SEC Urges SPRC to Provide Additional Info Regarding the Business Email Compromise

Securities and Exchange Commission (SEC) has informed the Audit Committee and auditor of Star Petroleum Refining Public Company Limited (SPRC) to provide additional information related to the business email compromise.

SPRC disclosed information via the Stock Exchange of Thailand Information System during 21-26 February 2020 regarding the business email compromise that occurred in late 2019, which resulted in the payment of invoices to an incorrect account. The loss in the email compromise significantly affected the company and the overall shareholders.

SEC is of the opinion that the supervision and management of information technology systems as well as the security of the information system is an essential issue in order to prevent the risks that may occur from cyber threats. Therefore, SEC has informed the Audit Committee and the auditor to explain the facts and related actions regarding this issue. SEC requires the actions of the Audit Committee to ensure that SPRC has measures to improve the consistency and cybersecurity that is appropriate and sufficient to protect against possible risks from cyber threats.