Risk & Crisis Management

The Company is committed to enhancing proactive risk and crisis management through an operational framework aligned with international standards and ESG best practices. This approach aims to strengthen confidence among all stakeholder groups by integrating globally recognized risk management principles and embedding risk awareness as part of the corporate culture. Through effective risk governance, the Company seeks to create added value, enhance adaptability to change, deliver sustainable outcomes for all stakeholder groups, and support the Company’s sustainable growth over the long term.

Key Stakeholders Affected

Customers

Employees

Business Partners

Shareholders / Institutional Investors

Creditors (Financial Institutions)

Government Agencies

Communities / Society

Stakeholder Impact

The Company places strong emphasis on risk management by considering the needs and expectations of all stakeholder groups in risk identification and assessment. This approach enhances the effectiveness of risk management and enables the Company to address relevant risks in a targeted manner. Effective risk management enhances service continuity and confidence among customers, supports a safe and motivating work environment for employees, and strengthens job security. It also builds trust among shareholders and investors by reducing risks that may affect financial performance and investment value, while maintaining strong relationships with business partners and suppliers. Furthermore, it helps mitigate potential impacts on communities and the environment and fosters confidence among financial institutions and regulatory authorities. As such, effective risk management serves as a key foundation for building trust and long-term sustainability for all stakeholder groups.

Business Impact

Risk management is a critical factor in achieving sustainable business operations. Effective risk management reduces performance uncertainty and enables the Company to manage potential risks efficiently, ensuring business continuity and the achievement of both short- and long-term objectives. It also strengthens organizational resilience, enhances value creation, and supports the Company’s sustainable growth in the long term.

Management Approach Risk Management Structure

The Company has established a clear and systematic risk management structure to support good corporate governance and sustainable business operations. The Company has appointed an Enterprise Risk Management (ERM) Working Group comprising senior executives, as well as a Risk Management Committee consisting of Company directors. The Risk Management Committee is responsible for defining risk management policies and frameworks, overseeing and supporting risk management activities to ensure alignment with the Company’s strategy and objectives, driving tangible outcomes, and promoting risk management as an integral part of the corporate culture at all levels to enhance comprehensive and effective risk management. In addition, the Company has established a Risk Management Implementation Working Group, a subcommittee composed of Risk Coordinators from each department. This group is responsible for analyzing, assessing, managing, and regularly reporting departmental and enterprise-level risks. The Risk Management Function serves as the secretary to the Risk Management Committee, the ERM Working Group, and the Risk Management Implementation Working Group, and provides ongoing support for the Company’s risk management activities. The Risk Management Committee regularly reports risk status, analysis, assessment, and mitigation measures to the Board of Directors and the Audit Committee to ensure that risk management objectives are achieved effectively and sustainably in both the short and long term.

1. PTG Risk Management Process

Principles and Approach to Risk Prevention

The Company places strong emphasis on proactive risk prevention by integrating risk considerations into decision-making, planning, and operational processes across all business units, including both oil and non-oil businesses. The Company adopts the COSO Enterprise Risk Management framework, an internationally recognized standard, to support business continuity and sustainable operations. Risks are identified and assessed based on both internal and external factors, stakeholder expectations, applicable laws and regulations, and material sustainability issues. Appropriate risk mitigation measures are then defined and implemented accordingly. In addition, the Company promotes risk awareness among management and employees at all levels by embedding risk management into daily operations and strengthening transparent and robust internal controls. These efforts aim to maintain risks within acceptable levels, reduce the likelihood and impact of potential risks, and support the Company’s stable and sustainable growth over the long term.

Measures to Improve Risk Management Practices

PTG has implemented risk management measures that primarily cover structured response processes. Feedback, recommendations, and comments from the Board of Directors or management regarding risks identified during the risk management reporting process are communicated to the risk managers / risk owners and relevant parties for further action.

In addition, PTG conducts a “functional risk criteria review process”, which addresses deviations in risk levels and promotes employee participation in continuously improving risk management practices across the organization.

Internal Control Mechanisms and Risk Monitoring

The Company regularly reviews and assesses enterprise risks at least once a year, with additional reviews conducted when significant changes affecting business operations occur or when material events arise. The risk assessment covers strategic, operational, financial, legal, and ESG-related risks to ensure that risks are managed and responded to appropriately and in a timely manner.

