OVERVIEW
About Teejay Lanka
25 Years of Knitting Dreams into Reality
About the Report
Our Approach to Sustainable Fabrics
Performance Highlights
LEADERSHIP
Board of Directors
Leadership team
Executive Committee
Cross Functional Team (CFT)
Entity Leadership Team –
Lanka Entities
India Entity
STRATEGIC REVIEW
Chairman's Statement
CEO’s Review
Operating Environment
Location Strategy
Financial Capital
Our Transformative Strategy
OPERATIONAL REVIEW
Sustainable Manufacturing
Supply Chain
Manufacturing Excellence
Our People
Community Responsibility
Environment Stewardship
Innovation in Fabric
Customer Centricity at Our Core
Innovation
Digital Transformation
GOVERNANCE REVIEW
Corporate Governance
Risk Management Report
Audit Committee Report
Remuneration Committee Report
Related Party Transactions Review Committee Report
Nominations and Governance Committee Report
Report of the Board of Directors
Statement of Directors Responsibility for Financial Reporting
FINANCIAL REPORTS
Financial Calendar
Independent Auditor’s Report
Statement of Profit or Loss
Statement of Comprehensive Income
Statement of Financial Position
Statement of Changes in Equity – Group
Statement of Changes in Equity – Company
Statement of Cash Flows
Notes to the Financial Statements
SUPPLEMENTARY INFORMATION
Assurance Statement on Integrated Reporting
Assurance Statement on Sustainability Reporting
Ten Year Financial Summary – Group
Shareholder Information
GRI Content Index
Glossary of Financial Terms
Notice of Meeting
Corporate Information

Global Presence, Knitted Locally

In our “Octopus Strategy”, each arm represents a critical capability – manufacturing excellence, sustainability, compliance and traceability, customer-centricity, digital transformation, ESG, and talent – all working in harmony towards a unified vision. The central “head” signifies our strategic leadership, culture, and purpose, guiding decentralised excellence with centralised intelligence. Inspired by the promise of a new tomorrow, we move forward, leading with innovation, teamwork, integrity, and collaboration.

Read more
download center

Download Center

my report 0

My Report

accessibility

Accessibility Panel

Annual Report 2024/25

next arrow

My Report

At the moment, there are no entries available for display

Download as PDF
coral image coral image
previous page Previous Page
next page Next Page

Governance review

Risk Management Report

search icon
download pdf icon Download PDF
Back to GRI Index

The Teejay Group employs an Enterprise Risk Management (ERM) framework which contributes to our strategic and operational resilience as we pursue emerging opportunities.

A Strong Culture of Risk Management

Teejay is dedicated to cultivating a strong risk culture that prioritises integrity and ethical conduct. A collaborative effort by our employees and external partners is essential for effective risk management across our Group and the supply chain within which we operate. Resolute leadership support strengthens the resilience of our teams, promoting informed decision-making throughout the Company, and safeguarding the long-term interests of both Teejay and our stakeholders.

To ensure new employees adapt quickly to Teejay's risk culture, we maintain continuous risk awareness initiatives. Furthermore, we embed risk management into our business processes through several key mechanisms: monthly Positive Assurance Framework (PAF) from each department, where the Head of Department confirms the proper functioning and adherence to internal controls designed to mitigate process risks; risk assessments for all new capital investment projects; a robust internal audit function; the ongoing modification of Standard Operating Procedures (SOPs) for each business process; and Key Performance Indicators (KPIs) built around the key risks identified within the business.

Our Integrated Risk Management Framework

Teejay’s ERM framework provides the foundation for how all aspects of the Company address uncertainties and risks that have the potential to impact our business. This includes a formal process to identify, assess and mitigate potential risks, alongside methods for setting limits and determining a suitable risk appetite.

Our ERM Process

Our Process in Action

The Board of Directors at Teejay sets our risk appetite by considering our overall business strategy, changes in the operating environment, and other key factors. This involves a transparent and adaptable process that enables both the Board and Management to make informed strategic decisions while embracing calculated risks aligned with the Group’s objectives. To ensure the Board and Audit Committee have the necessary information to make sound decisions and establish an appropriate risk appetite, Teejay employs both bottom-up and top-down approaches.

