Risk Management | Corporate Information

Basic Views on Risk Management

The Group aims to achieve sustainable growth by identifying management risks that could significantly affect the smooth operation of business, attempting to minimize losses if they should occur, and fulfilling our social responsibilities. Officers and employees recognize the importance of risk management and will make efforts to strengthen and improve our governance system.

1.

We will comply with laws, regulations, and rules, and conduct business activities in accordance with socially accepted norms.
2.

We will place protecting the health and safety of our officers, employees, and related parties as our top priority.
3.

We will strive to protect the activities and assets of related parties, shareholders, and customers, associated with the Group.
4.

We will respond to the demands of society in a fair and appropriate manner to enhance our credibility and reputation as a company.
5.

We will promote sound and stable management and contribute to the development of society.

Risk Management System

The Risk Management Committee that oversees various risk management activities in the Group’s business operations has been established in which full-time Directors and Executive Officers appointed by the Board of Directors assume the responsibility of developing and operating the risk management system in accordance with the Basic Rules on Risk Management.

The Group’s risk management system

Risk Management Committee members (risk owners) are positioned over the heads of risk management divisions (management system for each division), while the Risk Management Committee is positioned above these members. The secretariat for the Risk Management Committee is positioned between these. The President and CEO is positioned over the Committee, while the Board of Directors is positioned above the President and CEO.

Major Business Risks

Security and information leakages

With cyber risks becoming more sophisticated and complex year by year, we recognize that the addressing of these security risks is an important management issue. Due to the nature of our business that involves outsourcing, the Group handles confidential and personal information of our client companies and its end users, which means that in the unlikely event of an information leakage incident, this could cause significant damage to our business partners, employees, and other related parties. To address the increasing sophistication of cyber risks, we have established security and privacy policies, obtained ISMS and privacy mark certifications, and built an information management system. In addition, we have established rules and standards for all officers and employees that clearly state “guidelines” on how the Company should approach its information assets and how employees should act based on the Security Policy, while we also provide education on how to handle information through regular training sessions, etc.

Talent acquisition and management

Amid concerns about labor shortages and rising labor costs, securing personnel with a high level of expertise and experience, such as those familiar with the development of new services and DX, as well as operators to carry out tasks is an important issue for corporate growth. To address these risks, we are working on measures to improve retention rates by using various recruitment methods to secure human resources and provide a comfortable working environment. In addition to complying with labor-related laws and regulations, we are making efforts to promote diversity and prevent labor troubles by prohibiting harassment and making adjustments to create a comfortable work environment. We are also focused on promptly responding to problems when they occur by maintaining a compliance system, establishing regulations to prevent harassment, implementing regular training for employees, and providing consultation services.

Regulatory compliance and internal control systems

The Group is subject to a wide variety of laws and regulations such as the Personal Information Protection Act, consumer protection laws, labor-related laws, tax laws, and the Specified Commercial Transactions Act, and violating any of these could have a serious impact on our business operations, performance, and public trust. For this reason, we strive to maintain legal compliance by having our legal division collect information to prepare for future revisions of laws and changes in judicial and administrative interpretations, and receiving expert reviews for revising internal rules. At the same time, we recognize the risk of deficiencies or delays in the internal control system having a negative impact on management. To mitigate this, we have established the “Basic Regulations for Evaluation of Internal Control regarding Financial Reporting” in accordance with the requirements for internal control over financial reporting prescribed within the Financial Instruments and Exchange Act in order to build and ensure the effectiveness of our company-wide control system and corporate governance system.

Business Continuity Plan (BCP) initiatives

The Group has established a business continuity plan (BCP) to prepare for unexpected events that could affect our business operations, financial performance, or financial stability. This could be a natural disaster such as a major earthquake, tsunami, or storm and flood, a disruption to social infrastructure such as electricity or communication networks, or a widespread outbreak of an infectious disease. We have also developed procedures to be followed in the event of an emergency based on different disaster scenarios, and strive to ensure preparedness and reduce risks by such as conducting regular training. In addition, we are working to build a system that will enable restoration as quickly as possible by spreading out our business locations across the country and establishing home-based working system.

Details of Business Risks

Details regarding the Company’s risk management are described in the “Annual Securities Report.”

Sustainability