Corporate Structure

Corporate Governance

The Company recognizes that good corporate governance is vital for enhancing operational efficiency and fostering sustainable growth, which ultimately leads to the greatest benefits for all stakeholders—including employees, investors, shareholders, and all other related parties.

Corporate Governance Handbook

The Board of Directors of STA

The Board of Directors of STA

As of 31 December 2025, the Company’s Board of Directors consists of 12 members, including 8 non-executive directors (66.67% of the total Board) and 4 executive directors (33.33% of the total Board). The Board includes 4 independent directors (33.33% of the total Board), of whom 2 are women (16.67% of the total Board). All independent directors fully meet the Company’s qualifications, which are more stringent than those required by the Capital Market Supervisory Board. The Board is composed of individuals with diverse backgrounds in terms of gender, age, qualifications, knowledge, skills, professional expertise, and experience, all of which are essential and valuable to the Company’s business operations.

Composition of the Board of Directors

Name Position Executive Director Non-Executive Director Independent Director
Mr. Viyavood Sincharoenkul Chairman/Chairman of the board of directors
Ms. Anusra Chittmittrapap Vice-chairman of the board of directors/Independent Director/Chairman of Audit Committee/Vice Chairman/Chairman of Remuneration Committee/Chairman of Corporate Governance Committee
Mr. Veerasith Sinchareonkul Director/Managing Director/Chairman of Risk Management Committee/Chairman of Sustainability Development Committee/Member of Corporate Governance Committee
Mr. Chaiyos Sincharoenkul Director/Executive Director
Mr. Kitichai Sincharoenkul Director/Executive Director/Member of Nomination Committee
Mr. Paul Sumade Lee Director/Executive Director
Mr. Vitchaphol Sincharoenkul Director/Executive Director/Member of Sustainability Development Committee
Mr. Patrawut Panitkul Director/Executive Director/Member of Risk Management Committee
Mr. Chalermpop Khanjan Director/Executive Director/Member of Risk Management Committee/Member of Sustainability Development Committee
Gen Thanasorn Pongarna Independent Director/Member of Audit Committee/Chairman of Nomination Committee/Member of Remuneration Committee
Mr. Thanatip Upatising Independent Director/Member of Corporate Governance Committee
Ms. Nongram Laohaareedilok Independent Director/Member of Audit Committee/Member of Nomination Committee/Member of Remuneration Committee
Total 4 persons 8 persons 4 persons
Name Position
1. Mr. Viyavood Sincharoenkul Chairman/Chairman of the board of directors
2. Ms. Anusra Chittmittrapap Vice-chairman of the board of directors/Independent Director/Chairman of Audit Committee/Chairman of Remuneration Committee/Chairman of Corporate Governance Committee
3. Mr. Veerasith Sinchareonkul Director/Managing Director/Chairman of Risk Management Committee/Chairman of Sustainability Development Committee/Member of Corporate Governance Committee
4. Mr. Chaiyos Sincharoenkul Director/Executive Director
5. Mr. Kitichai Sincharoenkul Director/Executive Director/Member of Nomination Committee
6. Mr. Paul Sumade Lee Director/Executive Director
7. Mr. Vitchaphol Sincharoenkul Director/Executive Director/Member of Sustainability Development Committee
8. Mr. Patrawut Panitkul Director/Executive Director/Member of Risk Management Committee
9. Mr. Chalermpop Khanjan Director/Executive Director/Member of Risk Management Committee/Member of Sustainability Development Committee
10. Gen Thanasorn Pongarna Independent Director/Member of Audit Committee/Chairman of Nomination Committee/Member of Remuneration Committee
11. Mr. Thanatip Upatising Independent Director/Member of Corporate Governance Committee
12. Ms. Nongram Laohaareedilok Independent Director/Member of Audit Committee/Member of Nomination Committee/Member of Remuneration Committee

Mrs. Pacharin Anuwongwattanachai serving as the Company Secretary to the Board of Directors.

Board Skills Matrix

Director Business/
Management		 Accounts/
Finance/
Economics		 Communication
and Public
Relations		 Occupational
Health and
Safety		 Social and
Environmental
Responsibility		 Good corporate
governance		 Risk and
Opportunity
Management		 Business
and Marketing		 Information
Technology
and Digital		 Law and
Legal Studies		 Research
and Innovation		 Climate Change
Management
1. Mr. Viyavood Sincharoenkul
2. Ms. Anusra Chittmittrapap
3. Mr. Veerasith Sinchareonkul
4. Mr. Chaiyos Sincharoenkul
5. Mr. Kitichai Sincharoenkul
6. Mr. Paul Sumade Lee
7. Mr. Vitchaphol Sincharoenkul
8. Mr. Patrawut Panitkul
9. Mr. Chalermpop Khanjan
10. Gen Thanasorn Pongarna
11. Mr. Thanatip Upatising
12. Ms. Nongram Laohaareedilok

Information on subcommittees

As of 31 December 2025, the sub-committees of the Board consist of the Executive Committee, the Audit Committee, the Nomination Committee, the Remuneration Committee, the Risk Management Committee, the Corporate Governance Committee, and the Sustainability Development Committee, which assist in overseeing, reviewing key matters, and providing recommendations to the Board of Directors.

(1) The Executive Committee

Name Position
1. Mr. Viyavood Sincharoenkul Chairman of the board of directors
2. Mr. Veerasith Sinchareonkul Managing Director
3. Mr. Chaiyos Sincharoenkul Executive Director
4. Mr. Kitichai Sincharoenkul Executive Director
5. Mr. Lee Paul Sumade Executive Director
6. Mr. Vitchaphol Sincharoenkul Executive Director
7. Mr. Patrawut Panitkul Executive Director
8. Mr. Chalermpop Khanjan Executive Director

(2) The Audit Committee

Name Position
1. Ms. Anusra Chittmittrapap Chairman of Audit Committee
2. Gen Thanasorn Pongarna Member of Audit Committee
3. Ms. Nongram Laohaareedilok Member of Audit Committee

(3) The Nomination Committee

Name Position
1. Gen Thanasorn Pongarna Chairman of Nomination Committee
2. Gen Thanasorn Pongarna Member of Nomination Committee
3. Ms. Nongram Laohaareedilok Member of Nomination Committee

(4) The Remuneration Committee

Name Position
1. Ms. Anusra Chittmittrapap Chairman of Remuneration Committee (Independent Director)
2. Gen Thanasorn Pongarna Member of Remuneration Committee (Independent Director)
3. Ms. Nongram Laohaareedilok Member of Remuneration Committee (Independent Director)

(5) The Risk Management Committee

Name Position
1. Mr. Veerasith Sinchareonkul Chairman of Risk Management Committee (Managing Director)
2. Mr. Chalermpop Khanjan Member of Risk Management Committee (Executive Director)
3. Mr. Patrawut Panitkul Member of Risk Management Committee (Executive Director)
4. Mr. Chaidet Pruksanusak Member of Risk Management Committee
5. Mr. Nattee Thiraputhbhokin Member of Risk Management Committee

(6) The Corporate Governance Committee

Name Position
1. Ms. Anusra Chittmittrapap Chairman of Corporate Governance Committee (Vice Chairman/Independent Director)
2. Mr. Thanatip Upatising Member of Corporate Governance Committee (Independent Director)
3. Mr. Veerasith Sinchareonkul Member of Corporate Governance Committee (Managing Director)

(7) Sustainability Development Committee

Name Position
1. Mr. Veerasith Sinchareonkul Chairman of Sustainability Development Committee (Managing Director)
2. Mr. Vitchaphol Sincharoenkul Member of Sustainability Development Committee (Executive Director)
3. Mr. Chalermpop Khanjan Member of Sustainability Development Committee (Executive Director)
4. Mr. Nattee Thiraputhbhokin Member of Sustainability Development Committee

Ms. Saranthinee Mongkolrat serving as the Secretary to the Sustainability Development Committee.