The Company has established standardized internal control systems and risk management processes to serve as a common framework for all employees to follow and actively participate in risk management practices. Each business unit is required to recognize operational risks and is responsible for identifying, assessing, managing, and continuously monitoring and reporting risks within its respective processes. Risk management performance at both the enterprise and business unit levels is monitored and reported to the Enterprise Risk Management Working Group and the Risk Management Committee at least on a quarterly basis. This enables effective oversight and supports the achievement of the Company’s risk management objectives. In addition, risk management reports are regularly submitted to the Board of Directors and the Audit Committee to ensure transparent and effective governance. The Company continuously reviews and enhances its risk management processes to align with the COSO Enterprise Risk Management framework and the evolving business environment. Furthermore, the Company undergoes an annual external audit to validate the adequacy and effectiveness of its internal controls and risk management processes in supporting sustainable organizational growth.

Risk Management in New Product and Service Development

The Company integrates risk management into the planning and investment consideration processes for new projects. Each new investment project is required to undergo risk analysis and assessment, along with the preparation of a project risk management plan. The risk assessment results for new investment projects are presented to the Executive Committee, the Company-level Investment Committee, and the Board of Directors to support informed decision-making. In addition, risk considerations are incorporated into the development of operational processes and new products, with relevant executives and committees evaluating associated risks as part of the approval process.

For branch expansion and the development of new services, the Company has established governance mechanisms through dedicated committees and working groups. For example, a New Service Station Opening Committee is appointed to assess investment feasibility, site acquisition information, compliance with applicable laws and regulations, and project implementation progress. The committee also regularly reviews risks related to branch expansion and new service development, and uses the assessment results to continuously review and improve action plans. These practices help mitigate risks and ensure that decision-making is prudent, transparent, and aligned with the Company’s strategic objectives, thereby supporting efficient and sustainable business expansion.

Environmental, Social, and Governance (ESG) Risk

The Company recognizes and places importance on the potential impacts arising from its operations across the environmental, social, and governance (ESG) dimensions, which may affect future business operations, stakeholder confidence, and long-term sustainable value creation. The Board of Directors has therefore assigned the Risk Management Committee to oversee and manage sustainability-related risks (ESG Risk), integrating them systematically into the Company’s Enterprise Risk Management (ERM) framework. The Company conducts risk identification and assessment processes, and establishes mitigation measures, action plans, and relevant projects to address potential impacts arising from such risks in the short, medium, and long term, as follows:

1. Risk of potential environmental impacts

Risk Categories	Impacts	Measures
Operational and Compliance Risk	The Company’s business operations may involve certain activities that generate environmental impacts, particularly greenhouse gas (GHG) emissions arising from operational processes. These include activities such as oil terminal operations and fuel transportation, which are sources of carbon dioxide emissions contributing to climate change and global warming. If the Company is unable to effectively manage and control its greenhouse gas emissions, this may adversely affect its corporate image, credibility, and the confidence and expectations of stakeholders in the long term. Furthermore, greenhouse gas emissions that exceed regulatory thresholds or government requirements may result in additional cost burdens, such as carbon tax obligations or other environmental measures. These could increase operating expenses and negatively impact the Company’s financial position.	The Company is committed to reducing greenhouse gas (GHG) emissions to mitigate the impacts of climate change. It has established a climate change management strategy aligned with the National Energy Plan and the country’s clean energy targets, and has set a goal to achieve Carbon Neutrality by 2030. The Company has established policies on quality, security, safety, occupational health, and environmental management. These policies are communicated to employees at all levels, as well as to stakeholders, to serve as operational guidelines. The Company has implemented an integrated palm oil project to promote the use of renewable energy and support environmentally friendly business practices. The Company has developed Inno-Green Stations, which have received the Platinum-level Inno-Green Station Award from the Thailand Environment Institute (TEI). Key initiatives include wastewater quality improvement, expansion of green spaces within service stations, installation of solar rooftops, and energy savings through air-conditioning control systems. In addition, equipment inspections and maintenance are conducted regularly, and employees participate in routine emergency response drills organized by the Safety and Environment Department. The Company has implemented solar rooftop projects at service stations to generate electricity for on-site consumption, promote clean and renewable energy use, and reduce electricity costs. The Company has set a target to reduce electricity consumption by 10% compared to the previous year, thereby lowering GHG emissions and addressing risks associated with rising temperatures due to global warming. This project has been registered under Thailand’s Voluntary Emission Reduction Program (T-VER) with the Thailand Greenhouse Gas Management Organization (TGO) for 138 oil and LPG service stations. The Company has introduced a tire retreading program for truck tractors and trailers to enhance tire utilization efficiency, reduce waste from used tires, and decrease the demand for new tires. Vapor Recovery Units (VRUs) have been installed at oil depots, service stations, and fuel transportation vehicles in regulated areas to control fuel vapor emissions. The Company has obtained ISO 14001:2015 (Environmental Management System) and ISO 45001:2018 (Occupational Health and Safety Management System) certifications for oil depots nationwide. The Company has developed an action plan to calculate and report its Carbon Footprint for Organization (CFO). It has received certification from the Thailand Greenhouse Gas Management Organization (TGO) covering its headquarters, oil depots, transportation fleet, and service stations. The Company conducts climate-related risk assessments in accordance with the Task Force on Climate-related Financial Disclosures (TCFD) framework and integrates climate risk management into its enterprise risk management processes. The Company operates waste management and clean energy generation businesses, including waste sorting systems for Refuse-Derived Fuel (RDF) production, waste-to-energy power plants, and the production of soil conditioners from organic waste generated through waste separation systems. The Company is actively exploring investment opportunities in new businesses that help mitigate GHG emissions. It has implemented various initiatives to reduce emissions and support sustainability and carbon credit offset projects, such as EV charging station installations in collaboration with the Electricity Generating Authority of Thailand (EGAT), the use of biodiesel for transportation fleets, recycling programs, sustainable coffee and economic crop cultivation projects, and mangrove reforestation for carbon credit generation. The Company has implemented a Sustainable Rice Project to offset carbon credits and reduce environmental impacts. The project has been registered under the Premium T-VER standard by the Thailand Greenhouse Gas Management Organization (TGO). The Company has received Green Office certification and Inno-Green Station certification from the Thailand Environment Institute (TEI).
Risk Appetite: Conduct business operations with due consideration for quality, safety, social and environmental impacts, while driving the organization toward its Carbon Neutrality goal.