The Group's risk registers have been expanded to include Sustainability Related Risks and Opportunities (SRROs) in addition to operational risks, encompassing areas such as climate change.

  1. Monthly Risk Reviews (ELT): Entity Leadership Teams identify potential events which are formally updated in the risk register.
  2. Risk Register: All identified risks are documented with potential impact and mitigation plans. The risk register is reviewed by the Group’s Cross-Functional Leadership Team (CFT) and the ExCo, enabling teams to anticipate near-term threats.
  3. Project-Based Risk Assessments: Conducted for all new and major projects, to ensure alignment with the Company’s risk tolerance, based on the nature of the project. Potential risk mitigation actions identified and implemented, considering the financial, operational, compliance and strategic aspects. Significant identified risks incorporated into the risk model.
  4. Risk Grid: Each identified risk is rated based on likelihood, detectability, and impact on financials which creates an up-to-date risk grid. Key risks in the grid are discussed during the monthly Risk and Control review meeting held with the Chairman of the Audit Committee.
  5. Annual Audit Plan Integration: Identified high-risk areas from ERM and Board discussions are included in the Annual Audit Plan. Internal Audits are then conducted to closely monitor and review the strength of internal controls mitigating these risks.
  6. Additionally, special reviews are conducted as needed to address any changes in risk exposure during the year. Identified issues are reported to the Audit Committee and are followed up until process owners implement the agreed remedial actions. Furthermore, the Chief Audit Executive regularly reports to the Audit Committee on any changes in focus areas or opportunities for improvement. To reinforce governance and assurance, a feedback reporting mechanism is also in place.
  7. Risk and Control Monthly touch-base with Audit Committee Chairman: A monthly meeting is held with the Audit Committee Chairman to review the activities and progress of the Risk and Control Division. This meeting provides an opportunity to discuss key risk exposures, control effectiveness, ongoing initiatives, and any significant issues, unjustified restrictions or limitations requiring attention or escalation.
  8. Quarterly Reporting and Audit Oversight: The Head of Risk and Control presents key insights from risk grids and internal audit reports to the Audit Committee and the Board to support informed oversight and governance. The Group’s risk review programme, including internal audits executed as per the annual audit plan, has initial findings discussed at functional unit levels.
  9. Positive Assurance Framework: Monthly through the positive assurance statements, the department heads acknowledge that the key process controls are in place and operating effectively. The Audit Committee also regularly evaluates the overall effectiveness of the risk review process and the internal control framework.
  10. During the reporting year, we set up a quarterly risk reporting system for our new global ventures – current and future risks associated with these ventures will be quantified once they are operational. Additionally, measurable sustainability risks, which can be tracked internally, have been integrated into our risk grids.

Refining Our Process

In 2024/25, our Enterprise Risk Management (ERM) Framework and processes were overhauled. A key development was the establishment of a dedicated ESG risk register including the SRROs, maintained alongside the enterprise risk register, to better focus on sustainability related exposures in line with evolving regulations and stakeholder expectations. This allows Teejay to assess reputational and compliance risks more holistically in strategic decision-making.

Furthermore, the ERM framework was effectively implemented across all subsidiaries. Each subsidiary was evaluated against consistent criteria, including alignment with Group risk appetite, the maturity of local risk practices, and the effectiveness of internal controls. This assessment revealed varying levels of ERM maturity, leading to tailored action plans for capacity building and process improvement where necessary. Teejay also introduced a quarterly risk reporting structure for new and ongoing global business ventures, enhancing visibility and accountability at a global level.

Additionally, risk awareness and culture were noticeably strengthened through targeted training and increased engagement across business units. This emphasis on risk ownership at all levels contributed to improved responsiveness and greater agility in decision-making throughout the organisation.

