Sanyo Chemical Group appropriately manages risks that could have a significant impact on management, avoids threats to business continuity, and prepares for unforeseen circumstances. To this end, we have established internal regulations for each anticipated risk and practice risk management through awareness-raising, education, and training.
Basic Policy
In May 2025, we formulated the following Basic Policy on Risk Management.
Basic Policy on Risk Management
The Group aims to achieve its management goals by carrying out company-wide risk management activities to comprehensively and exhaustively ascertain, and respond appropriately to, internal and external risks that could affect its management strategies.
Risk Management System
Risk Management Committee
The Risk Management Committee, which reports to the Management Council, comprehensively and exhaustively ascertains the risks facing the entire company, evaluates each risk based on its probability of occurrence and impact on the Company, selects important risks that should be addressed as a priority, and determines countermeasures. Committee members comprise those in charge of different functions and departments, and act as "guardians" to prevent risks from occurring in their respective areas of responsibility, while also overseeing initiatives to properly address risks. The Risk Management Committee also oversees the development, construction, and operation of the internal control system, receiving reports on the results of annual internal control evaluations and instructing the relevant departments on countermeasures as necessary. The committee also promotes compliance and monitors the status of internal reporting.
It reports progress on initiatives to the Board of Directors at least once a year, and reports important agenda items to the Board of Directors on each occasion after being resolved by the Management Council.
Internal Audit Office
The Internal Audit Office comprises an internal control function and an internal audit function, each of which operates independently.
Internal Control Function
The internal control function evaluates internal controls and reports to the Risk Management Committee, and, if necessary, proposes changes to the Basic Policy on the Internal Control System while providing guidance to the department in charge of building the internal control system.
Regarding internal control related to the Companies Act, the basic policy on the internal control system was resolved by the Board of Directors and publicized in 2006 in accordance with the Companies Act and the Regulations for Enforcement of the Companies Act. It is reviewed as appropriate.
Regarding internal control related to financial reports, operational processing control and overall IT control, from company-wide internal control and sales to the financial reporting process, are evaluated. The results are compiled as the internal control report and are reported to the Risk Management Committee. The internal control audit report prepared by the accounting auditor is attached and submitted to the Kanto Finance Bureau.
Regarding internal control related to risks other than financial reports, a set of documents, including procedures for risk reduction measures against expected risks and self-check sheets, are prepared and posted on the intranet so that employees can read them at any time.
Internal Audit Function
As an independent organization, the internal audit function comprehensively audits the operational status of each department within the Company, including the significant risks identified by the Risk Management Committee, and reports the results to the President and full-time Auditors. It also reports these results to the Management Council and Board of Directors as necessary.
Risk Management System Diagram
Risk-based Audit
The Internal Audit Office conducts internal audit across the organization by preparing a risk-based audit map covering business and operational risks and by setting audit themes for each fiscal year with priorities taken into account.
Business Continuity Plan (BCP)
The Group draws up and operates BCPs that prepare for response in the event of a massive earthquake or a pandemic. The BCP Secretariat takes the initiative in conducting a review every year to make the BCP further effective. We also continuously hold practical drills in each region.
Information Management
Recognizing the importance of confidential information, we have the Security Management Regulations in place to prevent information leakage, ensure proper use, and prevent unauthorized acquisition, use, and disclosure of confidential information of third parties. We ensure security by establishing the Information System Security Regulations and the Personal Computer and Network Management Regulations, introducing a firewall and other network security systems, managing licenses for the use of information systems, and limiting access to the Internet. To raise the security awareness of employees and prevent information security accidents, we offer information security education every year.
Personal Information Protection
We have laid down the Privacy Policy, which stipulates the purpose and method of use of personal information, the management thereof, and a consultation desk. Based on this policy, we have established the Personal Information Protection Management Regulations and the Specific Personal Information Handling Regulations to ensure appropriate protection of personal information, including Individual Numbers under the Individual Number system and specific personal information. In the case of any contradiction or conflict between these regulations, the Specific Personal Information Handling Regulations shall take precedence. An IT system is also in operation to ensure security.
We also comply with the Social Media Policy, which was formulated regarding the operation of official social media accounts and the use of social media by respective employees.
Overseas Crisis Management Activities
Sanyo Chemical Group has established and implemented the Basic Regulations for Overseas Crisis Management, which set forth basic points for reducing risks that may cause harm to the lives, bodies, and property of the Group employees outside Japan, and for responding to an overseas crisis if such an event should occur. The regulations specify the crisis management organizations and the chain of command that will function in the case of emergency and define the responsibilities and authority of the Overseas Crisis Management Secretariat and the response headquarters, so that appropriate responses can be made accordingly. The Overseas Crisis Management Secretariat is established within the Personnel Division to constantly gather and analyze information and issue overseas travel warnings as necessary. When the BCP is implemented, the Overseas Crisis Management organizations will work in coordination with the Business Continuity Task Force.