Risk Categories

Impacts

Measures

Operational and Compliance Risk

The Company’s business operations may involve certain activities that generate environmental impacts, particularly greenhouse gas (GHG) emissions arising from operational processes. These include activities such as oil terminal operations and fuel transportation, which are sources of carbon dioxide emissions contributing to climate change and global warming.

If the Company is unable to effectively manage and control its greenhouse gas emissions, this may adversely affect its corporate image, credibility, and the confidence and expectations of stakeholders in the long term. Furthermore, greenhouse gas emissions that exceed regulatory thresholds or government requirements may result in additional cost burdens, such as carbon tax obligations or other environmental measures. These could increase operating expenses and negatively impact the Company’s financial position.

The Company is committed to reducing greenhouse gas (GHG) emissions to mitigate the impacts of climate change. It has established a climate change management strategy aligned with the National Energy Plan and the country’s clean energy targets, and has set a goal to achieve Carbon Neutrality by 2030.
The Company has established policies on quality, security, safety, occupational health, and environmental management. These policies are communicated to employees at all levels, as well as to stakeholders, to serve as operational guidelines.
The Company has implemented an integrated palm oil project to promote the use of renewable energy and support environmentally friendly business practices.
The Company has developed Inno-Green Stations, which have received the Platinum-level Inno-Green Station Award from the Thailand Environment Institute (TEI). Key initiatives include wastewater quality improvement, expansion of green spaces within service stations, installation of solar rooftops, and energy savings through air-conditioning control systems. In addition, equipment inspections and maintenance are conducted regularly, and employees participate in routine emergency response drills organized by the Safety and Environment Department.
The Company has implemented solar rooftop projects at service stations to generate electricity for on-site consumption, promote clean and renewable energy use, and reduce electricity costs. The Company has set a target to reduce electricity consumption by 10% compared to the previous year, thereby lowering GHG emissions and addressing risks associated with rising temperatures due to global warming. This project has been registered under Thailand’s Voluntary Emission Reduction Program (T-VER) with the Thailand Greenhouse Gas Management Organization (TGO) for 138 oil and LPG service stations.
The Company has introduced a tire retreading program for truck tractors and trailers to enhance tire utilization efficiency, reduce waste from used tires, and decrease the demand for new tires.
Vapor Recovery Units (VRUs) have been installed at oil depots, service stations, and fuel transportation vehicles in regulated areas to control fuel vapor emissions.
The Company has obtained ISO 14001:2015 (Environmental Management System) and ISO 45001:2018 (Occupational Health and Safety Management System) certifications for oil depots nationwide.
The Company has developed an action plan to calculate and report its Carbon Footprint for Organization (CFO). It has received certification from the Thailand Greenhouse Gas Management Organization (TGO) covering its headquarters, oil depots, transportation fleet, and service stations.
The Company conducts climate-related risk assessments in accordance with the Task Force on Climate-related Financial Disclosures (TCFD) framework and integrates climate risk management into its enterprise risk management processes.
The Company operates waste management and clean energy generation businesses, including waste sorting systems for Refuse-Derived Fuel (RDF) production, waste-to-energy power plants, and the production of soil conditioners from organic waste generated through waste separation systems.
The Company is actively exploring investment opportunities in new businesses that help mitigate GHG emissions. It has implemented various initiatives to reduce emissions and support sustainability and carbon credit offset projects, such as EV charging station installations in collaboration with the Electricity Generating Authority of Thailand (EGAT), the use of biodiesel for transportation fleets, recycling programs, sustainable coffee and economic crop cultivation projects, and mangrove reforestation for carbon credit generation.
The Company has implemented a Sustainable Rice Project to offset carbon credits and reduce environmental impacts. The project has been registered under the Premium T-VER standard by the Thailand Greenhouse Gas Management Organization (TGO).
The Company has received Green Office certification and Inno-Green Station certification from the Thailand Environment Institute (TEI).

