-related professional training courses organized by professional training institutions recognized by the competent authority. In addition, the Company has established a Quality Inspection Section within the Quality Assurance Department specifically for maintenance operations. This section is staffed with several professional auditors who possess extensive maintenance experience, and they conduct annual audits of relevant departments according to established procedures.