Scope of Duties and Responsibilities of the Sustainable Development Committee
  1. To determine directions, policies, strategies, goals, and plans for sustainable development covering environmental dimension, social dimension, and governance & economic dimension of the Company and propose to the Board of Directors;
  2. To support and drive cooperation in operations regarding sustainability throughout the organization by advising and promoting the integration of sustainability performance into business strategies, risk assessment, and corporate plans for both short-term and long-term to achieve the organization's sustainability goals;
  3. To review and recommend the Company's sustainability practices to be in line with best practices and international standards and up-to-date at all times, and propose such practices to the Board of Directors for consideration, improvement, and development.
  4. To consider and approve the organization's annual sustainability issues in accordance with the needs and expectations of the stakeholders, external context, direction, and goals of the organization, as well as propose to the Board of Directors for approval, and assign the management to respond and follow up;
  5. To follow up and summarize the sustainability performance of the organization and report progress to the Board of Directors at least once a year;
  6. To oversee the disclosure of The Company’s sustainability information through the Company's annual report and annual sustainability report;
  7. To consider the appointment of a sustainability working group as it deems appropriate.
  8. To supervise, inspect, and follow up on the Company’s management operations related to climate change, including setting, reviewing, and improving related policies and/or guidelines, and managing said climate risks as well as giving consideration in setting guidelines and strategies for operations and activities to reduce greenhouse gas emissions

The Sustainable Development Committee has established a Sustainability Development Working Group. The Working Group is responsible for implementing policies, conducting the Company's sustainability activities according to the policy, and follow up on the implementation of the plan and communicate important issues related to corporate sustainability to employees at all levels, so that employees are aware of sustainability issues that may affect the Company's goals.

Please refer to Annual Report 2025, available on the company’s website.

(https://www.sritranggroup.com/en/investor-relations/downloads/yearly-report)

Assessment of the Board of Directors, Sub-Committees, and CEO

The Company places importance on the evaluation of Board effectiveness as a key mechanism under the principles of good corporate governance. The Board performance evaluation is conducted annually and covers the following:

  • The Board of Directors as a whole
  • Individual directors (Self-Assessment)
  • All sub-committees
  • CEO Performance Evaluation

This process is aligned with the requirements of the Stock Exchange of Thailand (SET) and the guidelines of the Thai Institute of Directors (IOD), which constitute key elements in the Corporate Governance Report (CGR) assessment.

Evaluation Criteria in Alignment with CGR Requirements

  1. Board Evaluation The evaluation covers key areas under the CG Code, including:
    • Appropriateness of Board structure, composition, and diversity
    • Clarity of roles, duties, and responsibilities
    • Effectiveness of Board meetings and quality of information provided
    • Strategic oversight and monitoring of performance
    • Balance and relationship with management
    • Continuous development of directors’ capabilities
  2. Individual Director Assessment This assessment focuses on individual accountability and effective participation, including:
    • Qualifications, knowledge, and expertise
    • Availability and time commitment
    • Participation in discussions and decision-making
    • Independence of judgment
    • Collaboration with other directors and management
  3. Sub-Committee Evaluation All sub-committees are evaluated in terms of the appropriateness of:
    • Structure and composition
    • Scope of duties and responsibilities (charter alignment)
    • Meeting effectiveness
    • Quality of reporting to the Board of Directors
    • These elements reflect the quality of the governance structure in accordance with CGR criteria.
  4. CEO Performance Evaluation The Board conducts an annual evaluation of the CEO’s performance, covering ten key areas, including leadership, strategy formulation and execution, financial performance, human resource management, stakeholder relations, and succession planning. This evaluation reflects the Board’s role in monitoring management performance in accordance with the CG Code.

Scoring Criteria and Transparency The Company applies a scoring system ranging from 0 to 4 and converts the results into a percentage of the total score, with clearly defined performance levels to ensure measurable and comparable outcomes:

  • ≥ 90% = Excellent
  • ≥ 80% = Very Good
  • ≥ 70% = Good
  • ≥ 60% = Fair
  • < 60% = Needs Improvement

Evaluation Process The Company Secretary’s Office is responsible for compiling, analyzing, and reporting the evaluation results to the Board of Directors for consideration and continuous improvement. The annual evaluation results were presented to the Board of Directors on 3 February 2026.

Utilization of Evaluation Results The Company uses the evaluation results as supporting information to:

  • Enhance Board composition and skill sets
  • Review roles, responsibilities, and meeting processes
  • Strengthen strategic oversight

This is to continuously elevate governance standards in line with best practices and CGR assessment criteria.

In 2025, the Board of Directors, Sub-Committees, and the CEO’s assessment results can be summarized as follows:

The assessment results

Board of Directors

Group assessment

Grade / Average score received (percent)

96.97 %

Self-assessment

Grade / Average score received (percent)

96.52 %
Sub-Committee

Audit Committee

Grade / Average score received (percent)

97.50 %

Nomination Committee

Grade / Average score received (percent)

97.06 %

Remuneration Committee

Grade / Average score received (percent)

96.67 %

Risk Management Committee

Grade / Average score received (percent)

95.00 %

Corporate Governance Committee

Grade / Average score received (percent)

99.44 %

Sustainable Development Committee

Grade / Average score received (percent)

93.38 %

CEO assessment

Grade / Average score received (percent)

87.42 %

Sustainability Management Structure

The company has announced the “Corporate Sustainability Development Policy” and established a sustainability management structure. The Board of Directors has assigned the Sustainability Development Committee to be responsible for setting the direction, policies, strategies, goals, and plans for the company’s sustainability development. This includes identifying risks and opportunities related to sustainability, overseeing, auditing, and monitoring the company’s climate change management activities. Additionally, the committee is tasked with defining, reviewing, and improving relevant policies and/or practices, managing climate-related risks, and appointing a sustainability working group to collaborate with the Corporate Sustainability Development Department. This ensures that operations align with the company’s vision and effectively achieve the established sustainability goals.

Sustainability Management Structure

Code of Conduct

The Company has established its vision, mission, corporate values, and Code of Conduct as guiding principles for its directors, executives, and employees. These guidelines ensure that all personnel perform their duties with honesty and integrity, comply with laws and regulations, and adhere to the rule of law, transparency, and morality.

We place great importance on our shareholders, customers, and business partners, while maintaining a strong sense of responsibility toward our employees, the community, society, and the environment. Furthermore, the Company takes all stakeholder groups into account when performing duties to achieve the goal of sustainable business development. The Board of Directors reviews and updates these principles annually and ensures ongoing communication through annual training programs to foster continuous awareness.

Code of Conduct

Anti-Corruption

The Company places importance on good corporate governance for transparent and ethical operation and being against all forms of corruption. The Board of Directors has assigned the Corporate Governance Committee to be responsible for setting anti-corruption policies and monitoring compliance with such policies to promote transparency, accountability, and to build an ethical organizational culture to prevent corruption. In 2025, the Company carried out activities to enhance good governance, business ethics, and anti-corruption efforts as follows:

  • The Company reviewed its anti-corruption policy and communicated the policy to counteract corruption to the Board of Directors, Executives, and Employees via E-mail and intranet. The Company was also required an annual review of its anti-corruption policy to ensure its completeness and covers all risks of corruption in the Company's business operations, including bribery, political contributions, and charitable donations. The appropriate guidelines have been established to prevent risks that may arise from such activities. This policy extends to affiliated companies.
  • The Company provides training to directors, executives, and employees to build proper knowledge and understanding of the anti-corruption policy through the "Good Corporate Governance" course. The Company has set a target of 100% employee training completion and requires directors, executives, and employees who attend the training to pass the knowledge assessment with a score of at least 70%. In 2025, 100% of directors, executives, and employees completed the training. This is intended to instill in everyone within the organization adherence to the good corporate governance policy and ethical business conduct. The course also includes policies on conflict of interest prevention, insider information usage, guidelines for receiving gifts, complaint reception, and whistleblower protection, to ensure that employees have proper knowledge and understanding and can apply them correctly.
  • The Company was certified as a member of the Thai Private Sector Collective Action Against Corruption (CAC) in 2018 and has continuously conducted business with transparency. In 2025, the Company participated in the CAC Change Agent program and received the CAC Change Agent Award for the third consecutive year, demonstrating its commitment to expanding the transparent business network to business partners by encouraging partners to join the collective action against corruption, thereby concretely strengthening sustainability in the supply chain and building confidence among all stakeholders of the Sri Trang Group.

    The Company was certified as a member of the Thai Private Sector Collective Action Against Corruption (CAC)

  • The Company announced its No Gift Policy during the New Year holiday season and on any other occasions through the website www.sritranggroup.com and internal and external communication channels, such as creating public relations materials displayed at various points in all factories and on the Intranet system, to demonstrate its commitment and continuously communicate to all stakeholder groups, including business partners, customers, affiliated companies, and external parties.

    The Company announced its No Gift Policy during the New Year holiday

  • The Company arranges risk assessments for fraud both inside and outside the organization in order to prevent and subjugate fraud by analyzing the risks of fraud cases that affect business operations, determining the level of risk importance, and appropriate measures for assessable risks and the results are reported to the relevant committee for acknowledgment.
  • The Company has established an internal audit function to ensure that the internal control and risk management systems in place enable the Company to achieve its set objectives, as well as to verify that operations comply with regulations, rules, business code of conduct, and include monitoring and evaluating the implementation of the anti-corruption policy. The Internal Audit Department, which operates independently and reports directly to the Audit Committee, is designated to conduct audits and report audit findings to provide recommendations for developing operational systems that are efficient, effective, free from corruption, and in accordance with good corporate governance guidelines.