Risk Appetite:
Conduct business operations with due consideration for quality, safety, social and environmental impacts, while driving the organization toward its Carbon Neutrality goal.

2. Risk arising from business operations that may cause impacts on communities and society

Risk Categories	Impacts	Measures
Operational Risk	The Company operates in the energy business, specifically in fuel oil and LPG, with primary consideration given to the safety of communities, society, and the environment. The Company regularly assesses risks and potential impacts arising from changes in both external and internal environments in order to improve operational processes and develop additional mitigation plans. It has also continuously enhanced and upgraded its safety and environmental standards. However, if employees perform their duties negligently, accidents such as leaks, explosions, or fires may occur. Such incidents could result in damage to life and property in communities near operational sites and may significantly affect the Company’s reputation, financial position, and operating results.	The Company has strengthened its safety management by implementing critical risk control systems, including hazard awareness activities (Kiken Yochi Training), the establishment of Key Risk Indicators (KRIs) to monitor and provide early warnings for critical control activities, and the adoption of a Behavior-Based Safety (BBS) system to reduce unsafe behaviors among employees. To ensure that employees, as well as relevant internal and external supporting agencies, are well prepared for all types of potential emergencies, the Company places great importance on conducting regular annual emergency drills on a continuous basis. In transportation safety, the Company has implemented safety systems for fuel transport operations, including defensive driving training programs to enhance drivers’ competencies, the installation of GPS systems with risk-point alerts to monitor travel data, and CCTV cameras in fuel tanker trucks to assess driving behavior. The recorded data is also used for training and lessons learned for new drivers. Regarding safety at fuel and LPG service stations, the Company has developed operational manuals and incident prevention and response guidelines for station staff, along with conducting annual emergency response drills on a regular basis. For oil depot safety, employees are briefed on rules and safety measures before entering flammable areas. Access to operational areas is strictly restricted to authorized personnel only. Bringing any items that may cause sparks into operational areas is strictly prohibited. Preventive and corrective measures have also been established to address potential oil spills into rivers for depots capable of receiving oil via waterways. The Company regularly reviews and tests emergency response plans for oil depots, such as oil spill response plans and chemical spill response plans. Emergency drills are also conducted for fire incidents at EV charging stations. In addition, preparedness plans for high-rise buildings and annual fire evacuation drills are conducted at the Company’s headquarters. The Company continuously engages with nearby communities surrounding its oil depots by fostering understanding, listening to feedback, and maintaining positive relationships on a regular basis. The Company has established a corporate social responsibility (CSR) strategy to strengthen engagement with surrounding communities through initiatives that create shared value and promote community well-being. The Company’s social development initiatives consist of three key pillars: Quality of Life Development – including scholarship programs and community income-generating projects. Support for an Aging Society – including the “Community Clear Vision” initiative (eyeglasses donations for the elderly) and career support programs for senior citizens. Environmentally Conscious Living – including tree-planting initiatives and organic waste segregation campaigns to reduce global waste. These three pillars are implemented under the “PT Volunteer Camp” framework. The Company has continuously carried out these initiatives to create growth opportunities with partners and communities nationwide, while supporting the well-being of surrounding communities. In 2025, the Company’s CSR initiatives achieved an average community satisfaction score exceeding the target of 80%, marking another key success in maintaining strong community relationships and support, with a positive trend expected to continue in the long term.
Risk Appetite: Conduct business operations in accordance with established standards without causing adverse impacts on society, while prioritizing quality, safety, and social responsibility.

