Form 56-1 One Report 2021
                                                                           Bangkok Commercial Asset Management Public Co., Ltd.  195












                  5.  Monitored and ensured that there was the coordination between risk management unit and IT unit, together
            with the employment of an external consultant to lay down the IT risk management guidelines that suit the nature
            of business, establish the IT risk management policy and guidelines in line with the best practice and determine the
            key risk indicators, with the IT risk status to be reported to the Risk Oversight Committee on a monthly basis.

                  6.  Provided advice on managing cyber threats to the Company to align with the direction of its business
            operation that focuses on digital financial services, by coordinating with the Information Technology Strategy
            Department in making preparations to prevent cyber attacks such as phishing, ransomware, etc.


                  7.  Followed up on the Company’s preparedness in various aspects in conformity with the Personal Data
            Protection Act B.E. 2562 by determining risk indicators for monitoring such preparedness to comply with the Act so
            as to ensure that the Company and its employees will be able to perform the works completely and correctly as
            required by laws.

                  The Risk Oversight Committee has performed duties, as specified in the Risk Oversight Committee Charter,
            prudently and carefully and has used the knowledge and experience of all members of the Committee with full
            capability by paying regard to the utmost benefit of the Company.









                                                                    (Mr. Songpol Chevapanyaroj)
                                                              Chairman of the Risk Oversight Committee