Sustainability ESG Management:Governance / Risk Management and Compliance
Risk Management
Basic Approach
The Group provides effective responses to risks that could impede business as an important management issue. We also secure the trust of society as we promote risk management in order to fulfill our social responsibility to our customers, business partners, shareholders, local communities, employees, and all other stakeholders.
Risk Management System
The Group has developed a risk management system in line with our Risk Management Regulations, as the occurrence of risks could impact corporate management. The Risk Management Committee (Chairperson: Mikihito Hosono, Director), consisting of inside directors including the President and CEO and full-time Audit & Supervisory Board member, formulates risk management policies, ensures that risk is reduced throughout the organization, inspects risk in each department, and implements control activities through internal audits. The Company promptly decides on policies to deal with risks identified through control activities and new risks that emerge.
The Risk Management Committee meets twice a year typically, and receives reports on the risk items identified through annual risk assessments conducted by departments and organizations. The committee then makes critical decisions on the most effective ways to manage these risks. In addition, a largescale risk assessment is conducted every three years, and a major review is conducted to prioritize risk responses and identify risks for which countermeasures should be implemented. The contents of deliberations are reported to the Board of Directors for supervision and advice.
Disaster Risk Response: BCP Initiatives
We have formulated business continuity basic regulations for the safety of our employees, etc., as well as to protect assets and to maintain and quickly resume important business operations. We have also formulated a business continuity plan (BCP) to ensure preparedness for potential damage and facilitate recovery in the event of a disaster. Additionally we are enhancing our systems to better handle such situations.
In addition to periodic disaster drills, a safety confirmation system has been introduced to quickly and efficiently gauge the safety and circumstances of employees in the event of a disaster or emergency, such as a major earthquake. The safety information obtained through this system can be used to implement our BCP in emergency situations. To improve the effectiveness of the safety confirmation system for employees, etc., the Company is building a system to prepare for disasters, for example, by conducting periodic safety response drills. In the Production Department, the Safety and Health Committee meets monthly and is working to establish a system that will prevent secondary disasters and enable early restoration of operations. The Committee identifies hazardous operations and dangerous areas in production activities and discusses measures to mitigate or avoid damage in the event of a disaster.
Information Security
Basic Approach
While advances in information processing and network technology are progressing quickly, the ease of managing information, both internally and externally, also brings increasing risks. These risks include information leaks, falsifications, and destruction caused by increasingly sophisticated cyberattacks.
Given this digital environment, we consider it an important management issue in fulfilling our social responsibility to accurately identify and address risks related to information management and to effectively manage the security of the Group’s information assets (information and the systems, equipment, media, and facilities that handle this information). Accordingly, the Company has established information security management regulations, and we are developing and operating an information security management system.
Information Security Management System
The Group has developed a system to ensure that the Information Security Committee (Chief Information Security Officer: Mikihito Hosono, Director), which consists of internal directors including the President and CEO as well as the full-time Audit & Supervisory Board member, oversees the entire organization and effectively manages information security.
The Chief Information Security Officer has established the Basic Policy on Information Security, for establishing information security management, and we thoroughly educate and inform directors, employees, and others about the need for continuous improvement and the importance of meeting legal and regulatory requirements.
Compliance
Basic Approach
Recognizing the importance of compliance, the Group has established and is operating a code of conduct and compliance management regulations as the standards of conduct for directors and employees, etc., to ensure compliance with laws, regulations, the articles of incorporation, social norms, and other requirements, and to fulfill our social responsibilities.
Compliance Promotion System
The Compliance Committee (Chairperson: Mikihito Hosono, Director), which consists of internal directors including the President and CEO as well as the full-time Audit & Supervisory Board member, oversees the entire organization to thoroughly educate and inform directors and employees of the code of conduct and other internal regulations. The Company has also established and is currently operating an internal reporting desk. The Internal Audit Department audits effectiveness of the compliance system.
Antibribery and Anticorruption Initiatives
The Group’s Compliance Handbook clearly states the proprohibition of bribery and other forms of corruption. In addition, based on our compliance management regulations, self-inspections are conducted twice a year at all departments, and ongoing education is provided through new employee training, job grade-based training, and during other opportunities.
In the self-inspections conducted in FY2024, based on compliance management regulations, no violations were reported, and the same was true for the audits conducted by the Internal Audit Department.
Internal Reporting System
The Group has established a hotline, also known as a whistleblowing system, to serve as a contact point for reporting potentially illegal or inappropriate actions. The purpose of this hotline is to detect and address these actions at an early stage. We have an internal reporting desk and an external reporting desk.
Anonymous reporting is also an option, and the Company diligently follows regulations regarding compliance, which include maintaining confidentiality and prohibiting the mistreatment of whistleblowers. Any conduct in violation of laws and regulations is subject to disciplinary action as outlined in our internal rules.
In FY2024, we received a total of six reports: five were submitted to the internal reporting desk and one was submitted to the external reporting desk. Both reports were handled in cooperation with the related departments fairly and faithfully.