Compliance with the Anti-Corruption Policy

Sri Trang Agro-Industry Public Company Limited and its subsidiaries conduct business under the principles of good governance, transparency, and accountability, placing great importance on preventing and combating corruption in all forms. The Company has clearly announced its anti-corruption policy and mandates that employees at all levels strictly comply with this policy.

Based on whistleblowing reports in 2025, after investigation, no violations of the anti-corruption policy were found.

Anti-Corruption Performance
Topic 2025 Unit
Employees disciplined for non-compliance with the anti-corruption policy 0 Person
Employees terminated for non-compliance with the anti-corruption policy 0 Person
Expenses, fines, or penalties related to corruption 0 Baht

The above data demonstrates that the Company has an effective anti-corruption management system, and all employees cooperate in strictly adhering to business ethics principles

Whistleblowing

The Company has committed to conducting business with transparency, integrity, and accountability. It is aligned with the principles of good governance and expects all stakeholders to report any incidents that may violate these principles in order to take corrective action. The Company has a policy for whistleblowing and protecting the whistleblowers to ensure that complaints are handled efficiently. The Company provides various channels for receiving complaints made by any stakeholders regarding any unethical actions, misbehavior, suspected violation of laws, regulations, and ethical business practices, corruption, as well as incorrect financial reporting and defective internal controls which may cause damage to the Company as well as establishing measures to protect complainants acting in good faith.

Channels

Complaints can be submitted through the following channels;

Channel

1

By post or submit directly to Company Secretary, Sri Trang Agro-Industry Public Company Limited. 17Fl, Park Ventures Ecoplex, Unit 1701, 1707-1712 57 Wireless Road, Lumpini, Pathumwan, Bangkok 10330

Channel

2

By telephone number and E-Mail to Company Secretary Telephone number

Telephone number:
+66 2207 4590

E-mail Address:
corporatesecretary@sritranggroup.com

Channel

3

By directly reporting to the units responsible for that issue.

These whistleblowing channels are informed to our employees via internal training sessions and email, and are published on STA’s website for external stakeholders to be acknowledge as well.

Protection of Whistleblowers, Witnesses, and Related Parties

To protect the rights of complainants acting in good faith, the Company, through personnel responsible for handling complaints within the Group, will maintain the confidentiality of information regarding complainants and informants. Complainants will also receive appropriate protection, such as no changes to the nature of their work, workplace, position, or threats of termination or any other unfair treatment toward the complainant before the implementation of this policy is fully completed, even if such actions result in the Group losing business opportunities.

Related parties who become aware of matters or information concerning complaints must maintain such information as confidential and not disclose it to others, except where disclosure is necessary as required by law. If there is intentional violation in disclosing information, the Group will impose disciplinary action in accordance with the Group's regulations and/or take legal action as appropriate.

Over the past 3 years, the Company has received complaints through these channels, with details as follows:

Types of Complaints Number of Complaints
2023 2024 2025
1. Violations of Business Code of Conduct
  • Human Rights, such as Discrimination or Harassment
  • Customer Privacy Data
  • Social and environment
  • Conflict of Interest
  • Money Laundering or Insider trading
  • Unethical Competition
 4 - 1
2. Corruption or Bribery 5 1 8
3. Services/Products 7 3 1
4. Other 3 8 -

In 2025, the Company monitored complaints according to the complaint handling procedures and found no complaints involving violations of the code of conduct or non-compliance with the anti-corruption policy. Nevertheless, the Board of Directors and the Audit Committee place great importance on the anti-corruption policy, emphasizing the cultivation of good conscience and correct values, and establishing diverse, robust, and effective complaint channels, as well as promoting improvement processes to prevent recurrence. All types of complaints must receive prompt initial responses to demonstrate the Company's serious commitment to management.

(https://www.sritranggroup.com/en/cg/good-cg/whistle-blowing)

Anti-Corruption Policy
Whistleblower Policy

Risk Management and Business Continuity

Due to complex and rapidly changing business environment and the crisis natural disasters which may affect the ability to achieve the goal to drive the organization for sustainable successes, risk management and business continuity management are an important process that helps the Company to handle business uncertainty systematically, to create business potential, to increase business opportunities, and to support the achievement of short-term, medium-term and long-term organization's goals as well as to build confidence and credibility to stakeholders.

Risk Management Policy Business Continuity Management Policy

The Company has a risk management structure consisting of the Board of Directors (BOD), responsible for overseeing the efficiency of risk management framework and appointing the Risk Management Committee (RMC), The chairman is the company's board of directors, responsible for determining the policy and framework as a guideline for practice among Sri Trang’s group including supervision and support for risk management and business continuity management in various aspects to succeed at the overall organization, business unite and project levels. In addition, the RMC also sets up a Risk Working Group (RWG), consisting of executives from several departments, which is responsible for following-up risk management operations regularly to comply with the policy, objectives, risk appetite, and operate by the Risk Management Department, is an independent unite that is not under any business line and the Risk Management Head is not a same person with the Internal Audit Head, responsible for overseeing standards, analyzing, and monitoring risk management in various areas., the risk management framework approved by the Risk Management Committee. Moreover, the RWG’s responsibility is to promote and cultivate employees at all levels to understand the importance of risk management and to be able to bring risk management concepts in practices to create as a corporate culture.

Risk Management Structure

In addition, to increase management flexibility and align with business operation in various environments, the Company has established risk management at the level of business groups/lines or specific committees, for example;

Regulatory Affairs Committee is responsible for effectively considering, controlling, managing, communicating, and providing information to government entities in the same direction without any conflicts and to comply with laws and regulations.

Working Team for Complying with Personal Data Protection Act is responsible for ensuring work plans, guidelines, and practices to be complying with the Personal Data Protection Act.

Sustainable Development Committee is responsible for conducting work plan and governing the Company’s operations to be following the organization’s sustainable development policy which cover environment, social and governance dimensions.

The Company has implemented a risk management system in accordance with international standards, COSO (The Committee of Sponsoring Organizations of the Treadway Commission) or ERM COSO (2017) and Business Continuity Management (ISO 22301:2019) to be applied along with several standards involved in the business. The Company has paid attention to manage 4 key risk factors namely strategic risks, operational risks, financial risks, and compliance risks as well as other emerging risks, ESG risk and project investment risks in each time horizon (Short term (1-3 year), Medium term (>3-5 year) and Long term (>5 year) that may affect the achievement of the vision, mission, objectives, and goals of the Company, in case there is any improper management. Moreover, there is KRIs as a monitoring tool and evaluate risk status for preparation of contingency plans in a timely manner and promote a risk management culture by reviewing risk information at least once a quarter and reviewing the risk management policy and plan annually. Moreover, learning materials and quizzes were provided through an e-learning system for executives and employees to study and review the annual risk management process. By 2025, all executives and employees have completed the study and passed all quizzes (100%). Please see more information of the risk management committee performance and responsibilities in the Annual Report 2025

The Company has established the Business Continuity Management for high-risk disaster situations that may occur to factories covering all factories and product groups of the Company nationwide (STR,LTX,RSS), including planning rehearsals from assessing the likelihood of disasters occurring in each area to ensure that the strategies are ready for actual use and are aware of any limitations that may occur before disasters actually occur. In 2025, the Company conducted 8 time of BCP exercises at plants and handle the Business Continuity Plan in response to the flooding and unrest in border areas enabled the company to maintain business continuity without significant impact on customers and stakeholders.

In 2026, the Risk Management Committee set the goal to manage the Company’s risk management to be efficient and effective under the changing business strategies. This is to ensure that the risk management is adequate, being implemented continuously, and be able to control the risk in acceptable level, enabling the company to achieve the goals and being able to add value to the company as well as delivering the maximum benefits to shareholders and stakeholders of the company fairly and sustainably.