3. Risk arising from compliance with laws, regulations, rules, and policies related to business operations

Risk Categories	Impacts	Measures
Compliance Risk	The Company’s business operations may face risks arising from non-compliance or incomplete compliance with applicable laws, regulations, rules, and policies. Such risks may result from the complexity of legal provisions, ongoing changes in legislation, misinterpretation, or the enforcement of new laws and requirements. Examples include the Personal Data Protection Act, B.E. 2562 (A.D. 2019) (PDPA), Environmental, Social, and Governance (ESG) policies, as well as greenhouse gas emission control measures under international frameworks (COP26–27). These factors may lead to non-compliant operations and could adversely affect the Company financially and operationally, as well as impact its credibility and corporate reputation. Failure to properly manage and oversee such risks may result in legal penalties, including fines, suspension, or revocation of business licenses.	The Company places great importance on complying with all applicable laws, rules, and regulations to ensure that its operations are lawful, reliable, transparent, and fair to all stakeholders. It regularly analyzes and monitors government policies, laws, and regulatory requirements that may impact the Company, and develops action plans to address such changes. New laws and regulations affecting the Company’s operations are communicated to relevant departments through various channels. The Company also actively participates in meetings and seminars with government agencies to provide input and closely monitor regulatory developments. A Compliance Working Committee has been appointed to oversee compliance with applicable laws and regulations. In addition, a dedicated Compliance Function has been established to be specifically responsible for the Company’s overall compliance management. The roles, responsibilities, and structure of the Compliance unit are clearly defined to ensure its independence in oversight. A formal compliance charter, policies, and operating procedures have been established in writing to support the Company’s adherence to relevant laws and regulations. Compliance Charts and Compliance Checklists have been developed to assess legal compliance across the Group. Legal and contractual compliance assessments are also conducted, particularly for laws related to safety, occupational health, and environmental operations. Legal Updates are regularly prepared to communicate relevant developments and raise awareness among employees. Training sessions are also conducted on key laws that significantly impact the Company’s business operations. To ensure lawful operations and proper management of personal data collected by the Company in accordance with applicable laws, the Company has implemented measures to comply with the Personal Data Protection Act (PDPA) and its subordinate regulations, as follows: Appointment of a Data Protection Officer (DPO) and establishment of a Personal Data Protection Office to define measures, provide guidance, supervise, and audit the Company’s operations to ensure compliance with the PDPA. This helps assure data subjects of the integrity of the Company’s data management processes. Preparation and regular review of Company policies, documentation, and legal instruments to ensure compliance with PDPA requirements, including the Personal Data Protection Policy and Privacy Notice. Development of information technology systems to prevent data leakage and strengthen data security. Establishment of operational guidelines to ensure compliance with the PDPA. Preparation and annual review of the Record of Processing Activities (ROPA) to ensure that personal data remains accurate, up to date, complete, and not misleading. Conducting Risk Assessments and Data Protection Impact Assessments (DPIA), and implementing appropriate measures to prevent personal data breaches for each activity involving personal data processing. The Personal Data Protection Office conducts on-site surveys of personal data collection, use, and disclosure activities at service stations and oil depots, and provides training, guidance, and knowledge assessments regarding PDPA compliance. Training programs and educational materials on the PDPA are provided to enhance employees’ knowledge and understanding, and to promote awareness and compliance with data protection laws throughout the organization.
Risk Appetite: Operate in full compliance with applicable laws, regulations, requirements, and business standards, and conduct business with transparency and accountability.

Risk Categories

Impacts

Measures

Compliance Risk

The Company’s business operations may face risks arising from non-compliance or incomplete compliance with applicable laws, regulations, rules, and policies. Such risks may result from the complexity of legal provisions, ongoing changes in legislation, misinterpretation, or the enforcement of new laws and requirements. Examples include the Personal Data Protection Act, B.E. 2562 (A.D. 2019) (PDPA), Environmental, Social, and Governance (ESG) policies, as well as greenhouse gas emission control measures under international frameworks (COP26–27). These factors may lead to non-compliant operations and could adversely affect the Company financially and operationally, as well as impact its credibility and corporate reputation.

Failure to properly manage and oversee such risks may result in legal penalties, including fines, suspension, or revocation of business licenses.

