To respond appropriately to various risks surrounding the Group and to operate its business stably by minimizing damages, the Group strives to improve risk sensitivity. In the fiscal year ended March 2024, the Group built a more highly effective and reliable risk management system on the basis of ISO 31000 and is conducting risk reduction activities at all Group business sites globally.
The Group’s risk management activities are mitigation activities to prevent risks from occurring and aim to “Improve corporate value by minimizing damage when risks emerge.” To ensure that these goals are achieved, we are conducting activities under the following three basic policies:
While critical risks inherent to each field of business are identified by individual business divisions and critical risks inherent to each site are identified by individual sites compulsively, each corporate department identifies and evaluates serious, high priority risks which share a high degree of commonality across the Group and which are expected to have a severe impact on the Group’s business management. The identification and evaluation of each critical risk and the progress of action plans are discussed and monitored by the SCQ Promotion Office and the Strategic Management Committee. The CSuO (Chief Sustainability Officer) is responsible for the implementation of these meetings, run independently of the Audit Committee. In addition, the Board of Directors verifies and reviews the effectiveness of the process and comprehensively supervises risk management, including ESG risks.
With regard to training, we are striving to boost our quality of activities by holding internal training sessions that feature an outline of risk management and guidance on how to proceed with the activities in detail and risk sensitivity seminars by external instructors.
The Group divides risks into the following categories and implements comprehensive risk management:
Each CR is evaluated on a 5-level scale of impact/Likelihood based on quantitative/qualitative evaluation criteria standardized within the Group.
Furthermore, according to the risk level (A, B, C, D), the priority of Risk Treatment is determined.
The table below shows the main risks the management of the Group has recognized, based on this system, as having the potential to significantly impact the Group’s business results and financial situation.
Name of risk | Likelihood of occurrence | Impact |
---|---|---|
Promotion of resource circulation | High | Large |
Strengthening measures to address global environmental issues | High | Medium |
Enhancement of human capital | Medium | Large |
Activation of communication | Medium | Medium |
Strengthening information security | High | Medium |
Strengthening response to SCQ issues | High | Large |
Enhancement of sustainable supply chain management | Medium | Large |
Deepening of digital transformation (DX) | Medium | Large |
Pursuit of value creation | Medium | Large |
Geopolitical and geoeconomic risks | High | Large |
Financial risk | Medium | Large |
The following are excerpts from the “Business and other risks” section.
As the world's population and economy grow, environmental issues such as an increase in resource and energy consumption, a rise in the amount of waste, and global warming are becoming increasingly serious. Going forward, the linear economic model of mass production, mass consumption, and mass disposal may no longer be viable, and the risks associated with raw material procurement, including resource depletion, and the difficulties of waste disposal may increase.
Accordingly, there is a need to shift from a society that continues to consume limited resources to one that reduces waste generation and recycles resources for effective use. If we do not promote resource recycling in each of our businesses, it could lead to a loss of growth opportunities and a risk of exclusion from the industry.
In light of this situation, pursuant to the Medium-term Management Strategy for the period from the fiscal year ended March 2024 to the fiscal year ending March 2031, the Group aims to build a recycling system for metal resources based on our strengths and realize growth throughout the value chain by expanding the scope, regions and scale of our operations. We will promote resource recycling through our advanced recycling technologies for E-Scrap, home appliances, carbide tools, etc., which is one of our strengths, and develop and provide recyclable products to enhance resource circulation, thereby strengthening our competitiveness over the medium- to long-term.
If the Group pursues only earnings (E), disregards safety & health (S) at manufacturing sites, neglects compliance and environmental management (C), and supplies products that do not meet required quality standards (Q), it may lead to a decline in corporate value not only due to legal sanctions but also a decrease in social credibility.
To reinforce responses to SCQ issues, the Group has established the SCQ Promotion Office headed by the CEO and subcommittees consisting of the general managers of related departments, etc., to focus on the core aspects of corporate activities, such as "safety and health," "compliance," and "quality."