Risk Factors Affect the Company’s Business

Business as Usual Risk to Sri Trang Group

Strategic Risk

  1. Natural Rubber Price Volatility

    Risk Description and Causes: The Commodities includes natural rubber, which tends to have price fluctuations. which entrepreneurs in the natural rubber industry has limitations on harvesting time and changes in the price of natural rubber as mentioned. Factors, affect the price of natural rubber and natural rubber products sold by the company, are demand and supply of natural rubber, raw material price fluctuations, prices of crude oil, energy, oil-based chemicals and speculation in trading in the futures market (Commodity Future Exchange)

    • Time Horizon: Long Term (> 5 years)

    Impact Analysis:

    • Company’s operating performance may be significantly reduced due to the income from the company’s natural rubber products in the fiscal year end of December 31, 2025, the proportion is approximately 79.0 percent.
    • Trading in the agricultural futures market (Commodity Future Exchange) may make rubber prices sensitive from speculation that in addition to regional and global economic factors.

    Risk Mitigation Plan: The Company has a policy to manage risks arising from fluctuations in the price of natural rubber both managing the process of acquiring raw materials in quantity and price, expanding raw material purchasing centers and production to various regions of the world (Global source) such as Ivory Coast, along with using natural rubber trading contracts in the futures market and with product delivery, the contracts will be fair value as of the reporting date in the financial statements. In addition, the Company has implemented hedging accounting to reduce the impact of changes in fair value due to changes in the price of natural rubber.

  2. Discrepancy between Growth in Demand for Natural Rubber and Expectations

    Risk Description and Causes: The natural rubber and rubber gloves are products that are in demand from a wide variety of user groups in countries around the world. As a result, the amount of consumption demand and market expansion can change from many factors whether there are consumption behavior, trends, substitute products, changes in technology as well as rules and regulations, experiment in order to replace natural rubber in the event that the price of natural rubber increases. And the Food and Drug Administration (FDA) and in some country’s announcement prohibiting the use of powdered rubber gloves in medicine, etc.

    • Time Horizon: Medium Term (>3-5 years)

    Impact Analysis:

    • Company’s operating performance may be significantly reduced due to the income from the company’s natural rubber products in the fiscal year end of December 31, 2025, the proportion is approximately 79 percent.
    • The company may disadvantage of competition and market share in the long term from the inability to develop products to meet the needs of diverse consumers and the substitute products.

    Risk Mitigation Plan: The Company is closely aware of changes that may affect the demand for consumption of natural rubber and rubber gloves and plan to manage risks to minimize the impact. For the natural rubber products, the company has produces rubber products, namely TSR, RSS, and LTX that have various usage characteristics according to customer needs, helping to alleviate risks that may arise from specific customer groups. In addition, the company has diversified risk by vertically integrated business model also allows us to against a negative impact on any part of our operations. Rubber Glove Products, the company manages such risks starting from our machinery can produce both latex and nitrile gloves, which allows us to timely adjust the proportion of glove production. We also have a variety of customer bases that have varying preferences and regulations. Our production and marketing strategies can be timely adjusted to respond to changing market demand.

  3. Operations and Investments in Foreign Countries

    Risk Description and Causes: The company has operated and invested in many countries such as Thailand, Singapore, Indonesia, Vietnam, Myanmar, China, Philippines, Ivory Coast, and the United States. Therefore, the Company is exposed to risks associated in these countries from situations such as inflation, interest rate, economic conditions, insurgency military, conflict terrorism political, safety conditions, laws and regulations, import duties and other tariffs, natural disasters, foreign exchange bans or capital transfers or the seizure of private businesses or private property, etc.

    • Time Horizon: Long Term (> 5 years)

    Impact Analysis:

    • Company’s operating performance may be reduced significantly from under target of the project.
    • The significantly affected by various circumstances in the country may make our business halted, disrupted or any obligations.

    Risk Mitigation Plan: The company has assessed the risks and closely follow operations performance, environmental conditions, and changes in related laws and regulations both domestically and abroad to assess opportunities, obstacles, and guidelines for appropriate operations to reduce the negative impact that may occur on the company.

  4. Dependence upon Services of Key Management

    Risk Description and Causes: One important factor affecting the growth of the Company is the ability to recruitment, development and maintain the professional managements. Therefore, it depends on the Company’s ability to retain key executives as well as develop and train new executives (Successor). If a member of experienced management team unable or unwilling to work in their position, the Company may not be able to find a suitable person to replace in appropriate time that may have a negative impact on the business. In addition, the process for recruiting new executives which must compete with other companies.

    • Time Horizon: Long Term (> 5 years)

    Impact Analysis:

    • The company may not be able to recruit talents to support the company’s expansion plans, which may have a negative impact on the business and the Company’s performance significantly.

    Risk Mitigation Plan: The Board of Directors has appointed a Nomination Committee to recruit and search for qualified candidates who could potentially assume positions as the Company’s directors or executives to ensure that such persons will have the required knowledge, skills, and experience to carry out our business strategies. In addition, the company has established a personnel management process for important positions in the organization (Succession Plan), Including appropriate job rotation to ensure that the management have a variety of skills suitable for the positions, such as developing leaders according to the STA Development Program, creating a performance evaluation system and compensation, which includes competitive benefits. as well as creating a career path system, etc.

Operational Risk

  1. Factories or Production Disruption

    Risk Description and Causes: The company’s production requires a lot of necessary resources to the production factory can regularly operate. If there is a natural disaster, accident, epidemic, force majeure, labor or raw material shortage, disruptions in public utilities such as water supply, water recycle systems, electricity, IT and any other catastrophic by human or natural events or events beyond the control of the company It can lead to disruptions or significant interruptions in operation business.

    • Time Horizon: Short Term (1-3 years)

    Impact Analysis:

    • Company’s performance may decrease significantly. In 2025, the Company was affected by flooding at 5 factories, initial estimated value of financial impact from loss of property, buildings, machinery, equipment and inventory is 80-90 million baht. The Company has claimed compensation for the damage from the insurance company, so it did not have a significant impact on the Company’s overall performance.

    Risk Mitigation Plan: The Company has in place a business continuity plan (BCP) to ensure continuity of the Company’s operations in the event of a contingency or any unforeseen circumstances that could disrupt the operations. However, having such plan in place merely ensures that the operations would continue, and any damage would be minimal. It does not necessarily mean that the operations would continue to run as smoothly as they would under normal circumstances. In addition, the Company has industrial all risks insurance to protect the business from any loss or damage that might result from a natural disaster or any unforeseen circumstance, as well as business interruption insurance to minimize the financial impact that could result from any disruption to operations.

  2. Information Technology Risk

    Risk Description and Causes: In a rapidly changing business environment, the company continuously adopts innovative digital technologies to enhance operational efficiency and prepare its skilled workforce to create business opportunities and adapt to future changes. Examples include the use of the SAP system, the implementation of the “SRI TRANG FRIENDS” application to facilitate the purchase of natural rubber from partners nationwide, and the application of Artificial Intelligence (AI) and the Internet of Things (IoT) in operational processes and data management. However, increased reliance on digital technology, automation, and network connectivity may pose IT risks and cybersecurity risks. These include unauthorized access, inaccuracies or discrepancies in data used in AI processing, risks from IoT devices connected to the network, and system failures that could disrupt business operations. These risks could impact the company’s business continuity, reliability, image, and reputation. Furthermore, these risks affect the confidentiality, integrity, and availability of the company’s data and information systems—critical factors for business continuity, stakeholder trust, compliance with the Personal Data Protection Act (PDPA), and adherence to relevant standards.

    • Time Horizon: Medium Term (> 3-5 years)

    Impact Analysis:

    • Business operations may be interrupted due to cyberattacks, system failures, or important data leaks. in 2025, the company did not experience any significant cybersecurity incidents or data leaks that impacted business operations and was able to manage and respond to related incidents according to the established management plan and framework.

    Risk Mitigation Plan: The company recognizes the risks associated with information technology and cyber threats, covering key areas such as 1) Risk Assessment and Prevention (Identify/Protect): Policies for managing various information technology risks are in place and communicated via intranet to all management and employees for their awareness and implementation. This includes penetration testing and vulnerability assessment. 2) Incident Detection and Response (Detect/Respond): Monitoring, investigating, and alerting to abnormal cyber behavior, and implementing an information security incident management system. 3) Business Recovery and Continuity (Recovery): A disaster recovery site and emergency response plan are in place, including ongoing drills to address unforeseen events. Furthermore, the company continuously raises cybersecurity awareness among employees through email newsletters and annual training to encourage greater caution in the use of information systems.

Financial Risk

  1. Exchange Rate Volatility

    Risk Description and Causes: While our financial report is shown in Thai Baht, our raw materials purchasing for natural rubber products are transacted in Thai Baht and Indonesian Rupiah, and our raw materials purchasing for gloves are transacted in Thai Baht and U.S. Dollar. However, approximately 73.7 percent of our total revenues is denominated in U.S. Dollars. (approximately 22.9 percent of our total revenues is denominated in Thai Baht.) Therefore, the fluctuations in the exchange rates between Thai Baht, Indonesian Rupiah, U.S. Dollars, or other currencies, could adversely affect our business, financial position, and operating results. Any fluctuations in the exchange rates between Thai Baht, Indonesian Rupiah, and Malaysian Ringgit could adversely affect our price competitiveness to other natural rubber and glove producers from Indonesia and Malaysia, respectively.