The Company places great importance on complying with all applicable laws, rules, and regulations to ensure that its operations are lawful, reliable, transparent, and fair to all stakeholders. It regularly analyzes and monitors government policies, laws, and regulatory requirements that may impact the Company, and develops action plans to address such changes. New laws and regulations affecting the Company’s operations are communicated to relevant departments through various channels. The Company also actively participates in meetings and seminars with government agencies to provide input and closely monitor regulatory developments.
A Compliance Working Committee has been appointed to oversee compliance with applicable laws and regulations. In addition, a dedicated Compliance Function has been established to be specifically responsible for the Company’s overall compliance management. The roles, responsibilities, and structure of the Compliance unit are clearly defined to ensure its independence in oversight. A formal compliance charter, policies, and operating procedures have been established in writing to support the Company’s adherence to relevant laws and regulations.
Compliance Charts and Compliance Checklists have been developed to assess legal compliance across the Group. Legal and contractual compliance assessments are also conducted, particularly for laws related to safety, occupational health, and environmental operations.
Legal Updates are regularly prepared to communicate relevant developments and raise awareness among employees. Training sessions are also conducted on key laws that significantly impact the Company’s business operations.
To ensure lawful operations and proper management of personal data collected by the Company in accordance with applicable laws, the Company has implemented measures to comply with the Personal Data Protection Act (PDPA) and its subordinate regulations, as follows:
Appointment of a Data Protection Officer (DPO) and establishment of a Personal Data Protection Office to define measures, provide guidance, supervise, and audit the Company’s operations to ensure compliance with the PDPA. This helps assure data subjects of the integrity of the Company’s data management processes.
Preparation and regular review of Company policies, documentation, and legal instruments to ensure compliance with PDPA requirements, including the Personal Data Protection Policy and Privacy Notice.
Development of information technology systems to prevent data leakage and strengthen data security.
Establishment of operational guidelines to ensure compliance with the PDPA.
Preparation and annual review of the Record of Processing Activities (ROPA) to ensure that personal data remains accurate, up to date, complete, and not misleading.
Conducting Risk Assessments and Data Protection Impact Assessments (DPIA), and implementing appropriate measures to prevent personal data breaches for each activity involving personal data processing.
The Personal Data Protection Office conducts on-site surveys of personal data collection, use, and disclosure activities at service stations and oil depots, and provides training, guidance, and knowledge assessments regarding PDPA compliance.
Training programs and educational materials on the PDPA are provided to enhance employees’ knowledge and understanding, and to promote awareness and compliance with data protection laws throughout the organization.

Risk Appetite:
Operate in full compliance with applicable laws, regulations, requirements, and business standards, and conduct business with transparency and accountability.

Corruption Risk (CAC)

The Company recognizes the risk of corruption that may arise from its business operations. It therefore conducts risk assessments, establishes preventive and control measures, and regularly monitors and reviews such risks to promote transparent, fair, and good governance practices. The Company emphasizes corruption risk assessments across its entire supply chain, covering business units whose duties or activities may involve interactions with government agencies. Operational activities that may pose risks related to the offering or receiving of benefits, potentially leading to corruption, are identified and assessed. Each risk is evaluated based on its likelihood and impact, with appropriate risk mitigation measures implemented accordingly. Additionally, corruption risks are reviewed on a regular basis.

In 2025, the Company completed corruption risk assessments for 100% of its internal business units subject to such evaluation and 93% of its subsidiaries required to undergo corruption risk assessment. The assessment results identified no material corruption risks. The Company continues to strictly implement its anti-corruption measures to strengthen transparency and ethical business conduct. In addition, the Company has been certified for the third consecutive term under Thailand’s Private Sector Collective Action Coalition Against Corruption (CAC), endorsed by the Thai Institute of Directors Association (IOD).

1. Emerging Risks

The Company places great importance on identifying and assessing emerging risks to remain responsive to continuously evolving business challenges. Such risks may potentially affect the Company’s competitiveness, financial position, operating performance, and stakeholder confidence in the future. To manage emerging risks—factors that may not yet have occurred or for which limited information is available—the Company continuously monitors signals of change across political, economic, social, environmental, legal, technological, and global trend dimensions. These insights are analyzed to identify and assess potential risks over the short, medium, and long term. This proactive approach enables the Company to implement timely mitigation measures, minimize potential future impacts, and identify new opportunities to drive business growth amid an ever-changing environment.