Concerning S, Safety & Health (safety and health first), we analyze the occurrence of occupational accidents within the Group, identify issues to be intensively addressed, and formulate specific measures. We also regularly share information on the progress of each measure and discuss solutions. In addition, we regularly hold meetings of safety managers and meetings of safety supervisors and safety instructors to exchange information on various accidents and safety and health activities within the Group, which spans a wide range of industries, thereby improving the level of safety and health. Furthermore, we position employee health management as an important management issue and have established the Health and Productivity Management Panel under the SCQ Promotion Office to implement a variety of measures for maintaining and promoting health throughout the Group.
As for C, Compliance & Environment (Compliance, Fair & Equitable Activities, Environmental Management), we consider compliance to be a broad concept that includes not only legal compliance but also corporate ethics and social norms, and we believe that we must faithfully meet the expectations of our stakeholders. With a view to strengthening the compliance system of the entire Group, we are continuing our efforts to raise the compliance awareness of every employee within the Group through various measures, including training in Japan and overseas. Further, by accurately and promptly collecting and sharing information on compliance violations that occur within the Group, we take appropriate measures against violations and reflect such information in risk management activities, education, and training to prevent recurrence. For the environment, in accordance with relevant laws and regulations, we strive to prevent air, water, and soil pollution. We conduct business activities in compliance with various environment-related laws and regulations concerning climate change, air pollution, water pollution, harmful substances, waste recycling, and soil and groundwater pollution. As environmental laws and regulations become stricter in Japan and overseas, to respond to revisions to laws and regulations and changes in environmental standards, we promote measures such as sharing information on revisions to applicable laws and regulations, providing thorough training and education, and promoting measures to avoid, reduce, and transfer risks, including strengthening facilities, throughout the Group.
Regarding Q, Quality (quality of products, services, etc. provided to "customers"), in order to thoroughly prevent the recurrence of a series of quality issues that occurred from November 2017, we continue to implement recurrence prevention measures, have established a Day for Reflecting on Quality to prevent memories of quality issues from fading into the past, and engage in "proactive quality management," thereby creating a system to prevent the production of non-conforming products.
The Group has production and sales sites, and others in 32 countries and regions overseas, and positions its overseas business as an important foundation for the growth of the Group's business.
In the event that geopolitical risks such as political instability, conflicts between nations, unilateral invasions, or political upheavals materialize in the countries and regions in which our Group operates, our business activities may be hindered.
Besides the above risks, other risks associated with global business development include changes in economic conditions in various countries and regions, unforeseen policies and regulations, and changes in our business partners' business strategies and product development.
To address these risks, the Group constantly monitors the situation and reviews business strategies and overseas investments. In addition, we respond appropriately to these changes by sharing information from local sites and cooperating with each business. Furthermore, we strive to collect information on individual country risks, such as legal regulations overseas, and share and disseminate such information within the Group. On top of this, we formulate conventional risk mitigation measures and BCPs, which are periodically reviewed.
Particularly in the Metals business, there is a risk of being affected by events beyond the control of the Group, such as intervention in resource projects by national and local governments in copper-producing countries, fluctuations in the global supply-demand balance of copper concentrates, and declining copper concentrate grades. To mitigate these risks, we promote the diversification of countries and regions where we purchase copper concentrates as well as more effective investment in superior mining projects as part of our efforts to form a sustainable raw material procurement portfolio. At the same time, we actively use recycled raw materials like E-Scrap (waste circuit boards from various electronic devices) to ensure stable supplies of raw materials.
Click here to read about our "Business and Other Risks".
We are striving to strengthen our crisis management systems to facilitate prompt, accurate responsiveness to emergency situations, including natural disasters, accidents, terrorist attacks and pandemic events. Besides operating crisis management related rules that apply to the entire Group, we have formulated business continuity plans at all our consolidated subsidiaries in Japan and overseas. These plans are regularly updated to ensure their relevancy. In the event of a large-scale earthquake or pandemic, we have incorporated the identification of essential human and material resources to ensure the rapid recovery of critical operations. This includes stockpiling provisions, outlining plans for alternative supply of crucial products, and scheduling maintenance and repairs for vital facilities. The scenario assumptions are as follows:
Through these measures, even in the event of a crisis, we strive to swiftly recover and continue our operations to minimize the impact on our customers. Furthermore, we continuously receive up-to-date crisis management information and specialized advice from consulting firms and others around the world. Our employees traveling abroad or stationed in various locations are equipped to make informed decisions in times of crisis and have access to safety assurance and medical services on-site. Additionally, we have established a framework that clearly outlines response structures, roles, responsibilities, and organized chronological response measures for various crisis situations, ensuring a robust capability to respond to crises effectively.