    • Time Horizon: Short Term (1-3 years)

    Impact Analysis:

    • Costs increase and the Company’s performance may be significantly reduced due to income from sales to foreign customers in the fiscal year end, December 31, 2025, the proportion is approximately 73.4

    Risk Mitigation Plan: The Company has attempted to mitigate foreign exchange risks by using financial derivatives to hedge our foreign exchange exposure arising from the purchase and sale of products in currencies other than Thai Baht. Such derivatives are recorded at their fair value on the date of the statement of financial position. In addition, the Company has adopted cash flow hedge accounting in order to reduce the effect of changes in fair value due to exchange rate movement.

Compliance Risk

  1. Illegal and Corruption Risk

    Risk Description and Causes: The group of companies operate comply with the law and regulations both within Thailand and abroad, the Company must comply with laws and regulations in many countries. Therefore, failure to comply or partially comply with the laws, regulations, and policies of each country as well as corruption, it may affect the reputation of the company and lead to punishment and fines or loss of business opportunities. The legal process can be taking a long time and expensive. It is also possible that these regulations and/or social practices may be more strictness in the future.

    • Time Horizon: Long Term (> 5 years)

    Impact Analysis:

    • It may affect to the Company’s performance, reputation, and business opportunities if the group of companies unable to comply with laws and regulations. In 2025, no significant issues were related to corruption for company’s performance.
    • Expenses and fines are very high value that may affect to the Company’s performance decrease significantly.

    Risk Mitigation Plan: The Company has established a business unit that is responsible for monitoring and controlling the amendments of the relevant laws and regulations, including assessing and monitoring risks related to fraud within the organization. The unit will then analyze the impacts on the Company’s operations and communicate to the managements and related business units to ensure that the Company will be able to conduct the business in compliance with the relevant laws and regulations. In addition, the Company has determined regulations and various schemes to ensure compliance with the relevant laws and regulations, such as the Good Corporate Governance and Business Ethics Handbook, the Anti-Corruption Policy, and the whistle-blower system as well as the annual review of compliance and regulations, etc.

  2. Government Intervention

    Risk Description and Causes: When the rubber price falls to low level, government and related organization might implement intervention measures such as decreasing the natural rubber export quota to ease the drop in natural rubber price or purchasing rubber and manufacturing it through partner. However, the measures implemented may cause domestic natural rubber prices to be inconsistent with prices in the global markets or may cause the Company’s sales volume to be inconsistent with market demand, which may impact the cost structure, revenue, and profit of the Company and industry.

    • Time Horizon: Short Term (1-3 years)

    Impact Analysis:

    • If the company is unable to manage raw material costs and selling prices efficiently and in a timely manner It may have a negative impact on the Company’s performance significantly.

    Risk Mitigation Plan: The Company carefully manages its operations under the prevailing circumstances, taking account of the intervention by the Government or any other authorities. Having production facilities located in different strategic locations, both domestically and internationally, also enables us to maintain our competitiveness in the global market.

Environmental Social and Governance (ESG) Risk

Environmental Risk

  1. Water Management and Wastewater Treatment

    Risk Description and Causes: In the current climate change, there is a physical acute risk that has a significant impact on water management because the lack of seasonal rain and there is no rain in the upstream area, so the amount of water stored in the dam decreased, eventually resulting in a drought crisis. Then the amount of water may not be sufficient for use within the factory and nearby communities if the Company lacks an efficient water use management process consistent with the amount of demand for use or lack of effective monitoring and inspection processes for the quantity and quality of water use will likely put the factory in a water shortage situation or is a Water-stressed areas

    • Time Horizon: Short Term (1-3 years)
    • Nature of Risk Impact: Environment/Operational

    Impact Analysis:

    • The operations may be disrupted by drought and amount of water is not sufficient to meet the demand for use in the process. This may have a negative impact on the Company’s performance significantly, in 2025 the company has a risk assessment of areas with extreme level to water stress for 21 percent of the total production area but no impact to the company’s operation

    Risk Mitigation Plan: The company has established a working group to monitor and report the situation of water use and storage within the factory on monthly, there is review and survey the area of the water reservoir plan, surface water sources and underground water source and recycled water source to determine the critical point and contingency plan for water use in each factory. In 2026, the company has set a goal to reduce water use by 20 percent compared to the base year 2022. The company has organized training course “Smart water management for sustainable development” by experts with specific expertise to encourage employees to know and aware of water conservation and prepare for the El Niño situation and manage water from all sources efficiently. To monitor the operational efficiency, we develop a shallow groundwater recharge system under “Shallow Groundwater Recharge Industry Project” of the Groundwater Development Fund Department of Groundwater Resources and the Federation of Thai Industries to encourage to use vacant space within the factory for development as a source for collecting rainwater and adding to the shallow groundwater level.

  2. Energy Management and Alternative Energy

    Risk Description and Causes: Energy is important element in the operations and an important cost to the Company’s performance. At the same time, the energy creates a continuous physical risk to the environment from the release of greenhouse gases from energy using in the production process if the company does not set strategies for energy management and choosing appropriate alternative energy, including developing innovations that help reduce energy use operations processes. It may cause higher costs and negative impacts on the environment.

    • Time Horizon: Long Term (> 5 years)
    • Nature of Risk Impact: Environment/Finance

    Impact Analysis:

    • The Company may lose a competitive disadvantage due to higher production costs than competitors.
    • Business operations may be disrupted due to insufficient energy situations from over-reliance on core energy.
    • The company may lose its reputation that is not support environmentally and expanding business with green innovations in energy.

    Risk Mitigation Plan: The company studies, develops, and improves efficiency in the production process. Planning to maintenance of machinery so that production can be carried out at full efficiency under appropriate energy use or modifying machinery to be energy-saving equipment, such as using a Turbo Blower type aerator for the wastewater treatment system, it replaces the original Root Blower type aerator, it more energy efficient and efficient in waste treatment. The company also has a project to produce electricity from solar energy on a floating buoy (Solar Floating) and Solar Farm, it is a clean and renewable energy to reduce the use of fossil energy and greenhouse gas emissions. In 2025, the company has invested more than 115 million baht to implement the clean energy project.

  3. Climate-Related Risks, Regulations, Standards, and Sustainability Goals

    Risk Description and Causes: Climate Change, caused by global warming, is one of the environmental risks (Climate-Related Risk) that impact to the Company’s business in 2 dimensions.

    1. Physical Risk is divided into acute risks, such as storms, floods, and fires, and chronic risks, such as unusually high rainfall or out-of-season rain, heat waves, or rising temperatures affecting rubber cultivation, etc.
    2. Transition Risk results from changes in policies, regulations, or new standards leading to a low-carbon society. This pushes consumption and production behaviors to be more mindful of this issue, including the selection of environmentally friendly technologies focused on reducing waste and greenhouse gas emissions. Therefore, the company must define guidelines for managing and responding to climate change to mitigate the impact on production that may affect production costs, competitiveness, and the sustainability of future business operations.
    • Nature of Risk Impact: Environment / Economics and Finance
    • Risk Type: Environment
    • Risk Factor (Cause): Environment
    • Time Horizon: Long Term (> 5 years)

    Impact Analysis:

    • Increasingly frequent and severe natural disasters may disrupt to the Company’s business and essential activities, including financial impacts, property and employee safety. In 2025, the Company was affected by flooding at 5 factories, initial estimated value of financial impact from loss of property, buildings, machinery, equipment and inventory is 80-90 million baht. The Company has claimed compensation for the damage from the insurance company, so it did not have a significant impact on the Company’s overall performance.
    • The Company’s operating costs may increase because of developments and efforts to reduce emissions, manage water, use renewable energy, or manufacture products to comply with regulations, such as the European Union’s implementation of the Deforestation Regulation (EUDR).
    • The Company’s reputation are damaged or penalized from promotes environmentally harmful and illegal cultivation of business partners.