1. Global Geopolitical Uncertainty RiskMedium-term Risk

Categories:	Strategic Risk Operational Risk Financial Risk
Duration:	Medium-term Risk
Description:	Prolonged and intensifying geopolitical tensions and conflicts around the world, such as the conflicts in the Middle East and between Russia and Ukraine, have significantly affected global peace and international security. At the same time, increasing polarization among major powers, particularly between the United States and China, in both economic and technological spheres has led to the formation of trade blocs and the adoption of protectionist trade policies aimed at safeguarding national interests. In recent years, globalization has further amplified these risks by deepening the interconnections among global economies and societies. These factors have emerged as significant new risk drivers, materially affecting global economic stability and energy security. Unlike normal oil price fluctuations driven by market mechanisms, these risks stem from severe and unpredictable external factors that are becoming increasingly complex. They may lead to uncertainty in global energy supply. Should international conflicts escalate further, resulting in targeted attacks or sanctions on energy and transportation infrastructure in major oil-producing regions, this could cause sudden disruptions in oil production or transportation, as well as broader supply chain disruptions. Such events may lead to oil shortages and sharp spikes in oil prices within a short period, potentially triggering a global energy crisis. These developments underscore that geopolitical conflicts continue to heighten uncertainty for both the global and Thai economies. Businesses must therefore prepare comprehensively for the impacts of geopolitical shifts and enhance their strategic flexibility to respond swiftly to rapid changes. This adaptability is a critical factor in maintaining long-term business stability and sustainability.
Impacts:	If the Company continues to face prolonged global geopolitical conflicts without appropriate mitigation measures, its business operations may be adversely affected in several areas, including cost management, supply chain stability, as well as corporate image and stakeholder confidence, as detailed below: Cost Management: If global petroleum product prices become highly volatile and rise sharply due to geopolitical tensions and conflicts, the Company may face increased cost risks, particularly if it is unable to adjust retail prices in a timely manner or if such adjustments are constrained by government policies. This could negatively impact the Company’s marketing margin. Supply Chain and Procurement (Supply Chain Disruption): Although the Company primarily sources oil domestically, a severe global supply disruption or an international energy crisis could affect the continuity of business operations, including the receipt of products into oil depots and the adequacy of supply distribution to the Company’s service stations. Corporate Image and Stakeholder Confidence: In the event of a significant global supply disruption or energy crisis leading to insufficient fuel supply to meet consumer demand, failure to communicate effectively or implement appropriate response measures could result in stakeholder dissatisfaction, loss of confidence, and reputational damage to the Company.
Management Measures:	The Company recognizes the emerging risks and has proactively prepared to mitigate and manage potential impacts. It has established management approaches to minimize business disruption and maintain corporate stability on an ongoing basis, as follows: The Company closely monitors oil price trends and other factors that may affect its operations. This enables timely situation analysis, impact assessment, and effective cost management planning appropriate to prevailing conditions. The Company has established contingency measures to address potential oil supply disruptions arising from geopolitical conflicts. Operational plans are adjusted in response to changing circumstances, including the use of risk management tools to mitigate oil price volatility, diversification of suppliers and sourcing channels, and comprehensive inventory management to maintain optimal and sufficient stock levels. The Company enhances supply chain responsiveness by regularly updating inventory management plans and communicating them to the logistics team. This enables efficient coordination of transportation, both company-owned fleets and outsourced carriers, to ensure timely and effective product distribution in support of core business operations. The Company has a strategic plan to expand its business portfolio and continuously increase the gross profit contribution from the non-oil segment each year. It focuses on strengthening competitiveness in the non-oil business through continuous product and service development, strategic adjustments aligned with customer needs, and ongoing promotional activities. The Company fosters flexibility and diversification across markets and product offerings, enabling it to manage a multi-business portfolio and adapt strategies promptly to changing conditions. This approach helps sustain sales stability and profitability, even amid market uncertainty.

2. Legal and Carbon Reduction Pressure Risk

Categories:	Strategic Risk Compliance Risk
Duration:	Medium-term Risk
Description:	In response to government policies supporting Thailand’s transition toward net zero carbon emissions, national targets have been established under the National Energy Plan (NEP) and the Power Development Plan (PDP 2024–2037) to reduce greenhouse gas (GHG) emissions in three phases as follows: By 2030: Reduce greenhouse gas emissions by 30–40% from the Business-as-Usual (BAU) level. By 2050: Achieve Carbon Neutrality. By 2065: Achieve Net Zero Greenhouse Gas Emissions. To support these targets, the government has proposed the Climate Change Act of Thailand and related subordinate legislation, which may introduce a carbon pricing mechanism, such as a carbon tax or an Emissions Trading System (ETS) for the energy sector. There is also a possibility that business operators will be required to report greenhouse gas emissions and develop systematic emission reduction plans. Furthermore, stricter policies or regulations than previously anticipated (particularly those related to fossil fuel use) may be enacted. These could include restrictions on fossil fuel consumption in certain areas or vehicle categories, the imposition of emission caps, and increased support for investment in renewable energy and clean technologies, such as Energy Storage Systems (ESS), hydrogen, and electric vehicles (EVs). At the same time, the government continues to promote domestic carbon market mechanisms, such as T-VER. Although currently voluntary, this reflects a potential transition toward mandatory mechanisms in the future. The global trend toward energy transition is also intensifying, driven by international commitments, investor expectations, and shifting consumer preferences toward clean energy and ESG considerations. Even if Thai companies are not direct exporters, international measures, such as the EU’s Carbon Border Adjustment Mechanism (CBAM) or Green Finance Taxonomies in Japan or China, may influence regulatory standards that Thailand will need to adopt. These developments could affect long-term demand for oil and fossil fuels and increase pressure on energy operators to adapt in response to national policies and growing environmental and sustainability expectations.
Impacts:	If the Company generates high levels of carbon dioxide emissions contributing to greenhouse gases without appropriate control or management measures, it may face impacts in several areas, including: Cost Impact: The Company may incur higher management costs from carbon tax measures, compliance with emission disclosure requirements, and increased logistics costs calculated based on carbon emissions. It may also face fines or penalties for non-compliance. Operational Impact: The Company may need to revise strategies and operational plans to align with evolving climate policies. This may lead to increased costs, accelerated investments in clean energy (ESS, hydrogen, EV charging), and additional capital expenditures. Disclosure Risk: Regulatory requirements may mandate more detailed disclosure of greenhouse gas emissions and reduction plans. Reputational Risk: High emissions without mitigation may lead to stakeholder dissatisfaction, loss of confidence, and lower sustainability ratings.
Management Measures:	The Company is committed to reducing carbon dioxide emissions and has established a climate change management strategy aligned with the National Energy Plan, targeting carbon neutrality by 2030. Climate Governance and Risk Management The Company assesses climate-related risks using the TCFD framework and integrates them into its Enterprise Risk Management (ERM) system, ensuring compliance with evolving regulations such as carbon tax measures. New Investments and Strategic Partnerships The Company invests in climate-related businesses and collaborates with partners to develop waste management and waste-to-fuel projects, enhancing sustainability and long-term value. Clean Energy Support The Company participates in T-VER through solar rooftop projects and promotes clean energy adoption, including EV charging stations, biodiesel usage, and recycling initiatives. GHG Reduction and Social Contribution The Company undertakes projects such as mangrove reforestation, sustainable agriculture, and conservation programs to reduce emissions while delivering community benefits. It also enhances ESG awareness through training programs for executives and employees to align strategies with global sustainability trends.