Key Risks Addressed in 2024/25

Supply Chain Disruptions and Logistical Volatility: We enhanced supplier diversification, reassessed logistics dependencies, updated business continuity plans (including freight mode contingencies), and leveraged our global location strategy to expand our global presence.

Macroeconomic Instability: The Risk and Control function proactively collaborated with Finance and Procurement to fortify hedging strategies, revalidate pricing models, and revise procurement terms.

New or amended trade regulations and customs procedures: Rapid compliance assessments were conducted and updated our regulatory risk monitoring tools to address changes, particularly in key sourcing and destination countries.

Data Protection, Technology and Cyber Threats: With the rise in digital transactions and remote operations, we prioritised cybersecurity by reviewing and tightening controls around data security, access protocols, and third-party digital interfaces.

We have duly considered the provisions of the Personal Data Protection Act No. 9 of 2022 and has ensured that our practices align with regulatory requirements related to data privacy and protection.

Environmental and Sustainability Pressures: In response to growing stakeholder expectations and IFRS S1 and S2 implementation, we integrated climate-related risks and broader ESG factors into our enterprise risk assessments, notably in procurement, logistics and reputational risk reviews. We are currently laying the groundwork to comply with IFRS, Scope 3, which will become a requirement in 2026.

Climate Change Risks (Physical): While our operations contribute to climate change and they are also impacted by physical risks like bad weather, floods, and droughts (potentially impacting water supply, commutes, and raw material sourcing). Our manufacturing operations were not disrupted by such events in the last year; however, Teejay is currently undertaking deeper financial analysis to understand potential future financial impacts.

Climate Change Risks (Energy Transition): Committed to decarbonisation, Teejay is investing in solar, transitioning to the increasingly renewable energy (approx. 30% renewable) and adopting energy-efficient technology (projects aiming for completion by the end of FY 2025/26). Given the absence of carbon pricing mechanisms and carbon taxes in Sri Lanka and India, the financial impact of this transition is not currently viewed as significant.

Business Continuity

The Teejay Group's ERM framework has been significantly influenced by the Sri Lankan economic crisis and the COVID-19 pandemic. These events highlighted vulnerabilities in supply chains, liquidity, and workforce resilience, leading to a strategic review of risk management processes.

The economic crisis underscored the importance of strong financial risk management, particularly in working capital and supplier credit. Consequently, the ERM framework now includes enhanced monitoring of macroeconomic factors, currency fluctuations, and country-specific risks, with greater emphasis on contingency planning and scenario modelling for economic instability.

The pandemic highlighted the need for operational continuity, digital resilience, and crisis response planning. In response, Teejay strengthened its business continuity planning, integrated health-related risks, and established remote work capabilities, digital infrastructure resilience, and workforce safety protocols within the ERM framework.

Both crises reinforced the importance of agility, proactive communication, and cross-functional collaboration, leading to faster escalation protocols, more frequent risk updates, and stronger alignment between risk management and strategic decisions within the ERM governance.

These experiences have improved Teejay's preparedness for future disruptions and fostered a more resilient, adaptable, and forward-looking risk management culture.

ERM Risks, Ratings, and Mitigation Activities

We proactively manage potential risks, categorised within a comprehensive risk universe. The following table outlines our assessment and ranking of these risks, in accordance with Teejay's ERM process, as well as our actions to address and/or mitigate them.