The Group implemented a crisis management system both in Japan and abroad in order to help quickly assess the safety of employees and the scope of damage at business sites in the event of a disaster or other crisis, and to share this throughout the Group.
This has made it possible to initiate a swift and appropriate initial response and has also allowed us to leverage the Group’s network to provide support, etc. from sites near disaster-afflicted areas.
The Group defines information security as one of the issues in management, and aims to conduct safe business by ensuring information management, including the handling of personal information.
The Group considers information security as one of its management issues, recognizes the personal information of customers and business partners to be one of the most important information assets, and strives to reduce the risk of information leakage, loss, and destruction.
In order to ensure compliance with the Group information security management policy, we have defined Group Information Security Management Regulations, Information Security Measure Standards, Confidential Information Management Regulations, and various implementation procedures that must be complied with.
Basic rules regarding the construction and operation of a management system for Group information security, for the goal of protecting the information assets owned or managed by the Group from theft, leakage, modification, or destruction, and minimizing corporate loss.
Standards defining information security countermeasures for electromagnetic information assets that the Group must follow.
Basic rules regarding the handling of personal information and basic indicators on management methods for maintaining the confidentiality of information assets in general.
In addition, “Information Security Panels” are set up to establish, adopt, operate, monitor, review, maintain and improve our information security policy, and information security managers are assigned to the Group and Group companies to operate and monitor them.
Our information security activities involve enhancing and expanding our information infrastructure with an eye towards business continuity in the event of a large-scale disaster, strengthening our technical measures for information systems, and introducing and operating management systems. Technical efforts include enhancing our protective measures for preventing damage from attacks that leverage known vulnerabilities, as well as our risk reduction measures, which include enhancing defense in depth and the early detection of damage from new threats such as targeted attacks. In order to counter the rising threat of ransomware, we have introduced a system for forcibly applying updates and patches for vulnerabilities of the Group and all Group companies, including overseas companies.
On the management end, we strive to maintain and improve our level of security by implementing the PDCA cycle of performance evaluations and employee education on a continual basis.
As a measure of the fiscal year ending March 2025, we will continue to promote the stable operation of and expand the monitored areas of the Security Operation Center (SOC), which expanded monitored targets to PCs of individuals during the fiscal year ended March 2024. In addition, we aim to establish the activities of the Computer Security Incident Response Team (CSIRT) while raising and unifying the level of security awareness through information security education and training.
Furthermore, in addition to complying with domestic personal information protection laws and the GDPR, we will comply with the personal information protection laws of relevant countries, while planning the implementation of new security measures in the OT field, where digitalization and the transition to smart factories are progressing, and a greater focus on supply chain risk management. As security threats continue to worsen, we will continue to comprehensively, efficiently, and appropriately investigate and implement a variety of technical countermeasures.
A number of initiatives on the enhancement of Group governance were included as part of our efforts to address management issues related to sustainability.
Existing governance-related initiatives (formulating and deliberating plans for governance-related matters, reporting on the progress of activities, sharing information and conducting follow-ups, etc.) have been continued, replacing the Sustainability Deliberative Council and sustainability review process.
Based on sustainability-related policies formulated by the SCQ Promotion Office and others, head office, sites and Group companies will continue to plan and implement activities.
Additionally, related departments such as the SCQ Promotion Office will continue to support these initiatives.
In this way, we are continuing our initiatives to enhance the Group’s governance as sustainability initiatives, and report the status of the initiatives’ implementation to the Board of Directors.
Aim for governance under which efficient and autonomous communication can take place between the parent company and subsidiaries, between the head office and plants, and among subsidiaries.