Logo header1

Risk Management

Risk Management Activities

Basic Perspective

The Group conducts risk management activities aimed at controlling factors that could exert a negative impact on our business performance and providing steady support for sound business operations throughout the Mitsubishi Materials Group. To assure achievement of these goals, we are conducting activities under the following three basic policies:

Basic Risk Management Policies and Objectives

  • 1. Responding to high priority risks:Prioritizing risks and implementing measures accordingly
  • 2. Identifying unrecognized risks:Using risk management records to establish a comprehensive overview of all risks
  • 3. Sharing risk information:Disclosing the details of Group risks to all concerned parties

Implementation Structure

While critical risks inherent to each field of business are identified by individual business divisions, the Group identifies serious, high priority risks at a management level which share a high degree of commonality and priority across the Group, and are thought to have a severe impact on the business management of the Group.
The matters and plan for addressing critical risks given priority across the whole Group, and critical risks tackled by each business division, are discussed at length by the Company’s Sustainable Management Office, Executive Officers’ Meeting and Board of Directors, and set on an annual basis. Each business site formulates activity implementation plans in accordance with this, which then undergo review by the Governance Deliberative Council, before being applied as part of measures to reduce risk.
A structure is in place by which the content of these activities is shared with members of management and corporate divisions, and the progress of which is monitored on a regular basis by the Sustainable Management Office, Executive Officers’ Meeting, the Board of Directors, internal audits and the Committee for Monitoring of Measures to Enhance Governance, which is comprised of External Directors. Additionally, information on risks identified as part of risk management activities is provided as materials for internal audits, and a system is in place to have risks indicated through audits, etc. added as needed as subjects for risk management, making for a strict PDCA management system on the whole.
With regard to training, we are striving to boost our sensitivity to risk and enhance and raise the bar concerning our risk control capabilities by implementing training sessions featuring both internal and external consultants that are held both in Japan and abroad.

PAGE TOP

New Risk Management System

Points of Improvement

As part of Group Governance Framework Enhancement Measures in fiscal 2019, we reviewed conventional risk management mechanisms in order to further improve risk management effectiveness, building a new, enhanced risk management system that is being rolled out across the Group both in Japan and abroad in fiscal 2020 onwards. From fiscal 2021, we are improving the convenience of functions for visualizing risk information and making improvements for smoother communication between the parent and subsidiaries.

Main areas of improvement in the new risk management system

  1.  Identifies critical risks without fail, and facilitates the implementation of focused measures
  2.  Visualizes the state of risks Group-wide, and enhances risk portfolio management and monitoring
  3.  Clarifies the roles and responsibilities of core management, corporate divisions and companies and other business divisions by business site
  4.  Enhances dialog and discussion on critical risks between the parent company and subsidiaries, and provides an appropriate support for business sites

Activating of Parent-subsidiary Discussion and Support Regarding Risk Countermeasures

Critical risks are classified into four categories according to the attributes of each, with roles and responsibilities set concerning the means of involvement at each level (management level, corporate division, company and other business division, business site).
In an effort to ensure that all critical risks are addressed without fail, a system has been established that allows for business sites to receive a sufficient support - following consultations with the parent company and overseeing business division, and corporate divisions specializing in the area of risk at hand - if the application of measures addressing risks proves particularly difficult for an individual business site alone.

Roles and responsibilities according to level for each critical risk

Roles and responsibilities according to level for each critical risk

Enhancements to Risk Portfolio Management and Monitoring

Monitoring risk information is made easy by taking steps to visualize risk conditions and the progress status of risk reduction efforts. We are working to promptly and accurately determine where to prioritize deploying management resources to address risks, and the level to which risks can be reduced, etc., by mapping out the risks possessed by the business operations of the Group.
Further, monitoring the progress status of risk reduction efforts in an integrated manner has made it easier to identify delays, and facilitates prompt and appropriate response to risks.
From fiscal 2021, we have upgraded this tool to make it easier to use and have enabled information on critical risks to be shared throughout the entire Group. This will enable us to improve the level of management and make it easier to horizontally deploy good practices of risk countermeasures across the Group.

Visualization of risk information

Visualization of risk information

PAGE TOP

Crisis Management Activities

Basic Perspective

We are striving to strengthen our crisis management systems to facilitate prompt, accurate responsiveness to emergency situations, including natural disasters, accidents, terrorist attacks and pandemic events. Besides operating crisis management related rules that apply to the entire Group, we formulate business continuity plans at all our consolidated subsidiaries in Japan and overseas, with the aim of minimizing the impact on customers of any crisis that might occur through swift restoration and continuation of operations.
We also receive the latest global information on crisis management and expert advice from an external consulting company, and have established a system that enables employees dispatched overseas and stationed regionally to receive advice on action to take in the event of an emergency, as well as direct safety assurance services and medical services. Other efforts include the deployment of a safety guidebook that considers the risks faced by each country and region, and the implementation of security checks in countries and regions deemed particularly high risk.
From fiscal 2021, our Crisis Management Activities will now include serious operational risks such as quality scandals, business legal violations, information leaks, cyber attacks, and breaches of trust, in addition to natural disasters, accidents, acts of terrorism, and pandemics, etc., which were already covered by the activities. To ensure that the system can respond to a wide range of crisis situations, it defines how to respond to each type of crisis situation, clarifies roles and responsibilities, and provides a framework that organizes the items to handle on a timeline.

Implementation of a Crisis Management System

The Group implemented a crisis management system in January 2019 both in Japan and abroad in order to help quickly establish an understanding of the safety of employees and the scope of damages at business sites, and to share this across the Group, should a disaster or another state of emergency occur.
This has made it possible to initiate a prompt and adequate initial response, and has also allowed us to leverage the Group network to provide support, etc. from sites nearby disasterafflicted areas.

Crisis management system

Crisis management system

PAGE TOP

Information Security

We regard information security as one of our top priorities in terms of CSR management, and consider personal information in particular to be one of our most important information assets. That is why we make every effort to minimize the risk of information being leaked, lost or damaged.
The focus of our information security activities is on improving information infrastructure, taking into account business continuity in the event of a large-scale disaster, and on reinforcing technical measures and implementing new management systems, with support from the Information Security Panel, a subdivision of our Sustainable Management Office.
In terms of technical measures, we are working to improve protective measures to avoid damage as a result of attacks targeting known vulnerabilities, while also implementing risk mitigation measures against new threats such as targeted attacks, by expanding multi-layer protection and detecting damage early on.
Infections from computer viruses such as ransomware have seen an uptick in recent years. To deal with this threat, we have promoted increased vigilance at Mitsubishi Materials and all group companies, and introduced a system to forcibly apply software patches and updates to address vulnerabilities, even at overseas group companies.
On the management side, we are making every effort to maintain and enhance security levels through repeated implementation of the PDCA cycle in areas such as performance evaluations and employee education.
Moving forward, we will continue to examine and implement a range of technical measures against rapidly advancing security threats at the appropriate level and in a comprehensive and efficient fashion.

MMC