    Analysis of situation trends: The Company has monitored fluctuations that have a significant impact on business operations and conducts business sensitivity analysis by considering internal and external factors, both financial and non-financial factors through the models to assess changes in results the values of variables or elements in the analysis and determines a strategic plan to cope by monitoring and reviewing the situation and related factors regularly. Please see more information at website: Sensitivity Analysis Summary | Sri Trang Agro-Industry Public Company Limited (STA)

    Risk Mitigation Plan and Opportunity: The Company has set and implemented strategies to manage risks and opportunities from temperature changes to reduce impacts in various aspects as follows:

    Physical Risk

    • The Company has established policies and prepared a business continuity management plan for high-risk disaster situations that may occur to factories covering all product groups of the Company nationwide (STR, LTX, RSS), including planning rehearsals from assessing the likelihood of disasters occurring in each area to ensure that the strategies are ready for actual use and are aware of any limitations that may occur before disasters actually occur.
    • The Company provided a budget and implemented sustainable water management in collaboration with specialized consultants to prepare for water shortages in the production process in the event of drought and to manage and prevent flooding in risk areas such as develop a wastewater treatment system to increase the efficiency of water management within the factory, a project to install a sediment pump to increase the water keeping area, installing a water gate and dredging a water drainage path, and building a water barrier, etc. In 2025, the company has a budget of more than 7 million baht for water management projects.

    Transition Risk

    (1) Legal and Regulation

    • Establish policy and framework as well as supporting investment in low carbon projects to enhance the amount of greenhouse gas emissions reduce to achieve the goal.
    • Monitor and follow performance, review strategies for GHG emission reduction targets, and continuously improve operations to comply with new or changing policies, regulations, and rules.
    • Carbon Footprint preparation by find significant origins and implement measures to reduce the amount of greenhouse gas emissions, such as energy management and increase production efficiency. Increase the proportion of renewable energy usage.

    (2) Technology, Innovation and Artificial Intelligence

    • The company has a Research and Development department collaborate with the business line and the AI Innovation department to study, develop and improve the production process to be more efficient, reduce energy consumption and waste management, and reduce greenhouse gas emissions, such as the production line control management system, use of robots and automation systems in the production process, use of applications in the rubber buy and sell process (Sri Trang Digital Products), water quality and odor conditioning with biological processes, kiln temperature stability control system to save energy, etc.

    (3) Marketing and Customer Demand

    • Develop and invest the processes for sourcing raw materials and manufacturing products that meet customer needs following the enactment of the European Union Deforestation Regulation (EUDR) to contain world market share.

    (4) Reputation

    • Join as a member of the Thailand Carbon Neutral Network (TCNN), established by the Thailand Greenhouse Gas Management Organization (Public Organization). Participate in projects of the Greenhouse Gas Management Organization (TGO) such as T-VER and LESS, and certified with Forest Stewardship Council (FSC™) and member of The Global Platform for Sustainable Natural Rubber (GPSNR), Development of upstream risk reduction measures from the Rubber Way Risk Mapping to reaffirm the commitment to implementing sustainable development continuously.

    Opportunity Analysis: The company is still committed to research and develop innovations and new production knowledge under environmentally friendly technology to reduce energy usage with reasonable production costs and reduce greenhouse gas emissions, including upstream business operations that are certified for amount of greenhouse gases reduced/absorbed (carbon credits). The Companies whose greenhouse gas emissions still exceed the standard still desire to purchase carbon credits to compensate for the portion of their greenhouse gas emissions.

Social Risk

  1. Business Operations may disrupt the Community and Society

    Risk Description and Causes: Due to the Company Operate a production that may have environmental issues or affect to stakeholders, this may be complained from communities or government on issues, such as waste management remaining from the production process, management of water, air, odor pollution, environmental claims regarding the destruction of ecosystems or biodiversity, Human Rights Due Diligence, non-discrimination and inequality, occupational health and safety in the work area. In the future, rules and/or social practices may change or become stricter.

    • Time Horizon: Medium Term (> 3-5 years)
    • Nature of Risk Impact: Social/Compliance

    Impact Analysis:

    • It may affect the reputation, fines of damages or disrupting or terminating the operations. In 2025, the company did not receive any significant complaints or penalties about an impact on the community and society.

    Risk Mitigation Plan: The company has migrated environmental and social risks through the ISO 14001 environmental management system and ISO 45001 Occupational Health and Safety management by analyzing the organizational context (SWOT), including the expectations of stakeholders to identify and assess risks that may affect the company. The assessment can be classified as follows:

    1. Resource management and pollution control focusing on environmentally friendly production, such as reducing the amount of water by using 100% recycle water in the process, using biomass as fuel energy, unaccepted any type of illegal wood as fuel and the Integrated Biodiversity Assessment Tool (IBAT) is used to assess biodiversity risks and impacts covering the Company’s business activity areas. Including, measures to control and prevent pollution through technology to ensure accuracy and monitoring of the status of the pollution treatment system via an online that can be monitored and tracked at real time.
    2. Complying with relevant laws, rules, regulations, the Company has established risk management measures, such as preparing a procedure to ensure systematic supervision and specify the group of companies must comply with relevant internal and external laws/regulations through work manuals and workshops. The Company has supervised compliance with the manual through internal audit and closely following the changes in laws and regulations related to the Company.
    3. Set standards for managing complaints from customers, communities, employees, and stakeholders through the Whistleblowing channel as well as carrying out the community and social development activities, career development and living conditions, health in terms of helping disaster victims and the underprivileged and promoting a good environment, etc.

Governance Risk

  1. Supply Chain Management

    Risk Description and Causes: The company is the world’s largest fully integrated producer and distributor of natural rubber (Midstream), which must be operated jointly with many external partners, therefore we need to rely on efficient supply chain management to ensure continuity in the delivery of main raw materials for production (Upstream), including raw rubber sheets, cup lump and field latex. If the company lacks a proper process, such as relying on a single or large rubber raw material trader, business ventures and cultivation that affect the environment or violate laws such as the EU Deforestation Regulation (EUDR) law or there is a conflict of interest between raw material traders and company representatives, or failure to comply with the customer’s trade terms (Downstream), it will make the company force with higher risks in supply chain management.

    • Time Horizon: Medium Term (> 3-5 years)
    • Nature of Risk Impact: Governance/Finance

    Impact Analysis:

    • Upstream: Company’s performance may be significantly reduced from a shortage of main raw materials.
    • Midstream: The Company may lose reputation or be penalized from promoting environmentally harmful and illegal cultivation.
    • Downstream: Customers do not purchase products that are found to be at risk of non-conformity with EU

    Risk Mitigation Plan: The company is aware the importance of effective supply chain management. Therefore, a fully integrated business model has been established from upstream, midstream to downstream, allowing the company have a variety of main products, including RSS, TSR, LTX and gloves, which diversify risk of the customer group. In 2025, no single customer who is not a related person accounted for more than 7 percent of our total sale volume of natural rubber products and 7 percent of our total sale volume of gloves. In addition, raw material management, the company has a strategy to build procurement network and set up production plants scattered in the southern, northern and northeastern, as well as expanding raw material purchasing centers and production to various regions of the world (Global source) such as Africa, Indonesia and Myanmar to ensure continuity of raw materials and production processes. Supplier Relationships Management, increase the number of rubber raw material traders and control amount of purchases per person to prevent monopoly or reliance on large trader. Internal audit process that controls and prevents conflicts of interest between raw material traders and company’s representatives. The company is also able to trace back the source of rubber raw materials (Traceability) by setting up a working group to design and determine measures, such as a retrospective inspection system, tracking the process of each product and preparation for data reporting to ensure that the company and business partners do not carry out actions that affect the environment or commit illegal acts.

Emerging Risk

  1. Disruptive from Technology and Artificial Intelligence Risk

    Risk Description and Causes: Nowadays, the rapid innovation and technological change (Disruptive Technology and AI) is more influence because business uses new technology to increase efficiency in various operations and make competitive potential, so it necessary for entrepreneurs to adapt, including the quality of products, services, and the knowledge and abilities of personnel to keep up with the change. The advancement of technology is beginning a greater role in the natural rubber industry especially the production technology that allows entrepreneurs have lower costs in the long run, make a competitive advantage from being able to set low selling price, and reduce amount of unskilled labor that replaced by technology, which may cause widespread impacts. However, the development of technology in the Company still considers the impacts on the environment, community and society.

    • Time Horizon: Long Term (> 5 years)
    • Risk Type: Operational/ Governance
    • Risk Factor (Cause): Technology, Innovation and AI
    • Nature of Risk Impact: Economics

    Impact Analysis:

    • Company’s performance may be significantly reduced from competitors in the market have cheaper product costs.

    Analysis of situation trends: The Company has monitored the progress of technology and innovation in manufacturing of both domestic and global industries (Megatrends), including other economic risk factors, along with appropriate resource allocation and the rate of return, in order to provide important information for investment decision-making.