Risk Culture and Awareness Building

Strategies to Promote an Effective Risk Management Culture Across the Organization

The Company is committed to supporting and fostering a strong risk management culture throughout the organization. It continuously enhances the knowledge and understanding of risk management processes and practices among the Board of Directors, executives, and employees. Educational materials and communications containing insights on risk management and key risk factors are regularly prepared and disseminated to employees at all levels. Risk updates are also communicated to executives to keep them informed of emerging and ongoing risk situations. In addition, risk management topics are incorporated into the orientation program for new employees to ensure that awareness and understanding of risk management are established from the start of their employment.

The Risk Management Working Team, comprising representatives from various departments, is responsible for coordinating with the Risk Management Department to cascade risk management policies and processes into operational practice across the organization. The team monitors the implementation of risk management processes within each department, including risk identification, analysis, assessment, mitigation, and reporting. This approach ensures that all departments recognize the risks associated with their operations and integrate risk management into their daily activities. The objective is to instill awareness, accountability, and active participation in risk management at all levels, embedding it into the corporate culture and contributing to value creation for the organization and its stakeholders.

In 2025, the Company conducted risk management training sessions for the Board of Directors (including non-executive directors) and senior executives to enhance their understanding of applying risk management principles to organizational operations. In addition, the Risk Management Department organized its annual training program for the Risk Management Working Team and employees to strengthen their knowledge and understanding of internal risk management practices.

Risk Management Indicators for Executives

In managing enterprise risk, PTG has established Key Risk Indicators (KRIs) to monitor and measure the effectiveness of risk management at the enterprise level. These KRIs include both financial and non-financial indicators.

The financial KRIs are generally aligned with the organization’s performance evaluation metrics and are cascaded to executives at each management level. As a result, financial KRIs are linked to financial incentives, which help drive employees across the organization to prioritize risk management in order to achieve the defined objectives.

For enterprise-level risk management, targets are set to reduce risk exposure based on the metrics used to assess risk levels. The effectiveness of risk mitigation measures is monitored on a quarterly basis or whenever there are significant changes, in order to ensure that risk management remains efficient and effective, and is aligned with the organization’s strategic objectives and goals, covering both financial and non-financial aspects.

Measuring the Effectiveness of Risk Culture

The Company continuously monitors and evaluates the effectiveness of fostering a risk management culture through training programs, engagement of cross-functional risk management working teams, and ongoing monitoring of each department’s risk management performance. This ensures that risk identification, analysis, assessment, and mitigation are effectively implemented at the operational level. In 2025, the Company conducted an assessment of employees’ risk awareness, reflecting their understanding of and participation in the risk management process. The assessment results were at a satisfactory level. The Company has utilized these findings to further enhance its communication approaches, training programs, and risk management activities to ensure their effectiveness and alignment with the organizational context. The risk awareness assessment result was 90.09%.

Risk Management Processes

Risk Management Policy