| Type of Risk |
Risk Event |
Risk Mitigation Strategy |
| Compliance risk |
Data Governance - The Group is obligated to guarantee full compliance with data governance and its corresponding regulations. |
In 2018, the Group formed a data governance task force with the purpose of evaluating current policies and ensuring alignment with legal requirements, regulations, and industry best practices. |
| Strategic risk |
Competition - Intense competition from expansion of competitor’s network and price erosion stemming from price wars. |
The Group strategically expands its network into new and undeveloped markets to take advantage of "first entrant" benefits, which may include reduced airport fees. Additionally, the Group employs revenue modeling to optimize pricing on specific routes and enhance overall profitability. |
| Strategic risk |
Political and Environment Uncertainty – Political instability, market downturn, natural disasters, health epidemics or other events outside of the Group’s control in countries that the Group operates that could affect demand for flights oroperations to destinations |
Mitigates through environment scanning and information dissemination which include monthly profit reviews and response e.g. launching of low-fae promotions in periods pf low demand, fleet reallocation, and capacity management |
| Operational risk |
Supply Chain - Breakdowns in airport services, including fuelling systems, luggage handling, and customs, immigration, and quarantine procedures, have the potential to cause substantial delays and disrupt business operations. |
The Group has developed specialized business continuity plans tailored to address specific incidents at its primary hubs, and it maintains close partnerships and collaboration with airport operators and authorities. |
|
In the past year, there has been a notable increase in the occurrence of system outages in the commercial aviation industry, affecting critical systems necessary for flight operations and revenue generation. These outages have led to substantial financial losses for the impacted airlines. |
The Group has established, put into action, and assessed dedicated backup and failover systems to minimize the repercussions of system outages. In addition, the Group has created an IT Emergency Response Plan and a corresponding Group Operational Response Plan to guarantee the uninterrupted operation of the business during critical system outages. |
| Financial risk |
A substantial increase in fuel prices could significantly affect the Group's profitability, given that fuel constitutes a fundamental cost component in its operations. |
The Group mitigates the risk associated with potential fluctuations in jet fuel prices by employing hedging strategies. |
| Safety Risk |
The Group's exposure to operational safety hazards and risks could potentially rise as it expands its routes, flight operations, and passenger numbers. |
The Safety Review Board (“SRB”) oversees the Group's safety performance, not only to ensure all safety targets are met but the highest safety and quality standards are upheld throughout the Group. New safety risk management initiatives such as centralised use of operational safety data, expansion of safety performance indicators and improving procedures in relation to dangerous goods handling ensure that our operational risks are always kept to an acceptable level.In addition to routine audits conducted by respective Air Operating Company’s (“AOC”) Civil Aviation Authority, who issues operating licenses to airlines, five of AirAsia Group's airline (Malaysia AirAsia, Indonesia AirAsia, Philippines AirAsia, AirAsia X and Thai AirAsia X) are also certified with IATA Operational Safety Audit (IOSA), which is an internationally recognized and accepted evaluation system designed to assess the operational management and control systemsof airlines. |
| Sustainability Risk |
Environmental Risk – The Group is subject to environmental regulations and other environment-related schemes such as the Carbon Offsetting and Reduction Scheme for International Aviation (CORSIA). |
The Group has established a dedicated Environmental Affairs team within the Group Sustainability team to steer the Group towards proactive participation in global sustainability matters and ensure compliance to environmental regulatoryrequirements. |
| Cyber Security risk |
The Group faces cyber threats because of its extensive reliance on online sales channels, customer feedback, support channels, and other digital solutions. |
Within the Group's ICT department, there is a specialized security team with a primary focus on identifying, managing, and resolving cyber threats. Additionally, the Group has obtained ISO/IEC 27001 certification for its Information Security Management System, which is integrated into its processes and procedures, adhering to this international standard.The team and technology partners conduct frequent security evaluations, penetration tests, and source code reviews of our systems to maintain their robustness against cyber threats. They utilize a variety of tools and technologies to counter emerging threats and consistently assess and integrate new technology to address the dynamic nature of cyber threats. |