Main Risk Category Risk Item Potential Impact Risk Mitigation Risk Assessment
Socio-economic Risks Domestic socio-economic crisis resulting in: – Poor economic growth – Increased inflation Import restrictions due to FOREX shortage. Short supply of raw materials. Increased cost of living triggering employees to migrate overseas. Prudent management of working capital liquidity. Build strong relationships with banks. Close monitoring of developments in the macroeconomic environment. Risk Rating
2023/24 2024/25
FOREX liquidity and
depreciation risk Volatile tax policies and tax increases Interest rate risk 		Increase in tax rates. Escalation
of finance costs. Adverse impact on profitability. 		Continuous monitoring of rate fluctuations
and impact assessment. 		Risk Rating
2023/24 2024/25
Geopolitical Risks Global economic downturn resulting in declining consumer demand. Shift in traditional supply chain bases is a positive to the South Asian region. Red Sea crisis Reciprocal tariffs imposed by USA Increased costs of production due to increase in input and energy costs. Increase in new customer inquiries. Increased sourcing lead time and increase in logistic costs. Decline in orders due to reduced customer demand. Strengthen relationships with customers for increased visibility amidst market fluctuations. Closely monitor vessel route changes with shipping lines and freight agents. Increase safety stocks for critical raw materials. Expanding capacity in lower tariffs locations. Risk Rating
2023/24 2024/25
Social and Stakeholder Risks Talent attrition and retention Increase in cost of recruitment. Loss of key talent. Increased cost of training or the inability to maintain quality standards due to untrained staff. Strong emphasis on performance appraisals, rewarding and recognising key talent through performance recognition and reward schemes. The second intake of the Management Trainee Programme commenced in June 2024. Risk Rating
2023/24 2024/25
Industrial relations risk Employee distress leading to
plant closure. 		Operation of JCC (Joint Consultative Committee), which is a requirement as per BOI regulations for formal communication and maintenance of highly effective engagement with employees. Risk Rating
2023/24 2024/25
Health and Safety Risks Risk of occupational injury As a manufacturing organisation, employees and other stakeholders in direct physical contact with the plant are constantly exposed to occupational hazards and risk of injury. Comprehensive Health and Safety protocols
are in place in factories. Monthly Health and Safety steering committee meetings chaired by the CEO are held. Health and safety management system certifications are in place. 		Risk Rating
2023/24 2024/25
Environmental
Risk 		Sustainable production Legal implications due to non-compliance. Loss of key customers due to loss
of end user confidence. 		Compliance with certification and regulatory requirements. Strong commitment from the Senior management and the Board towards sustainable production. Extended the agreement with the international third-party consulting firm to align the ESG initiative with the IFRS S1 and S2 requirements. Maintaining a risk register for sustainability risks and reviewing it on a quarterly basis. Risk Rating
2023/24 2024/25
Risk of inappropriate disposal of waste Reputational risk Risk to the society in general if the waste is not used for its intended purpose. We take responsibility in disposing the waste exclusively to Waste Collectors with Environmental Protection Licence (EPL)/ Waste collector’s licence where the end use of the waste is specifically mentioned. Use of and approved waste disposal party for incinerating hazardous waste. We hold a Scheduled Waste Management License (SWML) under the generator, collector, and transporter categories, issued and monitored by the CEA. This license guarantees compliant disposal and discharge practices Risk Rating
2023/24 2024/25
Risk of discharge of untreated effluent Regulatory risk/ Penalty Reputational risk Strong monitoring mechanisms in place to manage effluent discharge.
Risk of sourcing raw Materials that are not in line with Teejay’s ESG commitments Loss of Customers Reputational damage Sourcing from accredited suppliers. Yarn sourced exclusively from suppliers who are aligned with the requirements of the Uyghur Forced Labour prevention act. A supplier review was carried out across the Group and retained suppliers who were willing to sign the supplier agreement. The Group also adopted the Zero Discharge of Hazardous Chemicals (ZDHC) Chemical Management System Framework and focusing on sourcing from Suppliers with ZDHC certification. Raw materials are checked for ZDHC MRSL Level 1 or above certification.
Risk of excessive use of water in production Non-compliance with BOI regulations. Financial penalty or business interruption Dedicated budget to replace old machinery with efficient, low energy and water consuming machinery. Water re-cycling projects in place.