    Risk Mitigation Plan: The company has a continuous plan for innovation and technology development in production to increase efficiency in competition (production efficiency and cost reduction) along with establish a good regulatory structure for IT and AI Governance under the principles of promoting sustainability and being environmentally friendly and added value for products. The Company also develop the employe to keep up with technological changes, including skill development, general knowledge, and specialized knowledge along with creating awareness of social and environmental responsibility.

    Opportunity Analysis: The Company has studied and researched new projects with a determination to develop innovation and technology potential related to production processes to cover all product groups of the Company (RSS, TSR, LTX) to meet customer needs and sustainable environmental management leads to increased opportunities and competitiveness.

  2. Geopolitical Risks and Unrest in Border Areas

    Risk Description and Causes: Conflicts in border areas have a domino effect on businesses, particularly risking the safety of employees working or residing in conflict-prone areas. This can cause stress and demoralize employees when faced with emergencies requiring urgent evacuation or relocation, potentially leading to loss of life or property. Other risks include disruptions to factory production in affected areas, logistics and supply chains, labor shortages in border areas, and impacts on confidence in trading partners.

    • Time Horizon: Medium term (3-5 years)
    • Risk Type: Political
    • Risk Factor (Cause): Geopolitical Conflicts
    • Nature of Risk Impact: Economic and Political

    Impact Analysis:

    • The company’s performance may be significantly reduced due to factory disruptions in conflict areas. However, in 2025, due to unrest in border areas, the company has factories located approximately 60-100 kilometers away from risky areas, thus unaffected by production and transportation disruptions.
    • It may affect customer confidence if Thailand faces international sanctions or trade restrictions. Operating businesses in conflict zones may raise ethical concerns and questions about human rights violations.

    Analysis of situation trends: Border conflicts remain fragile and uncertain, meaning the company must continue to prepare for volatility. Access to labor from conflicting countries may not recover immediately, impacting the labor market in the long term and necessitating the selection of workers from other countries. Preparation for potential emergencies is also crucial.

    Risk Mitigation Plan: The company has established policies and business continuity plans, including emergency management, communication, and evacuation plans in case of unrest in border areas. Drills are conducted based on assessments of potential incidents in each area to ensure the readiness and effectiveness of management strategies, and to identify potential limitations before actual events occur. A crisis management strategy is also in place under the direction of senior management (War Room).

    Opportunity Analysis: As one of the world’s largest producers and exporters of rubber, with a complete supply chain encompassing rubber plantations, processing plants, and exports to diverse markets, developing a robust business continuity system capable of effectively managing crises will enhance customer and stakeholder confidence. Furthermore, it allows for diversification strategies in raw material sources, production, and transportation, as well as ensuring the safety of employees and communities during crises.

Investment and Project Risk

Investment, new projects, or new businesses of the company are always faced with a risk from improper resource management, inexperienced team or incorrect budget, complexity and uncertainty in the project structure, if there is a lack of good management, the project will not succeed as planned.

Risk Mitigation Plan

In addition to considering the consistency of corporate strategy and return on investment, project investment risk management is another crucial component of business success. Therefore, every investment project must have a systematic risk analysis by the relevant business unit in each field and shall be considered and approved by the Board of Directors or related authorized personnel in order to ensure that the projects are implemented in accordance with defined plans and goals, and not affect the community and the environment.

Risks to Investment in Our Shares

(1) Currency Fluctuation Risk for Shareholders Holding the Company’s Shares on the SGX-ST The Company’s shares traded on the SGX-ST are denominated in Singapore Dollars, while dividends, if any, will be paid in Thai Baht. Shareholders who hold shares traded on the SGX-ST, therefore, bear currency risk arising from fluctuations of Singapore Dollars against Thai Baht.

Risk Mitigation Plan

In paying dividends to our shareholders of shares traded on the SGX-ST, the Company will set the convertible rate from Thai Baht to Singapore Dollars on the day nearest to the date of dividend payment to minimize the currency fluctuation risk.

Note: There are some risks that may be unknown to the Company and other risks that the Company currently considers to be immaterial. These risks could have an impact upon the operations of the Company in the future.

Risk Prioritize and Monitoring Change

Risk Prioritize and Monitoring Change

Risk factors Affect to Sri Trang Group

1
Natural Rubber Price Volatility
2
Discrepancy between Growth in Demand for Natural Rubber and Expectations
3
Operations and Investments Abroad
4
Dependence upon Services of Key Management
5
Factories or Production Disruption
6
Information Technology Risk
7
Exchange Rate Volatility
8
Illegal and Corruption Risk Areas
9
Government Intervention
10
Water Management and Wastewater Treatment
11
Energy Management and Alternative Energy
12
Climate Change Risks and Regulations, Standards, and Sustainability Goals
13
Business Operations affect Community and Society
14
Supply Chain Management
Emerging Risk
15
Disruptive from Technology and Artificial Intelligence Risk
16
Geopolitical Risks and Unrest in Border Areas
Investment Risk
17
Investment and Project Risk
18
Currency Fluctuation Risk for Shareholders Holding the Company’s Shares on the SGX-ST

Sensitivity Analysis Summary

Sri Trang Agro-Industry Public Company Limited has monitored fluctuated situations that have a significant impact on business performance and provided the business sensitivity analysis by considering external factors, both financial and non-financial, through a model to assess the negative result from the variable factors to analyze and establish a strategic plan to cope with regular monitoring and review of the situation and related factors.

Sensitivity Analysis Summary

Tax Management

The Company recognizes that taxes play a vital role in promoting and supporting business competitiveness, as well as driving economic and social impacts and national development. Consequently, the Company upholds its tax responsibilities and ensures accurate tax payments in full compliance with the law.

Tax Policy

Tax Policy

Cybersecurity and Data Privacy

Sri Trang Group, led by Sri Trang Agro-Industry Public Company Limited (STA), Sri Trang Gloves (Thailand) Public Company Limited (STGT) , recognizes the importance of protecting data and information technology systems from cyber threats and is committed to operating in accordance with international standards and relevant laws to ensure that the data of customers, business partners, shareholders, employees and all stakeholder groups is protected in accordance with the principles of Confidentiality, Integrity and Availability. However, Sri Trang Group is committed to continuously developing and reviewing its policies to respond to evolving technological threats and legal changes, while fostering a culture of security.

Management Guidelines

  1. Policy and Governance Framework

    • Establish an Information Technology Policy (IT Policy), Information Security Management System Policy, Cybersecurity Policy and Data Privacy Policy covering all departments and conduct annual policy reviews. Further details of these policies can be found on the Company’s website. (https://www.sritranggroup.com/en/home)
    • Comply with international standards such as ISO/IEC 27001, NIST Cybersecurity Framework and the Personal Data Protection Act B.E. 2562 or PDPA Act)
    • Establish a Cybersecurity Working Committee reporting to the Board of Directors and senior management

  2. Risk Management

    • Conduct regular assessments of cybersecurity and personal data risks
    • Perform Vulnerability Assessment and Penetration Testing at least once annually
    • Develop an Incident Response Plan to address adverse events

  3. Control and Prevention Measures

    • Implement Firewall systems and Multi-Factor Authentication (MFA)
    • Encrypt critical data (Data Encryption) and implement Access Control
    • Establish data backup systems, Disaster Recovery Plan (DR) and Business Continuity Plan (BCP)

  4. Awareness Building

    • Conduct Cybersecurity Awareness training for executives and employees at all levels
    • Implement Phishing Simulation programs and ongoing educational campaigns
    • Organize continuous internal awareness campaigns, such as disseminating infographics, articles and educational materials on secure information technology usage, to build awareness in daily work activities and promote a sustainable organizational culture of information security

  5. Legal Compliance

    • Comply with the PDPA and related laws
    • Provide channels for data subjects to exercise their rights, such as requesting access, correction, or deletion of data

Management Structure

The Company has established a management structure related to cybersecurity and personal data protection, with dedicated departments and committees overseeing these matters, including:

  1. Information Technology Department of Sri Trang Group and Affiliated Companies to oversee information security within the organization. The structure comprises the Board of Directors, executives or persons delegated by the Board of Directors, and specialized information technology personnel in various areas, with the following roles and responsibilities:

    1. Executive Commitment to Information Security in supporting organizational security through providing strategic direction, governance, leading by example, and establishing clear roles and responsibilities. Executives shall adhere to the following practices:

      • Establish clear security objectives aligned with the Company's management policies
      • Oversee security effectiveness through regular reviews of security policies and actual operational performance
      • Provide support for resources used in security management, including personnel involved in operations
      • Support the promotion, education, and delivery of security awareness training for employees and relevant stakeholders

    2. Coordination of Information Security within the Organization, with the following key areas:

      • Coordinate to ensure compliance with laws, regulations, practices, and Company policies
      • Coordinate to facilitate risk assessment and risk management
      • Coordinate to promote security awareness

    3. Assignment of Information Security Roles and Responsibilities establish an information security management system, define asset protection measures and ensure data owners’ participation in safeguarding their own assets.