Climate change Risk Transition Risk - Risk of not reducing the carbon footprint to levels committed with the Customers. Costs to transition to the proposed lower emission technology Risk of loss of customers due to
non-alignment with their carbon footprint reduction milestones. Significant investment required to adopt/deploy new practices and processes 		The cross-functional team encompassing representatives from all Divisions drives the ESG framework within Teejay. As a part of the Science Based Targets initiative (SBTi), ambition is to contribute to the worldwide effort to limit global warming to 1.5°C by 2030 and achieve net zero emissions by 2050. Use of biomass in Teejay India for steam generation. Teejay Lanka has completed the feasibility
study to invest in solar power generation. HFO and Coal usage will be phased out in 2026. 		Risk Rating
2023/24 2024/25
Physical Risks-Possible droughts and floods due to adverse weather conditions. Risk of reduced water supply for production during drought season and interruption to operations and logistics due to floods during rainy season Adverse climate conditions such as drought and increased global warming affecting the cotton crop which is the source of the main raw material. Adverse climate conditions affecting supply chain logistics. Water re-cycling projects in place. Location strategy in place to satisfy customer requirements. Risk Rating
2023/24 2024/25
Information Technology Risks Cyber security risk Risk of customer information and intellectual property leakage Agile working policies introduced
due to COVID-19 and continuing, increased the threat. Data breaches. Financial loss to the company. 		Strong cyber security policies are in place
to safeguard data. 		Risk Rating
2023/24 2024/25
IT systems failure risk As a technology-driven manufacturing plant, a system failure could result in production loss days, resulting in customer claims and increased costs. Access control and disaster recovery sites in operation to ensure continuous system availability. Risk Rating
2023/24 2024/25
Not complying with the requirements of the Personal
Data Protection Act No.09 of
2022 regulations 		Regulatory risk/ Penalty Reputational risk Data Breaches Appointed a Data Protection Officer and continuous monitoring of data collection points and ensure compliance with set guidelines. Risk Rating
2024/25
Operational Risks Fire risk Business interruption due to full
or partial factory closure. 		High alertness and preventive measures and procedures in areas where the equipment is working at high temperatures. Operation of fire alarm systems, fire hydrants, and extinguishing infrastructure in all three plants. Monthly group fire prevention steering committee review meeting chaired by the CEO. Regular maintenance of fire extinguishing equipment infrastructure according to schedule. Regular training of the fire crew, and conducting fire and evacuation drills involving all employees of Teejay Group. Risk Rating
2023/24 2024/25
Supply chain risk (RM and Utilities) Potential delays due to recent instability in geopolitics. (Red
sea, Ukraine-Russia war and
India-Pakistan war) Fuel price hikes and shortages resulted in increased overheads. Yarn price fluctuations. Increased cost of raw materials
due to FOREX volatility. High shipping charges. 		Close monitoring of the material planning process. Partnering with alternate suppliers from strategic locations and collaborating with existing suppliers for dedicated supply channels. Risk Rating
2023/24 2024/25
Inventory Risk Inconsistent demand led to unrealised projected inventory usage, resulting in the accumulation of obsolete stocks. Effective material planning. Risk Rating
2023/24 2024/25
Fraud Risk Financial loss to the Company. Potential increase in fraud risk due to pressure from the economic crisis. In operating within a BOI zone, physical
access is highly restricted. Close monitoring of logistics operations reduces the opportunity for inventory-related fraud. Continuous engagement in process improvements by strengthening
internal controls. Strong whistle-blower policy in place. 		Risk Rating
2023/24 2024/25
Regulatory Risks Local regulatory non-compliance Breach of Brand compliance commitments Risk of non-renewal of trade licences Legal implications. Loss of strategic customers. Business interruption and plant closure. Dedicated compliance teams ensure all regulatory requirements are met. Conducting periodic internal and external
audits to confirm the same. Monthly group compliance meeting chaired
by the CEO. 		Risk Rating
2023/24 2024/25
Reputational and Brand Image Risks Quality failure Timely delivery failure Loss of customers and investors
due to loss of goodwill. Customer claims. Legal implications. 		Strict compliance with statutory, regulatory,
and external certification requirements. Customer care service division to monitor customer complaints. Quality control processes. Supplier due diligence and procurement committee. 		Risk Rating
2023/24 2024/25
Close