    4. Approval of Process for Information Technology Systems Usage designate directors, executives, or persons delegated by directors to approve the use of computers, portable computers and network equipment to verify compliance with laws, regulations, practices and Company policies before actual deployment.

    5. Non-Disclosure Agreements comply with relevant security policies regarding confidentiality to prevent information leakage to unauthorized parties, including cooperation in investigating activities in case of suspicion/complaints.

    6. Contact with Government Agencies maintain a list of government agencies with authority to oversee information security, including law enforcement agencies, regulatory bodies, data service providers and telecommunications service providers, with regular reviews and updates to ensure current information.

    7. Contact with Security Experts maintain a list and subscribe to security alert notifications from security experts to receive alerts on discovered vulnerabilities, technologies and security best practices.

    8. Independent Security Review (Third Party)

  2. Business Continuity Management (BCM) Working Committee to ensure the Company's business continuity management is conducted systematically, efficiently and effectively, encompassing cybersecurity management and data breach management. The committee shall have a management structure with the following key roles and responsibilities:

    The Board of Directors of STA

Roles and Responsibilities

The Business Continuity Management (BCM Team) structure consists of 3 main components as follows:

  • Steering Committee with the following responsibilities:

    1. Review, determine and approve policies, strategies, business impact analysis results, risk assessment results, plans and allocation of budget and resources necessary for the Company's business continuity management.
    2. Control/oversee/ensure that drills are conducted according to the business continuity management plan.
    3. Support/promote/develop business continuity management communication as a continuous process aligned with the Company's objectives, goals, and culture.
    4. Monitor operations, provide guidance, compile issues and report progress of responsible business units to support continuous business operations.
    5. Oversee and coordinate the implementation of the Business Continuity Plan (BCP) for subordinate departments and resolve business continuity issues.
    6. Compile problems and issues requiring decisions for presentation to the Crisis Management Team (CMT) to address emergency response issues and ensure business continuity.
    7. Report on the situation to the Board of Directors and Crisis Management Team (CMT).
    8. Support the preparation of information for internal and external organizational communication.
    9. Clarify, provide information and conduct communication both internally and externally.
    10. Appoint and define the roles and responsibilities of the Business Continuity Management Working Committee.

  • Working Team has the following responsibilities:

    1. Present draft policies and business continuity management guidelines to the Business Continuity Management Committee.
    2. Develop draft business continuity management strategies for presentation to the Business Continuity Management Committee.
    3. Establish the Maximum Tolerable Period of Disruption (MTPD) and Recovery Time Objective (RTO) for presentation to the Business Continuity Management Committee.
    4. Develop draft business continuity management plans for presentation to the Business Continuity Management Committee.
    5. Control/oversee/ensure that the business continuity management plan aligns with the Company's objectives, goals and culture.
    6. Conduct business impact analysis and assess risks to critical resources, including preparing risk management plans for presentation to the Business Continuity Management Committee.
    7. Conduct regular business continuity management plan drills under various scenarios.
    8. Prepare reports on problems and obstacles to provide information for improving and revising the business continuity management plan and report to the Business Continuity Management Committee.
    9. Organize meetings to review business continuity management system performance at least once annually.

  • Information Technology System Recovery Team

    Responsible for managing incidents affecting systems and system recovery, including equipment and system networks and implementing troubleshooting and recovery to restore equipment to operational.

Cybersecurity

Performance Results for 2025

Number of Penetration Tests

100%

coverage of critical systems

Cybersecurity Awareness

98.00%

of all employees involved with information systems

Cybersecurity Incident Response Time

within 24h

Data Breach Incidents

0

cases

Personal Data Protection

The Company places great importance on protecting the personal data of all stakeholder groups, considering it one of its sustainability commitments aimed at building trust and security in conducting business with transparency and good governance.

Personal Data Protection Policy

The Company has established a Personal Data Protection Policy covering stakeholder groups including external individuals, employees, directors, shareholders, application users, GPS-registered rubber sellers and individuals in areas where closed-circuit television (CCTV) is installed. This policy complies with the Personal Data Protection Act B.E. 2562 and international best practices.

(The aforementioned related policies can be reviewed in further detail on the Company's website.)

https://www.sritranggroup.com/en/privacy-notice

Target

1. Cybersecurity of Personal Data

TARGET FOR FY2025

The Company aims to maintain the security of personal data with zero data breaches.

Performance of FY2025
0
Data Breach Cases

2. Personal Data Protection

TARGET FOR FY2025

The Company is able to fully comply with the requirements of the Personal Data Protection Act B.E. 2562 (PDPA) at 100%.

Performance of FY2025
100%
PDPA Compliance

Performance Results Over the Past 5 Years (FY2021–FY2025)

01
Cybersecurity Incidents

Over the past five years, the Company has not experienced any cybersecurity incidents impacting personal data and there have been no cases of personal data breaches or notifications of personal data violations submitted through the OneTrust system on the Company’s website.

02
Employee Training on Personal Data Protection

In the year 2025, the Company began requiring all new employees to attend a personal data protection orientation course on their first day of work.

For existing employees, the Company has implemented a self-learning training program entitled: “PDPA Compliance & Risk Management for Employees”.

03
PDPA Knowledge Sharing

The Company continuously disseminates and shares knowledge on PDPA through various internal communication channels, including the Company’s internal email system, the Company’s LINE Official Account, and the Company’s online platforms (such as Facebook). Additionally, all published materials are archived on the Company’s intranet, allowing employees to access and review them at any time.

Actions Taken in the Event of Personal Data Breach or Leakage

The Company places the highest priority on protecting the personal data of customers, employees, business partners and all stakeholder groups by strictly complying with PDPA Act to ensure that personal data is securely stored and used in a safe, transparent and fair manner. In the event of a Personal Data Breach incident, the Company has systematically established guidelines and an Incident Response Procedure to effectively control, mitigate and prevent potential impacts.

1. Incident Response Procedure

When a personal data breach or leakage is detected or suspected, the relevant departments will proceed as follows:

  • Verification and Confirmation of the Incident: The information security team and Data Protection Officer (DPO) will collect information, analyze the cause, and confirm the scope of the incident.
  • Notification to Management and Relevant Working Teams: Within 24 hours from the time of detection to enable timely response actions.
  • Notification to the Personal Data Protection Committee Office (PDPC): If the incident may pose a risk to the rights and freedoms of data subjects, notification will be made to the PDPC within 72 hours in accordance with PDPA requirements.
  • Notification to Personal Data Subjects: In cases where the breach may cause significant damage, data subjects will be notified of the nature of the breach and self-protection guidelines.

2. Impact Assessment

Following initial incident containment, the Company will conduct an impact assessment by considering the following issues:

  • Type and volume of personal data affected
  • Potential impacts on data subjects, such as data loss, unauthorized access, or misuse of data
  • Severity of the incident and risks to organizational reputation or trust

Assessment results will be used to establish corrective and preventive measures to avoid recurrence in the future.

3. Mitigation Measures and Recurrence Prevention

The Company has established measures to reduce impact and prevent similar incidents as follows:

  • Close system vulnerabilities and enhance information technology security measures
  • Implement immediate password changes or restrict data access rights upon risk detection
  • Provide support to affected data subjects, such as guidance on protecting their data
  • Prepare a Post-Incident Report summarizing the incident and lessons learned for internal improvement
  • Conduct continuous training and awareness-building for employees to strengthen the organizational culture of personal data protection

Contact Channels

Data Protection Officer: DPO

Sri Trang Agro-Industry Public Company Limited, Sri Trang Gloves (Thailand) Public Company Limited, and their affiliated companies:

No. 57, Park Venture Ecoplex, Unit 1701, 1707-1712, 17th Floor, Wireless Road, Lumpini, Pathumwan, Bangkok, 10330

Email: dpo@sritranggroup.com

Telephone number: +662 207 4500

Reporting Personal Data Breach Incidents:

https://privacyportal-apac.onetrust.com/incident-portal/webforms/6229a9f5-fb7d-4e19-b874-81875130ce1f/68b27ad4-5b95-46d0-a914-a7d08b78061b

Business Overview and Economic Performance

Business Overview and Economic Performance

Business Overview and Economic Performance 2